Wisewise3

Re Falkra, voici le rapport demandé. Bien à toi, WiseWise3 Malwarebytes' Anti-Malware 1.31 Version de la base de données: 1496 Windows 5.1.2600 Service Pack 3 2008-12-13 13:54:16 mbam-log-2008-12-13 (13-54-16).txt Type de recherche: Examen rapide Eléments examinés: 56923 Temps écoulé: 5 minute(s), 53 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Bonjour, voici le rapport lop S&D. Par contre msnfix s'install? ou ce n'est qu'un exécutable. Je ne comprends pas quand vous dites "efface msnfix" MErci et bien à vous, WiseWise3 --------------------\\ Lop S&D 4.2.4-9c XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP 3000+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : Me Beauraind ( Administrator ) BOOT : Normal boot Antivirus : Norton 360 2007 (Not Activated) Firewall : Norton 360 2007 (Not Activated) C:\ (Local Disk) - NTFS - Total:142 Go (Free:123 Go) D:\ (CD or DVD) E:\ (CD or DVD) F:\ (CD or DVD) I:\ (USB) J:\ (USB) "C:\Lop SD" ( MAJ : 01-11-2008|16:30 ) Option : [2] ( 2008-12-11|22:54 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\MEBEAU~1\Cookies\me_beauraind@advertising[1].txt Supprime! - C:\DOCUME~1\MEBEAU~1\Cookies\me_beauraind@bigpoint[1].txt Supprime! - C:\DOCUME~1\MEBEAU~1\Cookies\me_beauraind@fr.seafight.bigpoint[2].txt Supprime! - C:\DOCUME~1\MEBEAU~1\Cookies\me_beauraind@fr.thepimps.bigpoint[2].txt \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [2008-07-25|20:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe [2004-06-22|23:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [2008-07-25|20:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia [2008-07-25|20:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [2008-07-25|20:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real [2008-10-07|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} [2008-07-19|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Absolutist [2004-06-22|23:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [2008-09-05|17:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AlawarGameBox [2008-09-23|08:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AlawarWrapper [2007-10-27|12:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Aliasworlds [2008-05-23|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Astar Games [2008-04-13|09:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Awem [2008-06-25|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFish [2008-06-09|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache [2005-05-03|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [2008-05-30|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\cerasus.media [2006-03-05|15:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Chasing Dogs Studios [2007-11-30|18:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Christmasville [2007-10-26|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Dekovir [2008-03-13|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DivoGames [2008-05-31|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Enkord [2008-03-15|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EscapeTheMuseum [2008-03-09|12:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Farm Frenzy [2008-05-23|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fashion Solitaire 1.2 [2008-08-22|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flood Light Games [2007-06-15|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames [2007-06-26|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Forge of Games [2008-03-06|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Friends Games [2008-01-09|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo [2005-09-24|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameBlend [2008-09-27|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse [2008-02-07|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Go Go Gourmet [2008-03-25|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii [2006-09-13|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [2008-01-31|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grey Alien Games [2008-05-05|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft [2006-10-09|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin [2008-02-09|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear [2008-07-25|16:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogMeIn [2004-11-11|12:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [2008-12-04|23:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [2008-08-19|21:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [2005-04-07|14:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [2008-01-14|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo [2008-03-01|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\My Games [2008-02-25|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MythPeople [2008-02-19|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania [2007-11-24|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NeptunesAdve [2008-08-02|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [2008-06-20|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games [2008-09-30|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [2008-05-04|16:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayPond [2008-02-04|12:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QB9 S.R.L [2004-06-22|23:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [2008-06-22|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games [2004-06-22|23:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [2008-03-20|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScreenSeven [2008-03-29|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games [2008-12-04|23:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [2008-05-06|16:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SugarGames [2008-11-28|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [2008-10-01|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [2007-09-28|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TERMINAL Studio [2005-02-13|13:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [2008-03-25|16:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ValuSoft [2008-06-20|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VirtualFarm [2006-09-26|07:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [2008-08-19|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [2007-03-04|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [2004-06-22|23:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [2004-06-22|23:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [2004-06-22|23:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real [2004-06-22|23:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [2004-06-22|23:38] C:\DOCUME~1\LOGMEI~1\APPLIC~1\Identities [2004-06-22|23:38] C:\DOCUME~1\LOGMEI~1\APPLIC~1\Microsoft [2004-06-22|23:38] C:\DOCUME~1\LOGMEI~1\APPLIC~1\Real [2006-02-25|16:16] C:\DOCUME~1\MEBEAU~1\APPLIC~1\7Wonders [2007-11-15|12:20] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Abra Academy2 [2006-09-29|20:07] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Absolutist.com [2007-12-13|07:59] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Adobe [2004-06-22|21:02] C:\DOCUME~1\MEBEAU~1\APPLIC~1\AdobeUM [2008-06-12|15:18] C:\DOCUME~1\MEBEAU~1\APPLIC~1\alawar [2007-07-27|16:18] C:\DOCUME~1\MEBEAU~1\APPLIC~1\AlawarGameBox [2008-03-17|16:40] C:\DOCUME~1\MEBEAU~1\APPLIC~1\AlwaysNeat [2006-05-14|15:28] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Balloon Express [2008-09-03|12:31] C:\DOCUME~1\MEBEAU~1\APPLIC~1\BeachPartyCraze [2007-01-22|17:13] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Beep Industries [2008-01-28|16:01] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Big Fish Games [2008-06-25|16:08] C:\DOCUME~1\MEBEAU~1\APPLIC~1\BigFish [2006-03-11|16:55] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Blippy Games [2008-02-16|16:05] C:\DOCUME~1\MEBEAU~1\APPLIC~1\BloodTies [2007-02-01|12:37] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Boomzap [2007-01-28|13:25] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Canvas Multi-Media [2008-06-12|10:53] C:\DOCUME~1\MEBEAU~1\APPLIC~1\cerasus.media [2006-03-05|15:10] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Chasing Dogs Studios [2004-06-23|09:34] C:\DOCUME~1\MEBEAU~1\APPLIC~1\CyberLink [2008-08-03|09:16] C:\DOCUME~1\MEBEAU~1\APPLIC~1\DAEMON Tools [2006-05-21|18:16] C:\DOCUME~1\MEBEAU~1\APPLIC~1\EA [2008-05-10|15:05] C:\DOCUME~1\MEBEAU~1\APPLIC~1\EleFun Games [2008-08-22|16:45] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Flood Light Games [2007-06-15|18:50] C:\DOCUME~1\MEBEAU~1\APPLIC~1\FloodLightGames [2007-10-20|13:55] C:\DOCUME~1\MEBEAU~1\APPLIC~1\ForgottenRiddles [2008-07-20|15:08] C:\DOCUME~1\MEBEAU~1\APPLIC~1\ForgottenRiddles2 [2008-07-20|16:36] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Friday's games [2006-05-12|07:03] C:\DOCUME~1\MEBEAU~1\APPLIC~1\funkitron [2008-02-17|16:24] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Fuzzy Games [2008-07-06|14:46] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Gaijin Ent [2005-09-24|16:41] C:\DOCUME~1\MEBEAU~1\APPLIC~1\GameBlend [2006-07-16|16:20] C:\DOCUME~1\MEBEAU~1\APPLIC~1\GameHouse [2008-08-31|12:12] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Gamelab [2008-05-26|14:30] C:\DOCUME~1\MEBEAU~1\APPLIC~1\GamesCafe [2006-09-26|15:22] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Google [2004-06-22|20:46] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Help [2008-09-07|15:54] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Home Sweet Home 2 [2008-10-17|15:29] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Identities [2008-09-06|10:36] C:\DOCUME~1\MEBEAU~1\APPLIC~1\ITTNord [2008-05-19|10:57] C:\DOCUME~1\MEBEAU~1\APPLIC~1\iWin [2008-03-02|17:00] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Jane s Hotel [2008-05-08|16:44] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Jane s Hotel Family Hero [2007-10-14|17:38] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Land Of Runes [2004-06-23|09:39] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Leadertech [2005-06-08|08:47] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Macromedia [2007-09-02|16:02] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Magic Academy [2005-12-07|17:32] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Magic Match [2008-12-04|23:58] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Malwarebytes [2008-07-04|16:47] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Meridian93 [2007-09-16|08:43] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Microsoft [2005-04-20|14:14] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Mind Control Software [2008-08-18|21:57] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Mozilla [2008-12-08|17:50] C:\DOCUME~1\MEBEAU~1\APPLIC~1\MSN6 [2007-08-09|16:21] C:\DOCUME~1\MEBEAU~1\APPLIC~1\My Games [2008-05-14|16:11] C:\DOCUME~1\MEBEAU~1\APPLIC~1\MysteryStudio [2008-02-25|12:22] C:\DOCUME~1\MEBEAU~1\APPLIC~1\MythicPearls [2008-07-30|08:59] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Nero [2005-01-25|16:37] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Nology [2008-02-02|11:42] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Oberon Games [2008-09-23|08:40] C:\DOCUME~1\MEBEAU~1\APPLIC~1\PetShowCraze [2008-03-15|16:11] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Pirateville [2006-06-24|11:07] C:\DOCUME~1\MEBEAU~1\APPLIC~1\pixelStorm [2008-09-30|16:32] C:\DOCUME~1\MEBEAU~1\APPLIC~1\PlayFirst [2005-07-29|14:44] C:\DOCUME~1\MEBEAU~1\APPLIC~1\PTV Game [2005-07-30|10:49] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Real [2008-05-09|06:50] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Restorer [2004-06-23|09:39] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Sonic [2008-02-25|12:55] C:\DOCUME~1\MEBEAU~1\APPLIC~1\SprillBermudeEng [2008-07-16|14:53] C:\DOCUME~1\MEBEAU~1\APPLIC~1\SulusGames [2008-06-15|09:46] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Symantec [2008-04-06|13:00] C:\DOCUME~1\MEBEAU~1\APPLIC~1\TheScruffs [2008-08-03|09:44] C:\DOCUME~1\MEBEAU~1\APPLIC~1\ubi.com [2008-03-25|16:31] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Valusoft [2007-09-02|12:28] C:\DOCUME~1\MEBEAU~1\APPLIC~1\VeniceMysteryData [2008-06-09|14:07] C:\DOCUME~1\MEBEAU~1\APPLIC~1\ViquaSoft [2005-10-23|08:15] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Wildfire [2008-07-30|08:42] C:\DOCUME~1\MEBEAU~1\APPLIC~1\WinRAR [2008-03-21|12:10] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Yatec Games [2008-10-17|15:29] C:\DOCUME~1\MEBEAU~1\APPLIC~1\Zylom [2005-03-01|11:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia [2005-03-01|10:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [2005-06-03|14:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [2008-12-11 17:16][--ah-----] C:\WINDOWS\tasks\SA.DAT [2002-08-30 12:00][-rah-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [2008-01-24|12:41] C:\Program Files\2004 Mahjongg Lite 3r [2005-02-24|17:53] C:\Program Files\3D Magic Mahjongg [2004-06-22|23:39] C:\Program Files\Adobe [2008-01-23|16:26] C:\Program Files\Adventure Inlay [2008-09-23|08:50] C:\Program Files\Alawar [2005-11-16|17:47] C:\Program Files\Ancient TriJong [2006-11-27|16:32] C:\Program Files\Aveyond [2006-01-26|10:24] C:\Program Files\BFG [2008-06-09|12:32] C:\Program Files\bfgclient [2005-03-17|18:18] C:\Program Files\Big Fish Games [2008-12-11|09:17] C:\Program Files\Big Kahuna Reef [2008-03-03|16:45] C:\Program Files\BigFishGames [2006-07-14|16:37] C:\Program Files\Boonty [2008-09-30|14:43] C:\Program Files\BoontyGames [2004-07-01|16:19] C:\Program Files\Borland [2004-06-23|14:33] C:\Program Files\Broderbund [2008-06-27|17:49] C:\Program Files\Cafe Games [2008-01-08|20:55] C:\Program Files\CCleaner [2004-06-23|07:59] C:\Program Files\Common Files [2004-06-22|23:39] C:\Program Files\ComPlus Applications [2005-03-22|17:16] C:\Program Files\Cosmic Bugs [2005-11-09|15:55] C:\Program Files\Crystal Path [2005-03-04|14:58] C:\Program Files\Cubis Gold [2004-06-22|23:39] C:\Program Files\CyberLink [2004-06-29|17:54] C:\Program Files\CycleMan [2008-08-03|09:33] C:\Program Files\DAEMON Tools Lite [2008-08-03|09:33] C:\Program Files\DAEMON Tools Toolbar [2005-02-13|15:59] C:\Program Files\Dekovir [2008-01-17|17:12] C:\Program Files\Delicious Deluxe [2006-11-30|16:58] C:\Program Files\Diner Dash 2 [2005-10-25|16:11] C:\Program Files\Electrotank [2005-03-01|17:00] C:\Program Files\Emperor's Mahjong [2008-01-22|17:19] C:\Program Files\Encore [2008-08-17|11:11] C:\Program Files\Fichiers communs [2005-06-16|15:18] C:\Program Files\GameBubbles [2008-01-25|19:09] C:\Program Files\GameHouse [2005-03-01|16:59] C:\Program Files\Gekko Mahjongg [2008-08-02|06:24] C:\Program Files\Google [2004-06-22|22:17] C:\Program Files\Hewlett-Packard [2004-06-22|22:21] C:\Program Files\ImageServer [2008-10-01|14:14] C:\Program Files\Incredijeux [2004-06-23|08:00] C:\Program Files\IncrediMail [2008-08-03|09:44] C:\Program Files\InstallShield Installation Information [2008-10-25|07:49] C:\Program Files\Internet Explorer [2008-04-13|12:44] C:\Program Files\iWin [2007-07-13|13:12] C:\Program Files\Jewel Quest [2006-07-31|14:23] C:\Program Files\kedamonoware [2005-02-13|16:00] C:\Program Files\Kyodai Mahjongg [2008-12-11|09:23] C:\Program Files\LogMeIn [2005-09-07|14:34] C:\Program Files\Magic Inlay [2008-12-06|09:19] C:\Program Files\Magic Solitaire [2005-11-09|15:54] C:\Program Files\Mah Jong Quest [2008-12-04|23:58] C:\Program Files\Malwarebytes' Anti-Malware [2008-09-30|14:43] C:\Program Files\Mes Jeux T‚l‚charg‚s [2008-08-13|06:20] C:\Program Files\Messenger [2004-06-27|10:59] C:\Program Files\Micro Application [2008-05-07|17:13] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [2004-06-22|23:39] C:\Program Files\microsoft frontpage [2004-06-22|23:40] C:\Program Files\microsoft office [2004-06-22|23:40] C:\Program Files\Microsoft Visual Studio [2008-08-02|07:57] C:\Program Files\Movie Maker [2008-08-20|22:33] C:\Program Files\Mozilla Firefox [2005-12-10|11:44] C:\Program Files\MSN [2004-06-22|23:40] C:\Program Files\MSN Gaming Zone [2008-08-02|08:18] C:\Program Files\MSN Messenger [2008-07-31|07:52] C:\Program Files\MSXML 4.0 [2008-08-18|21:10] C:\Program Files\Navilog1 [2008-08-02|10:13] C:\Program Files\Nero [2008-08-02|10:23] C:\Program Files\NeroInstall.bak [2008-08-02|07:52] C:\Program Files\NetMeeting [2008-11-06|08:16] C:\Program Files\Norton 360 [2008-02-05|16:37] C:\Program Files\Oberon Media [2008-08-02|07:52] C:\Program Files\Outlook Express [2008-06-08|16:00] C:\Program Files\PlayFirst [2005-03-10|16:53] C:\Program Files\PopCap Games [2005-02-28|16:09] C:\Program Files\Puzzle Railway [2008-02-07|16:43] C:\Program Files\Q-bert [2004-06-22|23:40] C:\Program Files\QuickTime [2005-10-27|11:32] C:\Program Files\Real [2005-02-03|15:03] C:\Program Files\ReflexiveArcade [2004-06-23|14:35] C:\Program Files\Serif [2004-06-22|23:40] C:\Program Files\Services en ligne [2007-12-05|08:36] C:\Program Files\Six-Trix [2004-06-22|23:40] C:\Program Files\Sonic [2008-12-04|23:50] C:\Program Files\Spybot - Search & Destroy [2008-06-20|07:43] C:\Program Files\Symantec [2004-06-22|21:08] C:\Program Files\Terayon [2004-06-29|13:51] C:\Program Files\TFC [2005-02-24|17:34] C:\Program Files\TryMedia [2008-08-03|09:56] C:\Program Files\ubi.com [2008-08-03|09:41] C:\Program Files\UBISOFT [2004-07-15|07:50] C:\Program Files\Uninstall Information [2004-06-22|23:40] C:\Program Files\Virtual CD v4 SDK [2004-06-23|09:55] C:\Program Files\Web Publish [2008-08-19|21:03] C:\Program Files\Windows Live Toolbar [2008-12-08|17:47] C:\Program Files\Windows Media Connect 2 [2008-12-08|17:47] C:\Program Files\Windows Media Player [2008-08-02|07:52] C:\Program Files\Windows NT [2008-06-15|08:12] C:\Program Files\Windows Sidebar [2004-08-15|07:29] C:\Program Files\WindowsUpdate [2008-07-30|08:42] C:\Program Files\WinRAR [2004-06-22|23:40] C:\Program Files\xerox [2004-09-30|08:52] C:\Program Files\Yahoo! [2008-10-17|18:25] C:\Program Files\Zylom Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [2004-06-22|21:02] C:\Program Files\Fichiers communs\Adobe [2005-05-03|15:14] C:\Program Files\Fichiers communs\BOONTY Shared [2004-06-22|23:39] C:\Program Files\Fichiers communs\Designer [2008-08-03|09:40] C:\Program Files\Fichiers communs\InstallShield [2004-06-22|22:21] C:\Program Files\Fichiers communs\Kodak [2004-11-11|12:07] C:\Program Files\Fichiers communs\Macrovision Shared [2008-06-13|15:36] C:\Program Files\Fichiers communs\Microsoft Shared [2004-06-22|23:39] C:\Program Files\Fichiers communs\MSSoap [2008-08-02|10:16] C:\Program Files\Fichiers communs\Nero [2008-05-04|11:29] C:\Program Files\Fichiers communs\Oberon Media [2004-06-22|23:39] C:\Program Files\Fichiers communs\ODBC [2008-08-03|09:44] C:\Program Files\Fichiers communs\PocketSoft [2005-10-27|11:32] C:\Program Files\Fichiers communs\Real [2006-03-31|16:06] C:\Program Files\Fichiers communs\Sandlot Shared [2005-04-09|12:39] C:\Program Files\Fichiers communs\scanner [2004-06-22|23:39] C:\Program Files\Fichiers communs\Services [2004-06-22|23:39] C:\Program Files\Fichiers communs\SpeechEngines [2004-06-22|23:39] C:\Program Files\Fichiers communs\SureThing Shared [2008-12-11|22:48] C:\Program Files\Fichiers communs\Symantec Shared [2008-08-02|07:52] C:\Program Files\Fichiers communs\System [2004-06-22|23:39] C:\Program Files\Fichiers communs\TVNavigTechnologies Shared [2008-08-19|21:43] C:\Program Files\Fichiers communs\WindowsLiveInstaller [2004-06-22|23:39] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 48 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-11 22:56:32 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 1 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\MEBEAU~1\Bureau\Drivers\Nero 8321 Fr + serial\keygen Nero-8.3.2.1.exe C:\DOCUME~1\MEBEAU~1\Bureau\Jeux\Dream Chronicles 2\crack dream chronicles 2 C:\DOCUME~1\MEBEAU~1\Bureau\Jeux\Dream Chronicles 2\crack dream chronicles 2\dream2.exe C:\DOCUME~1\MEBEAU~1\Bureau\Jeux\Dream Chronicles 2\crack dream chronicles 2\snd.nfo [F:127][D:7]-> C:\DOCUME~1\MEBEAU~1\LOCALS~1\Temp [F:351][D:0]-> C:\DOCUME~1\MEBEAU~1\Cookies [F:2817][D:18]-> C:\DOCUME~1\MEBEAU~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 2008-12-11|22:53 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 2008-12-11|22:57 - Option : [2] --------------------\\ Fin du rapport a 22:57:45

Bonjour, pouvez-vous vérifier le rapport et me dire s'il contient des traces de virus ou autres. J'ai passé Malwarebyte (rien trouvé), msnfix (infection absente), lop S&d(trouvé quelques fichiers). Merci. PS: l'utilisateur ayant acheté la licence de Norton, je ne peux le désinstaller... pour placer Antivir. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:10, on 2008-12-11 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\PROGRA~1\INCRED~1\bin\ImNotfy.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Documents and Settings\Me Beauraind\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe" O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [incrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKUS\S-1-5-21-1583244945-2734619735-2947400508-1008\..\Run: [sonic RecordNow!] (User 'LogMeInRemoteUser') O4 - HKUS\S-1-5-21-1583244945-2734619735-2947400508-1008\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Fichiers communs\Nero\Lib\NMFirstStart.exe" (User 'LogMeInRemoteUser') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\office10\OSA.EXE O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.belgacom.net O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {4F5E4276-C120-11D6-A1FD-00508B9D48EA} (dldisplay Class) - http://www.gamehouse.com/ghdlctl.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game18.zylomgames.com/activex/zylomgamesplayer.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game14.zylomgames.com/activex/zylomloader.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\WINDOWS\system32\IoctlSvc.exe (file missing) O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe -- End of file - 10053 bytes

Bonjour, pour la connexion internet lente, cela est peut-être subjectif... Ce jour lepc a l'air de surfer plus rapidement. Pouvez-vous me rassurer sur le fait qu'il n'y ai plus de traces de virus ar l'anlyse du HijackThis s'il vous plait. C'est celui de ce jour pour voir s'il ya des différence par rapport à celui d'hier. Bien à vous, WiseWise3. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:37:11, on 30/11/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Apps\Powercinema\PCMService.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\QuickTime\QTTask.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\MsiExec.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Quentin\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing) O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll (file missing) O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [WMAAD] C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [instantBurn] C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min O4 - HKCU\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Disk Cleaner] "C:\Program Files\Disk Cleaner\LaunchDiskCleaner.Exe" "C:\Program Files\Disk Cleaner\DiskCleaner.Exe" /boot O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm O16 - DPF: {33DFB28A-9792-4AFC-B594-D589365DF67D} (Bahu Photo Uploader) - http://www.bahu.com/BahuPhotoUploader.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe -- End of file - 11818 bytes

Bonjour, pouvez vous analyser s'il vous plait l'hijackThis ci dessous qui provient d'une machine qui surf avec une vitesse "très" lente. Ona même le temps de voir le décompte des éléments qui reste à télécharger... Le pc à la base avait une infection présente signalée par msnfix. J'ai exécuté msnfix, sd fix, malewarebyte, désinstallé bitdenfender, installé Antivir mais le symptome de lenteur est toujours là. Mreci pour votre aide. Bien à vous, WiseWise3 PS: j'ai effacé les rapport de msnfix... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:29:20, on 29/11/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Apps\Powercinema\PCMService.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\QuickTime\QTTask.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Quentin\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing) O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll (file missing) O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [WMAAD] C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [instantBurn] C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min O4 - HKCU\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Disk Cleaner] "C:\Program Files\Disk Cleaner\LaunchDiskCleaner.Exe" "C:\Program Files\Disk Cleaner\DiskCleaner.Exe" /boot O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm O16 - DPF: {33DFB28A-9792-4AFC-B594-D589365DF67D} (Bahu Photo Uploader) - http://www.bahu.com/BahuPhotoUploader.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe -- End of file - 11818 bytes

Bonsoir, cela fait longtmeps que je n'ai plus donné de nouvelle mais la personne avait repris son pc... Oui j'avais été voir la procédure pour KAspersky mais cela ne changeait rien au prob. Finalement il s'agissait appremment du modem du client qui perdait la synchro... Merci pour l'aide en tout cas Pear. Bien à vous, WiseWise3

Re PEar, voici le rapport demandé, j'ai laissé plus longtemps... ========== PROCESSES ========== Process explorer.exe killed successfully. ========== SERVICES/DRIVERS ========== ========== FILES ========== File/Folder c:\program files\registry helper\launchregistryhelper.exe not found. ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Registry Helper not found. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\Quentin\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\Quentin\LOCALS~1\Temp\~DF91EC.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_c0.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11192008_220630 par contre pour Kaspersky message d'erreur "Starting Java Applet Has Failed ! Please Go Online to use this program Voici le message d'erreur: Program is starting. Please wait... Update source selected: http://www.kaspersky.com Downloading file: packages/kos-bin-winnt-redist.jar Downloading file: packages/kos-bin-winnt-engine.jar Downloading file: packages/kos-bin-winnt.jar Downloading file: packages/kos-extras.jar Program has failed to start. Program has failed to start. Close the Kaspersky Online Scanner 7.0 window and open it again to install the program. [ERROR: java.security.PrivilegedActionException: java.util.zip.ZipException: invalid entry size (expected 10240 but got 7129 bytes)]

Re Pear, voici le premier rapport demandé. Mais une fois que j'ai cliqué sur le bouton rouge, après le programme ne répondait pas. Je n'arrivais pas à fermer le prog. J'ai arreté dans le gestionnaire de tache et redémarrer le pc. Devais je attendre plus longtemps? Voici le rapport. J'ai des prob pour faire aller le scan en ligne. J'ai remis le dernier java mais cela télécharge LENTEMENT... l'install de l'activ X Entering StartDeviceDiscovery. Exiting StartDeviceDiscovery and returning 1. Entering DDWorkerThreadProc Doing initial wait. Finished initial wait. Wait for plug-and-play to finish. Creating list of supported devices in main loop. Entering CreateListOfSupportedDevices. Searching C:\Program Files\HP\Digital Imaging\data\DeviceDiscovery ... Trying C:\Program Files\HP\Digital Imaging\data\DeviceDiscovery\hpodd09.ini ... Insert product class "hp psc 1000 series". Insert product class "hp psc 1100 series". Insert product class "hp psc 1200 series". Insert product class "hp psc 1300 series". Insert product class "hp psc 1310 series". Insert product class "hp psc 2100 series". Insert product class "hp psc 2150 series". Insert product class "hp psc 2170 series". Insert product class "hp psc 2200 series". Insert product class "hp psc 2300 series". Insert product class "hp psc 2400 series". Insert product class "hp psc 2500 series". Insert product class "hp officejet 4100 series". Insert product class "hp officejet 4105 series". Insert product class "hp officejet 4200 series". Insert product class "hp officejet 5500 series". Insert product class "hp officejet 6100 series". Insert product class "hp officejet 6200 series". Insert product class "hp officejet 7300 series". Insert product class "hp officejet 7400 series". Insert product class "hp psc 2350 series". Insert product class "hp photosmart 2600 series". Insert product class "hp photosmart 2700 series". Exiting CreateListOfSupportedDevices and returning 1. Entering BuildQueues. Entering CreateListFromContext. Exiting CreateListFromContext and returning 1. Found and using context id: #Hewlett-Packard#HP PSC 2350 series#1213025949 Exiting BuildQueues and returning 1. Entering AddDevices. Exiting AddDevices and returning 1. Entering ModifyDevices. Exiting ModifyDevices and returning 1. Entering RemoveDevices. Exiting RemoveDevices and returning 1. Wait for plug-and-play to finish. Entering BuildQueues. Entering CreateListFromContext. Exiting CreateListFromContext and returning 1. Found and using context id: #Hewlett-Packard#HP PSC 2350 series#1213025949 Exiting BuildQueues and returning 1. Entering AddDevices. Exiting AddDevices and returning 1. Entering ModifyDevices. Exiting ModifyDevices and returning 1. Entering RemoveDevices. Exiting RemoveDevices and returning 1. Entering StartDeviceDiscovery. Exiting StartDeviceDiscovery and returning 1. Entering DDWorkerThreadProc Doing initial wait. Finished initial wait. Wait for plug-and-play to finish. Creating list of supported devices in main loop. Entering CreateListOfSupportedDevices. Searching C:\Program Files\HP\Digital Imaging\data\DeviceDiscovery ... Trying C:\Program Files\HP\Digital Imaging\data\DeviceDiscovery\hpodd09.ini ... Insert product class "hp psc 1000 series". Insert product class "hp psc 1100 series". Insert product class "hp psc 1200 series". Insert product class "hp psc 1300 series". Insert product class "hp psc 1310 series". Insert product class "hp psc 2100 series". Insert product class "hp psc 2150 series". Insert product class "hp psc 2170 series". Insert product class "hp psc 2200 series". Insert product class "hp psc 2300 series". Insert product class "hp psc 2400 series". Insert product class "hp psc 2500 series". Insert product class "hp officejet 4100 series". Insert product class "hp officejet 4105 series". Insert product class "hp officejet 4200 series". Insert product class "hp officejet 5500 series". Insert product class "hp officejet 6100 series". Insert product class "hp officejet 6200 series". Insert product class "hp officejet 7300 series". Insert product class "hp officejet 7400 series". Insert product class "hp psc 2350 series". Insert product class "hp photosmart 2600 series". Insert product class "hp photosmart 2700 series". Exiting CreateListOfSupportedDevices and returning 1. Entering BuildQueues. Entering CreateListFromContext. Exiting CreateListFromContext and returning 1. Found and using context id: #Hewlett-Packard#HP PSC 2350 series#1213025949 Exiting BuildQueues and returning 1. Entering AddDevices. Exiting AddDevices and returning 1. Entering ModifyDevices. Exiting ModifyDevices and returning 1. Entering RemoveDevices. Exiting RemoveDevices and returning 1.

Re Pear, et voici le rapport de Malwarebyte: Malwarebytes' Anti-Malware 1.30 Version de la base de données: 1411 Windows 5.1.2600 Service Pack 3 19/11/2008 14:44:54 mbam-log-2008-11-19 (14-44-54).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 155512 Temps écoulé: 1 hour(s), 15 minute(s), 59 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 9 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\Interface\{1037b06c-84b7-4240-8d80-485810a0497d} (Adware.Mirar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{54b287f9-fd90-4457-b65e-cb91560c021d} (Adware.Mirar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{6e4c7afc-9915-4036-b7f9-8b3f1710788f} (Adware.Mirar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{566dede9-9ed8-45da-9be6-9b2eeab17f49} (Adware.Mirar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9a9c9b69-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\PCPrivacyCleaner (Rogue.PCPrivacyCleaner) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully. Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Re Pear, voici le rapport de smitfraudfix après le nettoyage fait en Mode sans echec: SmitFraudFix v2.375 Rapport fait à 12:44:32,37, mer. 19/11/2008 Executé à partir de C:\Documents and Settings\Quentin\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\Program Files\Google\googletoolbar1.dll supprimé »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: TNET1130 802.11G WLAN Adapter - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{50131537-78B1-43F1-8CD4-F599139B03D3}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{50131537-78B1-43F1-8CD4-F599139B03D3}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{50131537-78B1-43F1-8CD4-F599139B03D3}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin J'ai fait l'option 3. J'éxécute malwarebyte.

Re Pearl, j'avais cliqué sur désactiver Bitdenfender mais il était toujours présent dans gestionnaire de tache sous bdss.exe bAgent.exe. J'ai coupé et c'est OK. Voici le premier rapport demandé. Je lance le nettoyage en modem sans echec. Mais comme pc à distance maintenant j'espère avoir la main à distance en modem sans echec, je sais plus si wifi intégré ou clé usb... Le reste suivra: SmitFraudFix v2.375 Rapport fait à 12:25:56,57, mer. 19/11/2008 Executé à partir de C:\Documents and Settings\Quentin\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\QuickTime\QTTask.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\WINDOWS\system32\taskmgr.exe C:\Documents and Settings\Quentin\Bureau\SmitfraudFix\Policies.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Quentin »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Quentin\LOCALS~1\Temp »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Quentin\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Quentin\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files C:\Program Files\Google\googletoolbar1.dll PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="sockspy.dll" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: TNET1130 802.11G WLAN Adapter - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{50131537-78B1-43F1-8CD4-F599139B03D3}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{50131537-78B1-43F1-8CD4-F599139B03D3}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{50131537-78B1-43F1-8CD4-F599139B03D3}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

Bonjour Pear, tout d'abord merci pour la prise en main si rapide. quand j'ai téléchargé le smitfraudfix et que je l'exécute il me met un message tel que: fichier IEDFIX.exe absent... et rien ne lance après. WiseWise3

Bonjour, Le pc sur lequel je suis se comporte bizarrement. des déconnexions apparaissent. J'ai exécuté msnfix qui a trouvé une infection mais n'avait pas pu nettoyer. J'ai exécuté SD fix et ensuite retesté msnfix qui n'a plus retrouver d'infection. Pouvez-vous analyser le rapport hijack this pour être certain qu'il n'y a plus de trace de virus éventuel? Merci. WiseWise3 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:47:14, on 19/11/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Documents and Settings\Quentin\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll (file missing) O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [WMAAD] C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [instantBurn] C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Registry Helper] "C:\Program Files\Registry Helper\LaunchRegistryHelper.Exe" "C:\Program Files\Registry Helper\RegistryHelper.Exe" /boot O4 - HKCU\..\Run: [Disk Cleaner] "C:\Program Files\Disk Cleaner\LaunchDiskCleaner.Exe" "C:\Program Files\Disk Cleaner\DiskCleaner.Exe" /boot O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm O15 - Trusted Zone: http://*.windowsupdate.com O16 - DPF: {33DFB28A-9792-4AFC-B594-D589365DF67D} (Bahu Photo Uploader) - http://www.bahu.com/BahuPhotoUploader.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe -- End of file - 11419 bytes

Bonjour Apollo, je ne parlais pas de MON lecteur mais TON lecteur/graveur que j'avais vu pour un post te concernant En tout cas merci pour ton aide précieuse. Je regarde ton document et suivrai le process pour Malware. Bien à toi, WiseWise3. Et sans doute à une prochaine fois, pas pour mon pc, mais pour le pc d'une autre personne qui aurait des probs.

Bonjour Apollo, voici c'est fait pour la suppression des anciens points de restauration. Donc, maintenant pc nettoyé alors. Je note résolu? Que faisait exactement Befrost? geller le pc çàd le faire aller au ralenti? Merci encore pour ton aide précieuse et ta patience. Bien à toi, WiseWise3. PS: j'espère que ton lecteur dvd va refonctionner sinon, regarde toujours si un nettoyage lentille n'améliorerait pas la lecture. 2 lentilles dans un lecteur dvd, la lentille supérieure pour les cds et en dessous de celle-ci, celle pour les dvd, plus difficile d'accè. malheureusement...

Re Apollo, au redémarrage, j'ai eu une alerte de antivir: Virus or unwanted program 'TR/Dropper.Gen [trojan]' detected in file 'C:\System Volume Information\_restore{684D284B-4FA2-45A3-AD71-D99454364998}\RP1\A0001052.exe. Action performed: Deny access Bien à toi, WiseWise3 PS: le pc a l'ai rde redémarrer plus rapidement. Moins de temps mort entre mes click etouvertures de fenetres. PS2: Pourquoi désactiver la google bar? elle contient un pop bloquer et un champs recherche PS3: Dois je remettre TeaTimer?

Bonjour Apollo, Voici le rapport Javara.Log JavaRa 1.11 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Tue Nov 04 13:01:17 2008 Found and removed: C:\Program Files\Java\jre1.5.0_06 Found and removed: C:\Program Files\Java\jre1.6.0_07 Found and removed: C:\Windows\System32\jupdate-1.5.0_01-b08.log Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_06\ Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} ------------------------------------ Finished reporting. voici seulement un rapport mais de Antivir. Comme çà bloquait toujours malgré ce que tu m'as dit de faire, voici celui d'antivir. Avira AntiVir Premium Report file date: mercredi 5 novembre 2008 08:51 Scanning for 1007891 virus strains and unwanted programs. Licensed to: rr rr Serial number: 2200412940-PEPWE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: WISE-S91E18KWJC Version information: BUILD.DAT : 8.2.0.370 20011 Bytes 10/16/2008 14:41:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 7/18/2008 10:36:14 AVSCAN.DLL : 8.1.4.0 40705 Bytes 7/18/2008 10:36:14 LUKE.DLL : 8.1.4.5 164097 Bytes 7/18/2008 10:36:16 LUKERES.DLL : 8.1.4.0 12033 Bytes 7/18/2008 10:36:16 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 06:24:39 ANTIVIR1.VDF : 7.1.0.21 130560 Bytes 10/31/2008 06:24:40 ANTIVIR2.VDF : 7.1.0.22 2048 Bytes 10/31/2008 06:24:41 ANTIVIR3.VDF : 7.1.0.36 106496 Bytes 11/4/2008 18:58:36 Engineversion : 8.2.0.10 AEVDF.DLL : 8.1.0.6 102772 Bytes 10/15/2008 09:49:38 AESCRIPT.DLL : 8.1.1.9 319867 Bytes 10/16/2008 14:52:04 AESCN.DLL : 8.1.1.3 123252 Bytes 10/15/2008 09:49:38 AERDL.DLL : 8.1.1.2 438644 Bytes 9/18/2008 12:03:16 AEPACK.DLL : 8.1.2.4 369014 Bytes 10/15/2008 09:49:38 AEOFFICE.DLL : 8.1.0.29 196988 Bytes 11/1/2008 06:24:44 AEHEUR.DLL : 8.1.0.63 1479032 Bytes 11/1/2008 06:24:43 AEHELP.DLL : 8.1.1.2 115062 Bytes 10/15/2008 09:49:36 AEGEN.DLL : 8.1.0.42 319861 Bytes 11/1/2008 06:24:42 AEEMU.DLL : 8.1.0.9 393588 Bytes 10/15/2008 09:49:36 AECORE.DLL : 8.1.2.9 172407 Bytes 11/1/2008 06:24:42 AEBB.DLL : 8.1.0.3 53618 Bytes 10/15/2008 09:49:34 AVWINLL.DLL : 1.0.0.12 15105 Bytes 7/18/2008 10:36:14 AVPREF.DLL : 8.0.2.0 38657 Bytes 7/18/2008 10:36:14 AVREP.DLL : 8.0.0.2 98344 Bytes 8/1/2008 09:55:19 AVREG.DLL : 8.0.0.1 33537 Bytes 7/18/2008 10:36:14 AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 7/18/2008 10:36:14 SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/22/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 7/18/2008 10:36:17 NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2564353 Bytes 7/18/2008 10:36:08 RCTEXT.DLL : 8.0.51.0 86273 Bytes 7/18/2008 10:36:08 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition premium\sysscan.avp Logging..........................: low Primary action...................: repair Secondary action.................: delete Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: mercredi 5 novembre 2008 08:51 Starting search for hidden objects. '52196' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'usnsvc.exe' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'raid_tool.exe' - '1' Module(s) have been scanned Scan process 'hpotdd01.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'msiexec.exe' - '1' Module(s) have been scanned Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned Scan process 'avwebgrd.exe' - '1' Module(s) have been scanned Scan process 'avmailc.exe' - '1' Module(s) have been scanned Scan process 'winvnc4.exe' - '1' Module(s) have been scanned Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'MDM.EXE' - '1' Module(s) have been scanned Scan process 'LMIGuardian.exe' - '1' Module(s) have been scanned Scan process 'LogMeIn.exe' - '1' Module(s) have been scanned Scan process 'ramaint.exe' - '1' Module(s) have been scanned Scan process 'jqs.exe' - '1' Module(s) have been scanned Scan process 'FolderSizeSvc.exe' - '1' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned Scan process 'avesvc.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'rapimgr.exe' - '1' Module(s) have been scanned Scan process 'MPAPI3s.exe' - '1' Module(s) have been scanned Scan process 'wcescomm.exe' - '1' Module(s) have been scanned Scan process 'PcSync2.exe' - '1' Module(s) have been scanned Scan process 'LMIGuardian.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'CloneCDTray.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'LogMeInSystray.exe' - '1' Module(s) have been scanned Scan process 'qttask.exe' - '1' Module(s) have been scanned Scan process 'daemon.exe' - '1' Module(s) have been scanned Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 56 processes with 56 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '66' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Program Files\Imperator °FLA\Demo 2 Full.exe [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] A backup was created as '497e58b7.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '497e58b8.qua' ( QUARANTINE ) C:\Program Files\Total Video Converter\total.video.converter-patch.exe [DETECTION] Is the TR/Agent.119808.I Trojan [NOTE] A backup was created as '49855a58.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4bd26281.qua' ( QUARANTINE ) C:\System Volume Information\_restore{684D284B-4FA2-45A3-AD71-D99454364998}\RP1\A0001052.exe [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] A backup was created as '49415a36.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '49415a37.qua' ( QUARANTINE ) C:\System Volume Information\_restore{684D284B-4FA2-45A3-AD71-D99454364998}\RP1\A0001053.exe [DETECTION] Is the TR/Agent.119808.I Trojan [NOTE] A backup was created as '48c6a9a8.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b191a40.qua' ( QUARANTINE ) C:\WINDOWS\system32\drivers\atapi.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! End of the scan: mercredi 5 novembre 2008 09:41 Used time: 50:26 Minute(s) The scan has been done completely. 7826 Scanning directories 225738 Files were scanned 4 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 8 files were moved to quarantine 0 files were renamed 3 Files cannot be scanned 225731 Files not concerned 1149 Archives were scanned 3 Warnings 4 Notes 52196 Objects were scanned with rootkit scan 0 Hidden objects were found Et un HijackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:06:34, on 5/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Microsoft ActiveSync\Wcescomm.exe C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\FolderSize\FolderSizeSvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe c:\program files\avira\antivir personaledition premium\avcenter.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avscan.exe C:\wincmd\WINCMD32.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\msiexec.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\Wise\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: (no name) - {9F7FF51E-FD7C-498C-BAEF-603257FE4475} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (file missing) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-be\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (file missing) O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-be\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "F:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: Convert link target to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Download &Flash Movies - C:\Program Files\Flash2X\Flash Hunter\save.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Flash2X Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (HKCU) O9 - Extra 'Tools' menuitem: &Launch Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1DB93715-3B60-43EE-93E6-279BB3E1DF76} (OCXDownloadChecker Control) - http://81.242.249.7/cab/OCXChecker_6110.cab O16 - DPF: {1FE5F6CD-7490-4428-9E79-830E8CC55B8B} - O16 - DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} (VatCtrl Class) - http://aldex.safe100.net:81/VatDec.cab O16 - DPF: {254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console) - https://secure.logmeinrescue.com/TechConsol...scueControl.cab O16 - DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} (RtspVaPgCtrl Class) - O16 - DPF: {3CA6DFF6-C6B0-11D4-8035-0050BF0BA18C} (BMSPX Control) - http://www.brans.com/cab/Brans/bmspx.cab O16 - DPF: {5AA580AE-A3E9-4A9C-9C49-7EC814C8E2ED} - O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://belgacom.extrafilm.be/ImageUploader5.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://colruyt.fujiprint.be/Colruyt/UserCo...geUploader4.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...ion_3_0_2_0.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - http://braspoel.dipmap.com/cab/msrdp.cab O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.com/clients/ImageUploader3.cab O16 - DPF: {93F796E1-6BF7-4E22-958E-4E969E88F69D} (WebClient Control) - http://dvr.dyndns.info/WebClient.cab O16 - DPF: {96816368-C1E3-414D-A193-63C3CC921990} (MJPEGRender Control) - http://demo.remotemanager.co.uk/common/act...MJPEGRender.ocx O16 - DPF: {A6024F78-620D-42F2-B561-F1E4E581416A} (Bmsschedule Control) - http://211.232.23.23/bmspschedule.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://belgacom.extrafilm.be/ImageUploader4.cab O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://192.168.1.2/plugin/h263ctrl.cab O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} (OCXDownloadChecker Control) - http://webcam.geovision.com.tw/cab/OCXChecker_8120.cab O16 - DPF: {B0E1526D-A0C8-417E-9F8D-E8D11ADFAFC6} - http://192.168.1.81:81/img/IPCamActiveX_Setup.exe O16 - DPF: {B930E47F-B1DB-4BA9-9BFE-9521F043FA39} (CT4OCX Class) - http://www.livedarshan.com/test/ChakraView_CT4_OCX.cab O16 - DPF: {BE30D547-EE96-4D6B-B9A3-57777E9F0A9C} (ActiveFormX Element) - http://127.0.0.1/pryysfje/activex/common/b...o1984Viewer.ocx O16 - DPF: {C3D526DB-6593-4595-9162-10CC3F566EF9} (BMSPRX Control) - http://211.232.23.23/bmsprx.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.be/clients/uploader_v2.1.0.56.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exe O16 - DPF: {DBAFE6AD-DC14-45DF-A3F7-F8832289A1CD} (DownloadFile Control) - http://webcam.geovision.com.tw/cab/DownloadFile_8110.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - http://207.59.215.18/activex/AMC.cab O16 - DPF: {E76AE961-79F2-4421-8275-EAF2AD85880E} (WebDvrClient Control) - http://193.251.182.45:8080/Cab/WebDvr.CAB O16 - DPF: {F9BF64A0-5A65-43E0-ACDB-B223E7F9DDD9} (WebWatch2 Control) - http://82.230.4.178:4200/WEBWATCH2.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O17 - HKLM\System\CCS\Services\Tcpip\..\{A655BD28-9770-43BF-9C0F-22A2A8CBA101}: NameServer = 195.238.2.21,195.238.2.22 O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O20 - Winlogon Notify: efcAqnNH - C:\WINDOWS\ O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: myDynIPPro - Unknown owner - f:\Program Files\Rocon Software\myDynIPPro\myDynIPPro.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- End of file - 17334 bytes Bien à toi, WiseWise3

Bonjour Apollo, oui le rapport HijackThis a bien été fait APRES le reboot. Par contre pour le scan Kaspersky, je n'arrive pas à le générer car il bloque après un certain temps. J'ai d'abord commencé en désactivant Antivir comme signalé. Ensuite j'ai remarqué que On line protection était toujours actif et désactivé ceux-ci (Mail guard - Webguard). J'ai relancé ce matin. En général çà bloque après 1h 1h30 J'espère avoir le rapport, voici la raison pour laquelle plus de nouvelle depuis hier matin... Bien à toi, WiseWise3

Bonjour Apollo, voici les rapports demandés: Malwarebytes' Anti-Malware 1.30 Version de la base de données: 1306 Windows 5.1.2600 Service Pack 2 3/11/2008 7:53:34 mbam-log-2008-11-03 (07-53-34).txt Type de recherche: Examen complet (C:\|I:\|) Eléments examinés: 159277 Temps écoulé: 1 hour(s), 6 minute(s), 18 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 1 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 16 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\WINDOWS\system32\efcAqnNH.dll (Trojan.Vundo.H) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9f7ff51e-fd7c-498c-baef-603257fe4475} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\efcaqnnh (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{9f7ff51e-fd7c-498c-baef-603257fe4475} (Trojan.Vundo.H) -> Delete on reboot. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{9f7ff51e-fd7c-498c-baef-603257fe4475} (Trojan.Vundo.H) -> Delete on reboot. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\WINDOWS\system32\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\WINDOWS\system32\efcAqnNH.dll (Trojan.Vundo.H) -> Delete on reboot. C:\Program Files\Replay7\ReplayAVandReplayRadiov710b_Crack.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\qoMcyXqp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. I:\leech\0 A graver\CleUSB Sauve\WGA Remover OK\Windows XP Keygen.exe (Malware.Tool) -> Quarantined and deleted successfully. C:\WINDOWS\system32\Bifrost\klog.dat (Backdoor.Bifrose) -> Quarantined and deleted successfully. C:\WINDOWS\system32\geBSlKbb.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\opnoomNF.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ddcbbcCT.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ddcDuvWM.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nnnoNghE.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\efcCrQGx.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hgGaxUoL.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xxyyxXPj.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\yayyYPgD.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ljJDSLCr.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\wvUOiIxX.dll (Trojan.Vundo) -> Quarantined and deleted successfully. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:00:53, on 3/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\QuickTime\qttask.exe F:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Microsoft ActiveSync\Wcescomm.exe C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe F:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\FolderSize\FolderSizeSvc.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE f:\Program Files\Rocon Software\myDynIPPro\myDynIPPro.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Wise\Bureau\HiJackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: (no name) - {9F7FF51E-FD7C-498C-BAEF-603257FE4475} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-be\msntb.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-be\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "F:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: Convert link target to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Download &Flash Movies - C:\Program Files\Flash2X\Flash Hunter\save.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Flash2X Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (HKCU) O9 - Extra 'Tools' menuitem: &Launch Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1DB93715-3B60-43EE-93E6-279BB3E1DF76} (OCXDownloadChecker Control) - http://81.242.249.7/cab/OCXChecker_6110.cab O16 - DPF: {1FE5F6CD-7490-4428-9E79-830E8CC55B8B} - O16 - DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} (VatCtrl Class) - http://aldex.safe100.net:81/VatDec.cab O16 - DPF: {254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console) - https://secure.logmeinrescue.com/TechConsol...scueControl.cab O16 - DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} (RtspVaPgCtrl Class) - O16 - DPF: {3CA6DFF6-C6B0-11D4-8035-0050BF0BA18C} (BMSPX Control) - http://www.brans.com/cab/Brans/bmspx.cab O16 - DPF: {5AA580AE-A3E9-4A9C-9C49-7EC814C8E2ED} - O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://belgacom.extrafilm.be/ImageUploader5.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://colruyt.fujiprint.be/Colruyt/UserCo...geUploader4.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...ion_3_0_2_0.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - http://braspoel.dipmap.com/cab/msrdp.cab O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.com/clients/ImageUploader3.cab O16 - DPF: {93F796E1-6BF7-4E22-958E-4E969E88F69D} (WebClient Control) - http://dvr.dyndns.info/WebClient.cab O16 - DPF: {96816368-C1E3-414D-A193-63C3CC921990} (MJPEGRender Control) - http://demo.remotemanager.co.uk/common/act...MJPEGRender.ocx O16 - DPF: {A6024F78-620D-42F2-B561-F1E4E581416A} (Bmsschedule Control) - http://211.232.23.23/bmspschedule.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://belgacom.extrafilm.be/ImageUploader4.cab O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://192.168.1.2/plugin/h263ctrl.cab O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} (OCXDownloadChecker Control) - http://webcam.geovision.com.tw/cab/OCXChecker_8120.cab O16 - DPF: {B0E1526D-A0C8-417E-9F8D-E8D11ADFAFC6} - http://192.168.1.81:81/img/IPCamActiveX_Setup.exe O16 - DPF: {B930E47F-B1DB-4BA9-9BFE-9521F043FA39} (CT4OCX Class) - http://www.livedarshan.com/test/ChakraView_CT4_OCX.cab O16 - DPF: {BE30D547-EE96-4D6B-B9A3-57777E9F0A9C} (ActiveFormX Element) - http://127.0.0.1/pryysfje/activex/common/b...o1984Viewer.ocx O16 - DPF: {C3D526DB-6593-4595-9162-10CC3F566EF9} (BMSPRX Control) - http://211.232.23.23/bmsprx.cab O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.5.0_01) - O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.be/clients/uploader_v2.1.0.56.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exe O16 - DPF: {DBAFE6AD-DC14-45DF-A3F7-F8832289A1CD} (DownloadFile Control) - http://webcam.geovision.com.tw/cab/DownloadFile_8110.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - http://207.59.215.18/activex/AMC.cab O16 - DPF: {E76AE961-79F2-4421-8275-EAF2AD85880E} (WebDvrClient Control) - http://193.251.182.45:8080/Cab/WebDvr.CAB O16 - DPF: {F9BF64A0-5A65-43E0-ACDB-B223E7F9DDD9} (WebWatch2 Control) - http://82.230.4.178:4200/WEBWATCH2.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O17 - HKLM\System\CCS\Services\Tcpip\..\{A655BD28-9770-43BF-9C0F-22A2A8CBA101}: NameServer = 195.238.2.21,195.238.2.22 O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O20 - Winlogon Notify: efcAqnNH - C:\WINDOWS\ O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: myDynIPPro - Rocon Software Ltd - f:\Program Files\Rocon Software\myDynIPPro\myDynIPPro.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- End of file - 17290 bytes Merci. Bien à toi, WiseWise3

Bonsoir, a force d'aider à remettre en ordre des pcs, ma clef usb transite entre mon pc de test et les pcs (infectés), j'ai toujours un truc détecté par antivir 3/11/2008 0:06 [Webguard] Malware found When accessing data from the URL, "http://77.93.75.148/img/cntr.dll?sid=47545F5A4F080F0F000D544F1F545B365C36583608 5B51363A0C1B1F000A0C4939080A02495B4F0A000D545D59505C2B2A5E5C51515E5A5D5E2A5E285F 2F2F2B5D2F2F5D5A2D28505151284F081D542D2A2D5D5F2C2B2C285E2C5C58582D2D28285A2C2F2F 2F2F2F2F2A2F2F2F2F2F4F1E1D54590D585E5C595B5E59584F0B0054585E5A4F04061B1901000D54 4F1B0C1F000D54692E01" a virus or unwanted program 'TR/Vundo.Gen' [trojan] was found. Action taken: Blocked file Pouvez-vous analyser mon fichier HijackThis afin dêtre sur de n'avoir rien chopé. Je tiens à rappeler que ce pc est un pc de test dont le windows est installé depuis, je sais pas 6 ans... plus... Merci. WiseWise3 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 0:12:50, on 3/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\QuickTime\qttask.exe F:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Microsoft ActiveSync\Wcescomm.exe C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\FolderSize\FolderSizeSvc.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE f:\Program Files\Rocon Software\myDynIPPro\myDynIPPro.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe F:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe C:\DOCUME~1\Wise\LOCALS~1\Temp\Adobelm_Cleanup.0001 C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe C:\DOCUME~1\Wise\LOCALS~1\Temp\Adobelm_Cleanup.0001 C:\Documents and Settings\Wise\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: (no name) - {9F7FF51E-FD7C-498C-BAEF-603257FE4475} - C:\WINDOWS\system32\efcAqnNH.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-be\msntb.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-be\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "F:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: Convert link target to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Download &Flash Movies - C:\Program Files\Flash2X\Flash Hunter\save.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Flash2X Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (HKCU) O9 - Extra 'Tools' menuitem: &Launch Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1DB93715-3B60-43EE-93E6-279BB3E1DF76} (OCXDownloadChecker Control) - http://81.242.249.7/cab/OCXChecker_6110.cab O16 - DPF: {1FE5F6CD-7490-4428-9E79-830E8CC55B8B} - O16 - DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} (VatCtrl Class) - http://aldex.safe100.net:81/VatDec.cab O16 - DPF: {254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console) - https://secure.logmeinrescue.com/TechConsol...scueControl.cab O16 - DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} (RtspVaPgCtrl Class) - O16 - DPF: {3CA6DFF6-C6B0-11D4-8035-0050BF0BA18C} (BMSPX Control) - http://www.brans.com/cab/Brans/bmspx.cab O16 - DPF: {5AA580AE-A3E9-4A9C-9C49-7EC814C8E2ED} - O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://belgacom.extrafilm.be/ImageUploader5.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://colruyt.fujiprint.be/Colruyt/UserCo...geUploader4.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...ion_3_0_2_0.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - http://braspoel.dipmap.com/cab/msrdp.cab O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.com/clients/ImageUploader3.cab O16 - DPF: {93F796E1-6BF7-4E22-958E-4E969E88F69D} (WebClient Control) - http://dvr.dyndns.info/WebClient.cab O16 - DPF: {96816368-C1E3-414D-A193-63C3CC921990} (MJPEGRender Control) - http://demo.remotemanager.co.uk/common/act...MJPEGRender.ocx O16 - DPF: {A6024F78-620D-42F2-B561-F1E4E581416A} (Bmsschedule Control) - http://211.232.23.23/bmspschedule.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://belgacom.extrafilm.be/ImageUploader4.cab O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://192.168.1.2/plugin/h263ctrl.cab O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} (OCXDownloadChecker Control) - http://webcam.geovision.com.tw/cab/OCXChecker_8120.cab O16 - DPF: {B0E1526D-A0C8-417E-9F8D-E8D11ADFAFC6} - http://192.168.1.81:81/img/IPCamActiveX_Setup.exe O16 - DPF: {B930E47F-B1DB-4BA9-9BFE-9521F043FA39} (CT4OCX Class) - http://www.livedarshan.com/test/ChakraView_CT4_OCX.cab O16 - DPF: {BE30D547-EE96-4D6B-B9A3-57777E9F0A9C} (ActiveFormX Element) - http://127.0.0.1/pryysfje/activex/common/b...o1984Viewer.ocx O16 - DPF: {C3D526DB-6593-4595-9162-10CC3F566EF9} (BMSPRX Control) - http://211.232.23.23/bmsprx.cab O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.5.0_01) - O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.be/clients/uploader_v2.1.0.56.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exe O16 - DPF: {DBAFE6AD-DC14-45DF-A3F7-F8832289A1CD} (DownloadFile Control) - http://webcam.geovision.com.tw/cab/DownloadFile_8110.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - http://207.59.215.18/activex/AMC.cab O16 - DPF: {E76AE961-79F2-4421-8275-EAF2AD85880E} (WebDvrClient Control) - http://193.251.182.45:8080/Cab/WebDvr.CAB O16 - DPF: {F9BF64A0-5A65-43E0-ACDB-B223E7F9DDD9} (WebWatch2 Control) - http://82.230.4.178:4200/WEBWATCH2.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O17 - HKLM\System\CCS\Services\Tcpip\..\{A655BD28-9770-43BF-9C0F-22A2A8CBA101}: NameServer = 195.238.2.21,195.238.2.22 O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O20 - Winlogon Notify: efcAqnNH - C:\WINDOWS\SYSTEM32\efcAqnNH.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: myDynIPPro - Rocon Software Ltd - f:\Program Files\Rocon Software\myDynIPPro\myDynIPPro.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- End of file - 17532 bytes

RESOLU de CHEZ RESOLU: voir: http://forum.zebulon.fr/resoluconnecte-via...er-t154024.html Merci.... à tout ceux qui se reconnaitront...

Re, çà y est le prob est résolu. Problème Hardware. Avec une autre clé similaire de même marque cela fonctionne. J'ai testé la clé qui pose prob sur un autre pc et même symptome çàd se connecte mais pas de ping... Au lieu de claquer complètement, elle a claqué partiellement. Cà j'avais jamais vu. Bien à vous et merci encore pour votre aide, Wisewise3 PS: Merci Marie et Apollo.

Re, je ne sais toujours pas comment faire cette "restauration de la couche réseau". Peux tu être plus clair? Merci WiseWise3

ok, je fais comment exactement pour restauration? Merci

Bonjour, oui il est bien activé avec mon portable pas de prob. J'ai même essayé en fixant ip de la cle wifi et en mettant les dns de mon FAI Rien à faire...