rozo78

limewire a certes été installé mais jamais utilisé...c'est donc curieux. Par ailleurs, aucune connexion a des sites pornographiques (sinon des fenêtres intempestives qui s'ouvrent. Donc effectivement je demande de l'aide, pas ce genre de réflexion qui ne m'avance en rien...

up ! (je sais que les rapports sont très longs mais j'ai vraiment besoin de votre aide !)

et mon combo fix : ComboFix 08-02.05.3 - PIERRE 2008-02-10 18:22:16.2 - NTFSx86 Endroit: C:\Documents and Settings\PIERRE\Local Settings\Temporary Internet Files\Content.IE58KKNWJO\ComboFix[1].exe AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés 2008-01-10 to 2008-02-10 )))))))))))))))))))))))))))))))))))) . 2008-02-10 17:06 . 2008-02-10 17:06 <REP> d-------- C:\Program Files\Trend Micro 2008-02-07 22:02 . 2008-02-09 23:31 <REP> d-------- C:\Program Files\winvi 2008-02-07 21:41 . 2008-02-07 15:42 74,137 --a------ C:\Program Files\uninstall_activeX.exe 2008-02-07 21:40 . 2007-11-21 01:04 218,496 -ra------ C:\Program Files\FlashUtil9e.exe 2008-02-07 20:36 . 2008-02-07 20:36 <REP> d-------- C:\Program Files\u320-en 2008-02-02 13:30 . 2008-02-02 13:30 <REP> d-------- C:\Program Files\Norton Security Scan 2008-02-01 23:07 . 2008-02-01 23:07 41 --a------ C:\WINDOWS\system32\blue.SITENAME 2008-02-01 22:37 . 2002-07-04 12:55 94,964 --a------ C:\WINDOWS\system32\drivers\Hlp.sys 2008-02-01 22:37 . 2008-02-01 22:39 184 --a------ C:\WINDOWS\edtinst.ini 2008-01-15 21:15 . 1998-07-30 14:54 2,123,776 --a------ C:\WINDOWS\system32\QuickTimeMusicalInstruments.qtx 2008-01-15 21:15 . 1998-03-20 12:00 969,216 --a------ C:\WINDOWS\system32\qd3d.dll 2008-01-15 21:15 . 1998-03-26 16:00 747,008 --a------ C:\WINDOWS\system32\Indeo4.qtx 2008-01-15 21:15 . 1998-03-20 12:00 596,992 --a------ C:\WINDOWS\system32\rave.dll 2008-01-15 21:15 . 1998-03-20 12:00 253,952 --a------ C:\WINDOWS\system32\QD3D_IR2.q3x 2008-01-15 21:15 . 1998-07-30 14:54 202,240 --a------ C:\WINDOWS\system32\QuickTime.cpl 2008-01-15 21:15 . 1998-03-20 12:00 126,976 --a------ C:\WINDOWS\system32\3DViewer.dll 2008-01-15 21:15 . 1998-03-20 12:00 44,032 --a------ C:\WINDOWS\system32\QD3DCustomElements.q3x 2008-01-15 21:15 . 1998-07-30 14:53 27,136 --a------ C:\WINDOWS\system32\QTUninst.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-10 17:03 --------- d-----w C:\Documents and Settings\PIERRE\Application Data\StarOffice8 2008-02-10 16:54 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-02-10 16:43 374 ----a-w C:\Documents and Settings\PIERRE\Application Data\internaldb8467.dat 2008-02-10 16:37 555 ----a-w C:\Documents and Settings\PIERRE\Application Data\internaldb6334.dat 2008-02-10 16:37 18,432 ----a-w C:\Documents and Settings\PIERRE\Application Data\internaldb41.dat 2008-02-10 16:01 --------- d-----w C:\Program Files\LimeWire 2008-02-09 22:32 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-02-09 20:49 --------- dc----w C:\Documents and Settings\All Users\Application Data\Google Updater 2008-02-07 14:42 23,109 ----a-w C:\Program Files\install.log 2008-02-06 16:38 --------- dc----w C:\Documents and Settings\All Users\Application Data\Sony Corporation 2008-02-06 16:37 --------- d-----w C:\Documents and Settings\PIERRE\Application Data\Sony Corporation 2008-02-06 16:01 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-06 15:56 --------- d-----w C:\Program Files\Sony 2008-01-28 20:48 --------- d-----w C:\Documents and Settings\PIERRE\Application Data\Skype 2008-01-28 17:45 --------- d-----w C:\Documents and Settings\PIERRE\Application Data\skypePM 2008-01-17 20:58 --------- d-----w C:\Program Files\WinTV 2008-01-17 20:58 --------- d-----w C:\Program Files\vtplus 2008-01-15 20:15 --------- d-----w C:\Program Files\QuickTime 2008-01-08 21:32 --------- d-----w C:\Program Files\Incomplete 2007-12-27 22:27 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01001_Coinstaller_Critical.Wdf 2007-12-27 22:27 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_Spyder3_01001.Wdf 2007-12-27 22:20 --------- d-----w C:\Program Files\Datacolor 2007-12-26 19:20 --------- d-----w C:\Program Files\Fichiers communs\xing shared 2007-12-26 19:20 --------- d-----w C:\Program Files\Fichiers communs\Real 2007-12-16 17:20 --------- d-----w C:\Program Files\LeechFTP 2007-12-16 16:10 18,944 ----a-w C:\WINDOWS\eraser.exe 2007-12-10 21:10 10,884,472 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe 2007-12-10 21:10 --------- d-----w C:\Program Files\Illustrate 2007-12-09 18:04 675,579 ----a-w C:\WINDOWS\PROGRAM.exe 2007-12-09 18:04 363,980 ----a-w C:\WINDOWS\1-fe5e180d56ed9c233080898276c260cc.exe 2007-12-09 18:04 203,592 ----a-w C:\WINDOWS\distro_SelectRebatesSetup_um1001.exe 2007-12-09 18:04 139,264 ----a-w C:\WINDOWS\MirarDownloader_876260.exe 2007-11-28 18:55 40,737 ----a-w C:\WINDOWS\system32\rightonadz-uninst.exe 2007-11-21 00:04 2,987,392 ----a-r C:\Program Files\Flash9e.ocx 2007-11-19 22:33 102,400 ----a-w C:\WINDOWS\MBDownloader_876932.exe 2007-11-17 16:14 32 -c--a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat 2007-03-16 16:54 20 -c-h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT 2007-02-27 19:58 1,764,352 ----a-w C:\Program Files\epson1138eu.exe 2007-02-27 19:57 5,897,728 ----a-w C:\Program Files\epson5060eu.exe 2006-08-01 21:55 824,824 ----a-w C:\Program Files\sonicstageinstaller.exe 2006-04-15 21:51 548,730 ----a-w C:\Program Files\u320-en.zip 2005-11-23 22:09 611,954 ----a-w C:\Program Files\u340-en.zip 2005-11-20 13:28 9,663,232 ----a-w C:\Program Files\OutlookExpress506FRA.bin 2005-11-20 13:23 8,274,695 ----a-w C:\Program Files\vlc-0.8.2-win32.exe 2005-11-02 20:32 7,256,768 ----a-w C:\Program Files\SkypeSetup.exe 2005-09-17 16:31 11,284,970 ----a-w C:\Program Files\cdbxp_setup_3.0.116.zip 2005-08-27 12:38 1,435,272 ----a-w C:\Program Files\Flash8.ocx 2005-04-21 13:28 6,144 --sha-w C:\Program Files\Thumbs.db 2004-12-16 11:01 8,273 ----a-w C:\Program Files\snylcd53.cat 2004-12-10 20:20 2,824 ----a-w C:\Program Files\HS95P_65.icm 2004-12-10 19:52 2,824 ----a-w C:\Program Files\HS95P_93.icm 2004-11-30 16:39 1,636 ----a-w C:\Program Files\SnyLCD53.inf 2004-10-24 21:39 1,112 ----a-w C:\Documents and Settings\PIERRE\Application Data\ViewerApp.dat 2004-08-22 12:22 3,844,558 ----a-w C:\Program Files\SFF-6.2.1d9(DCPRO).exe 2004-08-21 20:30 718,556 ----a-w C:\Program Files\PIMForC3D35Patch.zip 2004-06-20 10:01 9,304,688 ----a-w C:\Program Files\MPSetupXP.exe 2004-06-06 17:08 4,474,271 ----a-w C:\Program Files\it222fra.exe 2004-06-03 19:42 59,992 ----a-w C:\Program Files\msnaddin.exe 2004-06-02 19:58 21,386,357 ----a-w C:\Program Files\dwmx2004_701update_fr.exe 2004-05-25 11:30 836,608 ----a-w C:\Program Files\iview385.exe 2003-09-22 13:16 9,982,321 ----a-w C:\Program Files\illumi153_fr.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{266A3562-AB67-480E-9F09-D54604FD817B}] 2007-08-20 18:58 75264 --a------ C:\WINDOWS\system32\ninjaext.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26E45419-7205-4fac-BBFE-174BC7337A79}] C:\WINDOWS\system32\nsbDC0.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360] "LDM"="C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2004-11-13 21:02 20480] "SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-05-08 04:17 81920] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-09 20:10 68856] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 08:59 204288] "WinUpdater"="C:\Program Files\winvi\update.exe" [2008-02-07 19:12 174143] "WebSUpdater"="C:\Program Files\winvi\wupda.exe" [2008-02-07 19:12 198185] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ZPOINT32"="C:\WINDOWS\system32\ZPOINT32.exe" [2002-07-04 13:49 20480] "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2005-11-14 22:04 100056] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-05-25 22:02 86016] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-05-25 22:02 6746112] "IW Controlcenter"="C:\PROGRA~1\INSTAN~1\INSTAN~1\IWCTRL.EXE" [2002-07-29 15:18 750592] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2004-06-26 01:32 172032] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-18 18:55 49152] "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 14:18 241664] "URLLSTCK.exe"="C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe" [2004-01-27 15:58 70760] "nwiz"="nwiz.exe" [2005-05-25 22:02 1519616 C:\WINDOWS\system32\nwiz.exe] "EM_EXEC"="C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2001-12-20 09:42 35328] "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2004-03-18 09:33 892928] "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2003-12-03 17:18 20480] "WooCnxMon"="C:\PROGRA~1\Wanadoo\CnxMon.exe" [2002-11-12 16:34 24576] "SoundMan"="SOUNDMAN.EXE" [2003-06-10 12:12 55296 C:\WINDOWS\SOUNDMAN.EXE] "RoxioEngineUtility"="C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" [2003-05-01 18:44 65536] "RoxioDragToDisc"="C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2004-10-13 22:40 868352] "RoxioAudioCentral"="C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" [2003-07-15 12:36 319488] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-08-04 23:00 282624] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-06-14 15:24 278528] "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2006-04-04 10:55 71304] "Advanced Tools Check"="C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE" [2003-08-20 11:55 74896] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 00:18 57344] "Acecad.Wtxpload"="C:\WINDOWS\Acecad\Wtxpload.exe" [2005-04-30 23:14 57344] "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\TaskbarIcon.exe" [2003-12-03 17:18 53248] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-06-14 18:32 132760] "Auto Run Software for Photo Frame"="" [] "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984] "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832] "postSetupCheck"="C:\WINDOWS\system32" [2008-02-10 18:30 0] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-12-26 20:19 185632] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09 15360] "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2005-01-27 14:59 263776] "Symantec Network Driver Update Warning"="C:\PROGRA~1\Symantec\LIVEUP~1\SNDWarn.EXE" [2004-04-30 17:02 91256] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SRUUninstall"="C:\WINDOWS\System32\msiexec.exe" [2005-03-21 14:00 78848] R1 Asapi;ASAPI;C:\WINDOWS\system32\drivers\Asapi.sys [2002-04-17 20:27] R1 cdrdrv;cdrdrv;C:\WINDOWS\system32\drivers\cdrdrv.sys [2002-07-26 14:32] R1 hlp;FAST HLP Driver;C:\WINDOWS\system32\Drivers\Hlp.Sys [2002-07-04 12:55] R1 lstone;Pinnacle Systems DV500 Overlay;C:\WINDOWS\system32\DRIVERS\lstone2k.sys [2002-06-27 15:20] R1 MemAlloc;MemAlloc;C:\WINDOWS\system32\drivers\memalloc.sys [2002-06-06 15:08] R1 vobcom;vobcom;C:\WINDOWS\system32\drivers\vobcom.sys [2001-10-04 11:53] R1 vobiw;vobiw;C:\WINDOWS\system32\drivers\vobiw.sys [2002-08-09 16:23] R2 V7;V7;C:\WINDOWS\system32\drivers\V7.sys [2000-03-10 01:24] R3 EPUSBSTOR;EPSON USB Storage Driver;C:\WINDOWS\system32\DRIVERS\epusbsto.sys [2001-09-10 00:00] R3 fbxusb;FreeBox USB Network Adapter;C:\WINDOWS\system32\DRIVERS\fbxusb.sys [2003-12-31 11:35] R3 HCWBT8xx;Hauppauge WinTV 848/9 WDM Video Driver;C:\WINDOWS\system32\drivers\HCWBT8XX.sys [2004-10-08 20:04] R3 NPDriver;Norton Unerase Protection Driver;C:\WINDOWS\system32\Drivers\NPDRIVER.SYS [2002-08-14 06:03] R3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0);C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2004-02-14 05:09] R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08] R3 W2acehid;Acecad HID;C:\WINDOWS\system32\DRIVERS\w2acehid.sys [2005-05-02 22:35] R3 Wtcls2k;Wtcls2k;C:\WINDOWS\system32\DRIVERS\wtcls2k.sys [2005-05-01 02:19] S0 NVDual;NVDual;C:\WINDOWS\system32\DRIVERS\nvDual.sys [] S2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\system32\DRIVERS\nvcap.sys [2002-03-22 12:07] S2 nvTUNEP;nVidia WDM TVTuner;C:\WINDOWS\system32\DRIVERS\nvtunep.sys [2002-03-22 12:07] S2 nvtvSND;nVidia WDM TVAudio Crossbar;C:\WINDOWS\system32\DRIVERS\nvtvsnd.sys [2002-03-22 12:07] S2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\system32\DRIVERS\NVxbar.sys [2002-03-22 12:07] S3 adiusbae;USB ADSL LAN Adapter;C:\WINDOWS\system32\DRIVERS\adiusbae.sys [] S3 Msteptisvasd;Msteptisvasd;C:\WINDOWS\system32\drivers\LMouFlt2.sys [2001-12-19 10:42] S3 Spyder3;Datacolor Spyder3;C:\WINDOWS\system32\DRIVERS\Spyder3.sys [2007-10-10 00:53] S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 06:58] S3 WFsys;WinFox Control I/O Driver;C:\WINDOWS\system32\DRIVERS\wfsys.sys [2002-04-22 15:15] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f84af05c-c920-11d9-a297-0007cb0000ff}] \Shell\AutoRun\command - G:\setupSNK.exe . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-02-09 18:02:18 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur - PIERRE.job" - C:\PROGRA~1\NORTON~1\NORTON~1\NAVW32.EXEh/task: "2008-02-08 21:55:03 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur.job" - C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/task: "2008-02-02 12:30:08 C:\WINDOWS\Tasks\Norton Security Scan.job" - C:\Program Files\Norton Security Scan\Nss.exe "2008-02-10 14:05:55 C:\WINDOWS\Tasks\Symantec NetDetect.job" - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-10 18:31:00 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-02-10 18:32:28 ComboFix-quarantined-files.txt 2008-02-10 17:32:23 ComboFix2.txt 2008-02-10 16:51:28 . 2008-01-09 23:12:15 --- E O F --- que faire maintenant ????

et voici mon rapport MSNFix MSNFix 1.657 C:\Documents and Settings\PIERRE\Bureau\MSNFix\MSNFix Fix exécuté le 10/02/2008 - 18:06:16,73 By PIERRE mode normal ************************ Recherche les fichiers présents Aucun Fichier trouvé ************************ Recherche les dossiers présents ... C:\Temp\ ************************ Suppression des fichiers ************************ Suppression des dossiers /!\ ... C:\Temp\ ************************ Nettoyage du registre ************************ Fichiers suspects Aucun Fichier trouvé Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 10022008_18081978.zip Information ...... Information ...... Information ...... /!\ /!\ MSNFix n'est pas affilié a livekill CleanMessenger /!\ /!\ Ce pseudo antivirus copie les bases de MSNFix pour se tenir a jour /!\ /!\ MSNFix is not affiliated with Livekill CleanMessenger /!\ /!\ ------------------------------------------------------------------------ Auteur : !aur3n7 Contact: http://changelog.fr ------------------------------------------------------------------------ --------------------------------------------- END ---------------------------------------------

Bonjour, depuis 2 jours, mon PC est infecté. Mon fond d'écran est remplacé par des fonds d'écran qui changent chaque jour et une fenêtre type publicitaire s'ouvre également sans que je ne puisse la fermer. De plus j'ai des messages d'alerte qui apparaissent lorsque je me connecte au net. J'ai Norton d'installé mais il ne détecte rien du tout. voici mon rapport HiJack This (très long !) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:06:46, on 10/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Wintab32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ZPOINT32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\INSTAN~1\INSTAN~1\IWCTRL.EXE C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\winvi\wupda.exe C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe C:\DOCUME~1\PIERRE\LOCALS~1\Temp\bwgo00016193.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe C:\Program Files\Sun\StarOffice 8\program\soffice.exe C:\Program Files\Sun\StarOffice 8\program\soffice.BIN C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe c:\program files\internet explorer\iexplore.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.us-start.com/start.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: rightonads optimizer - {10F3E8BD-257A-4702-A2F5-DC02055B068C} - C:\WINDOWS\system32\gzmrt.dll (file missing) O2 - BHO: trafficninja.biz extension - {266A3562-AB67-480E-9F09-D54604FD817B} - C:\WINDOWS\system32\ninjaext.dll O2 - BHO: ads_optimizer - {26E45419-7205-4fac-BBFE-174BC7337A79} - C:\WINDOWS\system32\nsbDC0.dll (file missing) O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\UpMedia\ContentTool.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [ZPOINT32] C:\WINDOWS\system32\ZPOINT32.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [iW Controlcenter] C:\PROGRA~1\INSTAN~1\INSTAN~1\IWCTRL.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [Acecad.Wtxpload] C:\WINDOWS\Acecad\Wtxpload.exe Acecad O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [postSetupCheck] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [sRUUninstall] "C:\WINDOWS\System32\msiexec.exe" /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [sRUUninstall] "C:\WINDOWS\System32\msiexec.exe" /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'Default user') O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: EPSON CardMonitor.lnk = ? O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O4 - Global Startup: Picture Package Menu.lnk = ? O4 - Global Startup: Picture Package VCD Maker.lnk = ? O4 - Global Startup: Spyder3Utility.lnk = C:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {0A46CB52-CFA0-4E78-A181-948D5E361BE3} (EpsonObj Class) - http://esupport.epson-europe.com/ePC/activex/EpsonSetup.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-3-48.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://mouchailloux.spaces.live.com//Photo...ad/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1146921266750 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab30149.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/ac...ta/SymAData.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/ac.../ActiveData.cab O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/es/SysWebTelecom.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab30149.cab O18 - Protocol: bw+0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: Msteptisvasd - Logitech - C:\WINDOWS\system32\drivers\LMouFlt2.sys O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE O23 - Service: WinFast® Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: NexTab (Wintab32) - Unknown owner - C:\WINDOWS\system32\Wintab32.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/PIERRE/LOCALS~1/Temp/msoclip1/01/clip_image002.gif -- End of file - 30816 bytes merci pour votre aide !!!

me suis trompée de rubrique, je vais sur analyse des rapports ! oups

Bonjour, depuis 2 jours, mon PC est infecté. Mon fond d'écran est remplacé par des fonds d'écran qui changent chaque jour et une fenêtre type publicitaire s'ouvre également sans que je ne puisse la fermer. De plus j'ai des messages d'alerte qui apparaissent lorsque je me connecte au net. J'ai Norton d'installé mais il ne détecte rien du tout. voici mon rapport HiJack This (très long !) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:06:46, on 10/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Wintab32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ZPOINT32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\INSTAN~1\INSTAN~1\IWCTRL.EXE C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\winvi\wupda.exe C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe C:\DOCUME~1\PIERRE\LOCALS~1\Temp\bwgo00016193.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe C:\Program Files\Sun\StarOffice 8\program\soffice.exe C:\Program Files\Sun\StarOffice 8\program\soffice.BIN C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe c:\program files\internet explorer\iexplore.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.us-start.com/start.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: rightonads optimizer - {10F3E8BD-257A-4702-A2F5-DC02055B068C} - C:\WINDOWS\system32\gzmrt.dll (file missing) O2 - BHO: trafficninja.biz extension - {266A3562-AB67-480E-9F09-D54604FD817B} - C:\WINDOWS\system32\ninjaext.dll O2 - BHO: ads_optimizer - {26E45419-7205-4fac-BBFE-174BC7337A79} - C:\WINDOWS\system32\nsbDC0.dll (file missing) O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\UpMedia\ContentTool.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [ZPOINT32] C:\WINDOWS\system32\ZPOINT32.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [iW Controlcenter] C:\PROGRA~1\INSTAN~1\INSTAN~1\IWCTRL.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [Acecad.Wtxpload] C:\WINDOWS\Acecad\Wtxpload.exe Acecad O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [postSetupCheck] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [sRUUninstall] "C:\WINDOWS\System32\msiexec.exe" /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [sRUUninstall] "C:\WINDOWS\System32\msiexec.exe" /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'Default user') O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: EPSON CardMonitor.lnk = ? O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O4 - Global Startup: Picture Package Menu.lnk = ? O4 - Global Startup: Picture Package VCD Maker.lnk = ? O4 - Global Startup: Spyder3Utility.lnk = C:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {0A46CB52-CFA0-4E78-A181-948D5E361BE3} (EpsonObj Class) - http://esupport.epson-europe.com/ePC/activex/EpsonSetup.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-3-48.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://mouchailloux.spaces.live.com//Photo...ad/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1146921266750 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab30149.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/ac...ta/SymAData.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/ac.../ActiveData.cab O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/es/SysWebTelecom.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab30149.cab O18 - Protocol: bw+0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {3FC8CD92-7F82-4B27-BED1-D054B123ABD2} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: Msteptisvasd - Logitech - C:\WINDOWS\system32\drivers\LMouFlt2.sys O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE O23 - Service: WinFast® Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: NexTab (Wintab32) - Unknown owner - C:\WINDOWS\system32\Wintab32.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/PIERRE/LOCALS~1/Temp/msoclip1/01/clip_image002.gif -- End of file - 30816 bytes merci pour votre aide !!!

voici le dernier rapport : ComboFix 07-11-19.3 - Pierre 2007-11-25 1:23:35.3 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.669 [GMT 1:00] Running from: C:\Documents and Settings\Pierre\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Pierre\Bureau\CFScript.txt * Created a new restore point FILE C:\WINDOWS\system32\adssite-remove.exe C:\WINDOWS\system32\ajtuhkoc.dll C:\WINDOWS\system32\cokhutja.ini C:\WINDOWS\system32\dokbnvjg.exe C:\WINDOWS\system32\dqmamegg.exe C:\WINDOWS\system32\fccywus.dll C:\WINDOWS\system32\gavhtkaw.exe C:\WINDOWS\system32\gzmrot-uninst.exe C:\WINDOWS\system32\gzmrotate.dll C:\WINDOWS\system32\hgghecd.dll C:\WINDOWS\system32\hobbtpyp.ini C:\WINDOWS\system32\iibdngvc.exe C:\WINDOWS\system32\jairtkxh.dll C:\WINDOWS\system32\kfatroup.dll C:\WINDOWS\system32\lifdwahl.ini C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\muprcnnq.exe C:\WINDOWS\system32\pnovhclv.ini C:\WINDOWS\system32\qktfioqy.dll C:\WINDOWS\system32\rightonadz-uninst.exe C:\WINDOWS\system32\rqrqqqo.dll C:\WINDOWS\system32\srbbabye.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\adssite-remove.exe C:\WINDOWS\system32\ajtuhkoc.dll C:\WINDOWS\system32\cokhutja.ini C:\WINDOWS\system32\dokbnvjg.exe C:\WINDOWS\system32\dqmamegg.exe C:\WINDOWS\system32\fccywus.dll C:\WINDOWS\system32\gavhtkaw.exe C:\WINDOWS\system32\gzmrot-uninst.exe C:\WINDOWS\system32\gzmrotate.dll C:\WINDOWS\system32\hgghecd.dll C:\WINDOWS\system32\hobbtpyp.ini C:\WINDOWS\system32\iibdngvc.exe C:\WINDOWS\system32\jairtkxh.dll C:\WINDOWS\system32\kfatroup.dll C:\WINDOWS\system32\lifdwahl.ini C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\muprcnnq.exe C:\WINDOWS\system32\pnovhclv.ini C:\WINDOWS\system32\qktfioqy.dll C:\WINDOWS\system32\rightonadz-uninst.exe C:\WINDOWS\system32\rqrqqqo.dll C:\WINDOWS\system32\srbbabye.dll . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-25 to 2007-11-25 )))))))))))))))))))))))))))))))))))) . 2007-11-25 00:05 <REP> d-------- C:\VundoFix Backups 2007-11-24 23:40 <REP> d-------- C:\WINDOWS\ERUNT 2007-11-20 22:09 <REP> d-------- C:\Program Files\VideoLAN 2007-11-18 10:13 4,180 --a------ C:\WINDOWS\system32\tmp.reg 2007-11-18 10:13 0 --a------ C:\WINDOWS\system32\tmp.txt 2007-11-17 23:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier 2007-11-17 23:06 <REP> d-------- C:\WINDOWS\Internet Logs 2007-11-17 22:47 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau 2007-11-17 22:47 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression 2007-11-17 22:47 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles 2007-11-17 22:47 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents 2007-11-17 22:47 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer 2007-11-17 22:47 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris 2007-11-17 22:47 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau 2007-11-11 21:54 <REP> d-------- C:\Documents and Settings\Photos\anniversaire mamie dd 2007 2007-11-11 16:53 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll 2007-11-11 13:07 <REP> d-------- C:\Documents and Settings\Pierre\Application Data\Zylom 2007-11-11 13:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom 2007-11-10 22:02 65,941 -ra------ C:\WINDOWS\system32\MLSEE.TTF 2007-11-10 22:02 65,155 -ra------ C:\WINDOWS\system32\MLSEG.TTF 2007-11-10 22:02 64,585 -ra------ C:\WINDOWS\system32\MLSEF.TTF 2007-11-10 22:02 63,892 -ra------ C:\WINDOWS\system32\MLSEH.TTF 2007-11-10 22:01 63,276 -ra------ C:\WINDOWS\system32\FLATBEBI.TTF 2007-11-10 22:01 61,636 -ra------ C:\WINDOWS\system32\FLATBEI_.TTF 2007-11-10 22:01 60,756 -ra------ C:\WINDOWS\system32\FLATBEB_.TTF 2007-11-10 22:01 57,972 -ra------ C:\WINDOWS\system32\FLATBEN_.TTF 2007-11-10 22:01 48,432 -ra------ C:\WINDOWS\system32\MLSJB.TTF 2007-11-10 21:53 75,520 -ra------ C:\WINDOWS\system32\VALHI___.TTF 2007-11-10 21:53 71,792 -ra------ C:\WINDOWS\system32\VALHN___.TTF 2007-11-10 21:53 70,784 -ra------ C:\WINDOWS\system32\VALHBI__.TTF 2007-11-10 21:53 67,884 -ra------ C:\WINDOWS\system32\VALHB___.TTF 2007-11-10 21:53 64,324 -ra------ C:\WINDOWS\system32\UPPERR__.TTF 2007-11-10 21:51 77,304 -ra------ C:\WINDOWS\system32\SNOWCAPS.TTF 2007-11-10 21:51 62,256 -ra------ C:\WINDOWS\system32\SCROI___.TTF 2007-11-10 21:51 59,680 -ra------ C:\WINDOWS\system32\SCROBI__.TTF 2007-11-10 21:51 56,620 -ra------ C:\WINDOWS\system32\SCRON___.TTF 2007-11-10 21:51 54,936 -ra------ C:\WINDOWS\system32\SCROB___.TTF 2007-11-10 21:51 41,248 -ra------ C:\WINDOWS\system32\SHADER__.TTF 2007-11-10 21:51 25,200 -ra------ C:\WINDOWS\system32\SLASHR__.TTF 2007-11-10 21:50 108,212 -ra------ C:\WINDOWS\system32\RASP____.TTF 2007-11-10 21:50 80,760 -ra------ C:\WINDOWS\system32\RASPI___.TTF 2007-11-10 21:50 65,692 -ra------ C:\WINDOWS\system32\MLSGY.TTF 2007-11-10 21:50 61,076 -ra------ C:\WINDOWS\system32\RACEI___.TTF 2007-11-10 21:50 59,092 -ra------ C:\WINDOWS\system32\RACEBI__.TTF 2007-11-10 21:50 54,620 -ra------ C:\WINDOWS\system32\RACEN___.TTF 2007-11-10 21:50 53,740 -ra------ C:\WINDOWS\system32\RACEB___.TTF 2007-11-10 21:50 41,528 -ra------ C:\WINDOWS\system32\PRAWNHN.TTF 2007-11-10 21:45 87,548 -ra------ C:\WINDOWS\system32\PALAN___.TTF 2007-11-10 21:45 86,644 -ra------ C:\WINDOWS\system32\PALAI___.TTF 2007-11-10 21:43 248,760 -ra------ C:\WINDOWS\system32\LINENSTR.TTF 2007-11-10 21:43 74,772 -ra------ C:\WINDOWS\system32\LIBEN___.TTF 2007-11-10 21:43 71,072 -ra------ C:\WINDOWS\system32\LIBEB___.TTF 2007-11-10 21:42 160,180 -ra------ C:\WINDOWS\system32\HOTTAML.TTF 2007-11-10 21:42 56,276 -ra------ C:\WINDOWS\system32\HANDSLR.TTF 2007-11-10 21:41 181,504 -ra------ C:\WINDOWS\system32\GREMI___.TTF 2007-11-10 21:41 174,212 -ra------ C:\WINDOWS\system32\GREMN___.TTF 2007-11-10 21:41 105,352 -ra------ C:\WINDOWS\system32\GHOULC.TTF 2007-11-10 21:41 76,928 -ra------ C:\WINDOWS\system32\GHANI___.TTF 2007-11-10 21:41 72,228 -ra------ C:\WINDOWS\system32\GHANBI__.TTF 2007-11-10 21:41 69,848 -ra------ C:\WINDOWS\system32\GAZEI___.TTF 2007-11-10 21:41 69,636 -ra------ C:\WINDOWS\system32\GHANN___.TTF 2007-11-10 21:41 67,448 -ra------ C:\WINDOWS\system32\GHANB___.TTF 2007-11-10 21:41 67,224 -ra------ C:\WINDOWS\system32\GAZEBI__.TTF 2007-11-10 21:41 65,408 -ra------ C:\WINDOWS\system32\GAZEN___.TTF 2007-11-10 21:41 63,256 -ra------ C:\WINDOWS\system32\GAZEB___.TTF 2007-11-10 21:40 60,208 -ra------ C:\WINDOWS\system32\FLETEBI_.TTF 2007-11-10 21:39 60,084 -ra------ C:\WINDOWS\system32\FLETBI__.TTF 2007-11-10 21:39 55,764 -ra------ C:\WINDOWS\system32\FLETB___.TTF 2007-11-10 21:39 42,548 -ra------ C:\WINDOWS\system32\ELMORE.TTF 2007-11-10 21:39 29,236 -ra------ C:\WINDOWS\system32\FAIRY.TTF 2007-11-10 21:38 64,360 -ra------ C:\WINDOWS\system32\MLSIG.TTF 2007-11-10 21:37 100,612 -ra------ C:\WINDOWS\system32\COWBOZ__.TTF 2007-11-10 21:37 94,096 -ra------ C:\WINDOWS\system32\COWBOI__.TTF 2007-11-10 21:37 89,432 -ra------ C:\WINDOWS\system32\COWBOB__.TTF 2007-11-10 21:37 83,036 -ra------ C:\WINDOWS\system32\COWBOR__.TTF 2007-11-10 21:36 57,304 -ra------ C:\WINDOWS\system32\MLSIY.TTF 2007-11-10 21:35 86,856 -ra------ C:\WINDOWS\system32\BARTI___.TTF 2007-11-10 21:35 84,576 -ra------ C:\WINDOWS\system32\BARTN___.TTF 2007-11-10 21:35 82,996 -ra------ C:\WINDOWS\system32\BARTBI__.TTF 2007-11-10 21:35 81,312 -ra------ C:\WINDOWS\system32\BARTB___.TTF 2007-11-10 21:35 73,688 -ra------ C:\WINDOWS\system32\BEESB___.TTF 2007-11-10 21:35 71,236 -ra------ C:\WINDOWS\system32\BEESN___.TTF 2007-11-10 21:35 59,904 -ra------ C:\WINDOWS\system32\BERNIZ__.TTF 2007-11-10 21:35 53,372 -ra------ C:\WINDOWS\system32\BERNIB__.TTF 2007-11-10 21:35 51,728 -ra------ C:\WINDOWS\system32\BERNII__.TTF 2007-11-10 21:35 47,004 -ra------ C:\WINDOWS\system32\BERNIR__.TTF 2007-11-10 21:34 87,388 -ra------ C:\WINDOWS\system32\AMAZZ___.TTF 2007-11-10 21:34 83,944 -ra------ C:\WINDOWS\system32\ASIAN___.TTF 2007-11-10 21:34 81,052 -ra------ C:\WINDOWS\system32\AMAZI___.TTF 2007-11-10 21:34 80,376 -ra------ C:\WINDOWS\system32\AMAZB___.TTF 2007-11-10 21:34 74,144 -ra------ C:\WINDOWS\system32\AMAZR___.TTF 2007-11-10 21:34 66,976 -ra------ C:\WINDOWS\system32\AMOSI___.TTF 2007-11-10 21:34 64,156 -ra------ C:\WINDOWS\system32\AMOSBI__.TTF 2007-11-10 21:34 60,464 -ra------ C:\WINDOWS\system32\AMOSN___.TTF 2007-11-10 21:34 59,012 -ra------ C:\WINDOWS\system32\AMOSB___.TTF 2007-11-10 21:33 73,700 -ra------ C:\WINDOWS\system32\AIDABI__.TTF 2007-11-10 21:33 42,941 -ra------ C:\WINDOWS\system32\MLSBP.TTF 2007-11-10 21:33 42,774 -ra------ C:\WINDOWS\system32\MLSBR.TTF 2007-11-10 21:33 42,276 -ra------ C:\WINDOWS\system32\MLSBQ.TTF 2007-11-10 21:33 41,976 -ra------ C:\WINDOWS\system32\MLSBO.TTF . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-18 20:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-11-18 10:56 --------- d-----w C:\Program Files\Trend Micro 2007-11-17 20:48 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Roxio 2007-11-17 07:47 --------- d-----w C:\Program Files\Boonty 2007-11-17 07:39 19,834 ----a-w C:\WINDOWS\Prefetch\vundo.exe 2007-11-16 15:57 --------- d-----w C:\Documents and Settings\Pierre\Application Data\PlayFirst 2007-11-10 20:00 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-10-13 11:43 --------- d-----w C:\Program Files\iTunes 2007-10-13 11:43 --------- d-----w C:\Program Files\iPod 2007-10-13 11:41 --------- d-----w C:\Program Files\QuickTime 2007-10-13 11:38 --------- d-----w C:\Program Files\Fichiers communs\Apple 2007-10-13 11:36 --------- d-----w C:\Program Files\Apple Software Update 2007-10-13 11:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2007-10-12 13:55 --------- d-----w C:\Program Files\Fichiers communs\xing shared 2007-09-30 20:19 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-09-30 18:35 25,839,688 ----a-w C:\Documents and Settings\COMPTABILITE\wmp11-windowsxp-x86-FR-FR.exe 2007-09-14 12:24 364 ----a-w C:\drmHeader.bin 2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr . ((((((((((((((((((((((((((((( snapshot@2007-11-22_20.32.01.50 ))))))))))))))))))))))))))))))))))))))))) . + 2007-11-23 12:11:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2007-11-24 22:40:40 5,910,528 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\ntuser.dat + 2007-11-24 22:40:41 245,760 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2007-11-23 12:11:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2007-11-24 22:40:27 5,910,528 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\ntuser.dat + 2007-11-24 22:40:27 245,760 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat + 2007-11-25 00:25:39 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5f0.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2005-09-22 06:36 C:\WINDOWS\RTHDCPL.exe] "NvCplDaemon"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [2005-12-10 03:06 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 17:35] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50] "Sunkist2k"="C:\Program Files\Multimedia Card Reader\shwicon2k.exe" [2004-09-03 17:16] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43] "RoxioEngineUtility"="C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" [2003-05-01 17:44] "RoxioDragToDisc"="C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2003-07-16 23:19] "RoxioAudioCentral"="C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" [2003-07-15 11:36] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06] "Adobe Photo Downloader"="C:\Program Files\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 00:18] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-10-12 14:54] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 13:42] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00] R1 DVDVRRdr_xp;DVDVRRdr_xp;C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys R3 PAC207;SoC PC-Camera Beta3;C:\WINDOWS\system32\DRIVERS\pfc027.sys R3 SunkFilt62;Alcor Micro Corp - 6362;\??\C:\WINDOWS\System32\Drivers\sunkfilt62.sys S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\MAGIX\Common\Database\bin\fbserver.exe S3 netrcacm;RCA USB Digital Cable Modem Driver;C:\WINDOWS\system32\DRIVERS\netrcacm.sys S3 SunkFilt6;Alcor Micro Corp - 6360;\??\C:\WINDOWS\System32\Drivers\sunkfilt6.sys S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2007-11-16 16:22:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-25 01:26:03 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-25 1:27:00 - machine was rebooted C:\ComboFix2.txt ... 2007-11-25 00:47 C:\ComboFix3.txt ... 2007-11-22 20:32 . --- E O F --- bon bah pr les changements des mots de passe, il y a du boulot...arghhh

coucou, alors j'ai lancé vundo 1 première fois et bien que tu m'aies prévenue que ça pouvait être assez long...c'était vraiment très long (mon pc a dû planter, le programme ne répondait plus). J'ai relancé la machine et relancé vundo et là ça m'a dit qu'aucun fichier n'était infecté !!! Et voici le rapport combofix : ComboFix 07-11-19.3 - Pierre 2007-11-25 0:45:39.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.597 [GMT 1:00] Running from: C:\Documents and Settings\Pierre\Local Settings\Temporary Internet Files\Content.IE5\W7YJAZC5\ComboFix[1].exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Menu Démarrer\Live Safety Center.lnk C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.lnk C:\Documents and Settings\Pierre\Bureau\Live Safety Center.lnk C:\Documents and Settings\Pierre\Bureau\Online Security Guide.lnk C:\Documents and Settings\Pierre\Favoris\Online Security Guide.lnk . ((((((((((((((((((((((((((((( Fichiers créés 2007-10-24 to 2007-11-24 )))))))))))))))))))))))))))))))))))) . 2007-11-25 00:05 <REP> d-------- C:\VundoFix Backups 2007-11-24 23:40 <REP> d-------- C:\WINDOWS\ERUNT 2007-11-21 22:55 773,301 ---hs---- C:\WINDOWS\system32\cokhutja.ini 2007-11-21 22:49 80,960 --a------ C:\WINDOWS\system32\jairtkxh.dll 2007-11-21 22:44 71,232 --a------ C:\WINDOWS\system32\iibdngvc.exe 2007-11-20 22:09 <REP> d-------- C:\Program Files\VideoLAN 2007-11-20 19:45 826,963 ---hs---- C:\WINDOWS\system32\hobbtpyp.ini 2007-11-20 12:52 74,752 --a------ C:\WINDOWS\system32\gzmrotate.dll 2007-11-19 19:39 828,141 ---hs---- C:\WINDOWS\system32\lifdwahl.ini 2007-11-19 19:37 83,008 --a------ C:\WINDOWS\system32\kfatroup.dll 2007-11-18 10:13 4,180 --a------ C:\WINDOWS\system32\tmp.reg 2007-11-18 10:13 0 --a------ C:\WINDOWS\system32\tmp.txt 2007-11-18 09:27 71,232 --a------ C:\WINDOWS\system32\gavhtkaw.exe 2007-11-17 23:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier 2007-11-17 23:06 <REP> d-------- C:\WINDOWS\Internet Logs 2007-11-17 22:47 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau 2007-11-17 22:47 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression 2007-11-17 22:47 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles 2007-11-17 22:47 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents 2007-11-17 22:47 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer 2007-11-17 22:47 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris 2007-11-17 22:47 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau 2007-11-17 22:00 82,496 --a------ C:\WINDOWS\system32\qktfioqy.dll 2007-11-17 21:57 678,621 ---hs---- C:\WINDOWS\system32\pnovhclv.ini 2007-11-17 21:51 71,232 --a------ C:\WINDOWS\system32\muprcnnq.exe 2007-11-17 08:23 36,352 --a------ C:\WINDOWS\system32\hgghecd.dll 2007-11-16 21:33 143 --a------ C:\WINDOWS\system32\mcrh.tmp 2007-11-16 15:58 36,352 --a------ C:\WINDOWS\system32\fccywus.dll 2007-11-15 20:34 36,352 --a------ C:\WINDOWS\system32\rqrqqqo.dll 2007-11-11 21:54 <REP> d-------- C:\Documents and Settings\Photos\anniversaire mamie dd 2007 2007-11-11 16:53 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll 2007-11-11 13:07 <REP> d-------- C:\Documents and Settings\Pierre\Application Data\Zylom 2007-11-11 13:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom 2007-11-10 22:03 78,052 -ra------ C:\WINDOWS\system32\KOSHZ___.TTF 2007-11-10 22:03 71,324 -ra------ C:\WINDOWS\system32\KOSHB___.TTF 2007-11-10 22:03 69,592 -ra------ C:\WINDOWS\system32\KOSHI___.TTF 2007-11-10 22:03 64,764 -ra------ C:\WINDOWS\system32\KELTWI__.TTF 2007-11-10 22:03 62,668 -ra------ C:\WINDOWS\system32\KOSHR___.TTF 2007-11-10 22:03 61,540 -ra------ C:\WINDOWS\system32\KELTWBI_.TTF 2007-11-10 22:03 58,356 -ra------ C:\WINDOWS\system32\KELTWN__.TTF 2007-11-10 22:03 57,068 -ra------ C:\WINDOWS\system32\KELTWB__.TTF 2007-11-10 22:02 65,941 -ra------ C:\WINDOWS\system32\MLSEE.TTF 2007-11-10 22:02 65,155 -ra------ C:\WINDOWS\system32\MLSEG.TTF 2007-11-10 22:02 64,585 -ra------ C:\WINDOWS\system32\MLSEF.TTF 2007-11-10 22:02 63,892 -ra------ C:\WINDOWS\system32\MLSEH.TTF 2007-11-10 22:01 63,276 -ra------ C:\WINDOWS\system32\FLATBEBI.TTF 2007-11-10 22:01 61,636 -ra------ C:\WINDOWS\system32\FLATBEI_.TTF 2007-11-10 22:01 60,756 -ra------ C:\WINDOWS\system32\FLATBEB_.TTF 2007-11-10 22:01 57,972 -ra------ C:\WINDOWS\system32\FLATBEN_.TTF 2007-11-10 22:01 48,432 -ra------ C:\WINDOWS\system32\MLSJB.TTF 2007-11-10 21:53 75,520 -ra------ C:\WINDOWS\system32\VALHI___.TTF 2007-11-10 21:53 71,792 -ra------ C:\WINDOWS\system32\VALHN___.TTF 2007-11-10 21:53 70,784 -ra------ C:\WINDOWS\system32\VALHBI__.TTF 2007-11-10 21:53 67,884 -ra------ C:\WINDOWS\system32\VALHB___.TTF 2007-11-10 21:53 64,324 -ra------ C:\WINDOWS\system32\UPPERR__.TTF 2007-11-10 21:51 77,304 -ra------ C:\WINDOWS\system32\SNOWCAPS.TTF 2007-11-10 21:51 62,256 -ra------ C:\WINDOWS\system32\SCROI___.TTF 2007-11-10 21:51 59,680 -ra------ C:\WINDOWS\system32\SCROBI__.TTF 2007-11-10 21:51 56,620 -ra------ C:\WINDOWS\system32\SCRON___.TTF 2007-11-10 21:51 54,936 -ra------ C:\WINDOWS\system32\SCROB___.TTF 2007-11-10 21:51 41,248 -ra------ C:\WINDOWS\system32\SHADER__.TTF 2007-11-10 21:51 25,200 -ra------ C:\WINDOWS\system32\SLASHR__.TTF 2007-11-10 21:50 108,212 -ra------ C:\WINDOWS\system32\RASP____.TTF 2007-11-10 21:50 80,760 -ra------ C:\WINDOWS\system32\RASPI___.TTF 2007-11-10 21:50 65,692 -ra------ C:\WINDOWS\system32\MLSGY.TTF 2007-11-10 21:50 61,076 -ra------ C:\WINDOWS\system32\RACEI___.TTF 2007-11-10 21:50 59,092 -ra------ C:\WINDOWS\system32\RACEBI__.TTF 2007-11-10 21:50 54,620 -ra------ C:\WINDOWS\system32\RACEN___.TTF 2007-11-10 21:50 53,740 -ra------ C:\WINDOWS\system32\RACEB___.TTF 2007-11-10 21:50 41,528 -ra------ C:\WINDOWS\system32\PRAWNHN.TTF 2007-11-10 21:45 87,548 -ra------ C:\WINDOWS\system32\PALAN___.TTF 2007-11-10 21:45 86,644 -ra------ C:\WINDOWS\system32\PALAI___.TTF 2007-11-10 21:43 248,760 -ra------ C:\WINDOWS\system32\LINENSTR.TTF 2007-11-10 21:43 74,772 -ra------ C:\WINDOWS\system32\LIBEN___.TTF 2007-11-10 21:43 71,072 -ra------ C:\WINDOWS\system32\LIBEB___.TTF 2007-11-10 21:42 160,180 -ra------ C:\WINDOWS\system32\HOTTAML.TTF 2007-11-10 21:42 67,052 -ra------ C:\WINDOWS\system32\KEYSTR__.TTF 2007-11-10 21:42 56,276 -ra------ C:\WINDOWS\system32\HANDSLR.TTF 2007-11-10 21:40 60,208 -ra------ C:\WINDOWS\system32\FLETEBI_.TTF 2007-11-10 21:39 60,084 -ra------ C:\WINDOWS\system32\FLETBI__.TTF 2007-11-10 21:39 55,764 -ra------ C:\WINDOWS\system32\FLETB___.TTF 2007-11-10 21:39 42,548 -ra------ C:\WINDOWS\system32\ELMORE.TTF 2007-11-10 21:39 29,236 -ra------ C:\WINDOWS\system32\FAIRY.TTF 2007-11-10 21:38 64,360 -ra------ C:\WINDOWS\system32\MLSIG.TTF 2007-11-10 21:37 100,612 -ra------ C:\WINDOWS\system32\COWBOZ__.TTF 2007-11-10 21:37 94,096 -ra------ C:\WINDOWS\system32\COWBOI__.TTF 2007-11-10 21:37 89,432 -ra------ C:\WINDOWS\system32\COWBOB__.TTF 2007-11-10 21:37 83,036 -ra------ C:\WINDOWS\system32\COWBOR__.TTF 2007-11-10 21:36 57,304 -ra------ C:\WINDOWS\system32\MLSIY.TTF 2007-11-10 21:35 86,856 -ra------ C:\WINDOWS\system32\BARTI___.TTF 2007-11-10 21:35 84,576 -ra------ C:\WINDOWS\system32\BARTN___.TTF 2007-11-10 21:35 82,996 -ra------ C:\WINDOWS\system32\BARTBI__.TTF 2007-11-10 21:35 81,312 -ra------ C:\WINDOWS\system32\BARTB___.TTF 2007-11-10 21:35 73,688 -ra------ C:\WINDOWS\system32\BEESB___.TTF 2007-11-10 21:35 71,236 -ra------ C:\WINDOWS\system32\BEESN___.TTF 2007-11-10 21:35 59,904 -ra------ C:\WINDOWS\system32\BERNIZ__.TTF 2007-11-10 21:35 53,372 -ra------ C:\WINDOWS\system32\BERNIB__.TTF 2007-11-10 21:35 51,728 -ra------ C:\WINDOWS\system32\BERNII__.TTF 2007-11-10 21:35 47,004 -ra------ C:\WINDOWS\system32\BERNIR__.TTF 2007-11-10 21:34 87,388 -ra------ C:\WINDOWS\system32\AMAZZ___.TTF . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-21 21:55 85,056 ----a-w C:\WINDOWS\system32\ajtuhkoc.dll 2007-11-20 18:48 84,544 ----a-w C:\WINDOWS\system32\srbbabye.dll 2007-11-20 18:33 71,232 ----a-w C:\WINDOWS\system32\dqmamegg.exe 2007-11-20 16:34 40,733 ----a-w C:\WINDOWS\system32\rightonadz-uninst.exe 2007-11-19 18:31 71,232 ----a-w C:\WINDOWS\system32\dokbnvjg.exe 2007-11-18 20:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-11-18 10:56 --------- d-----w C:\Program Files\Trend Micro 2007-11-17 20:48 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Roxio 2007-11-17 07:47 --------- d-----w C:\Program Files\Boonty 2007-11-17 07:39 19,834 ----a-w C:\WINDOWS\Prefetch\vundo.exe 2007-11-16 16:52 79,875 ----a-w C:\WINDOWS\system32\adssite-remove.exe 2007-11-16 15:57 --------- d-----w C:\Documents and Settings\Pierre\Application Data\PlayFirst 2007-11-10 20:00 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-10-13 11:43 --------- d-----w C:\Program Files\iTunes 2007-10-13 11:43 --------- d-----w C:\Program Files\iPod 2007-10-13 11:41 --------- d-----w C:\Program Files\QuickTime 2007-10-13 11:38 --------- d-----w C:\Program Files\Fichiers communs\Apple 2007-10-13 11:36 --------- d-----w C:\Program Files\Apple Software Update 2007-10-13 11:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2007-10-12 13:55 --------- d-----w C:\Program Files\Fichiers communs\xing shared 2007-09-30 20:19 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-09-30 18:35 25,839,688 ----a-w C:\Documents and Settings\COMPTABILITE\wmp11-windowsxp-x86-FR-FR.exe 2007-09-14 12:24 364 ----a-w C:\drmHeader.bin 2007-09-11 18:01 39,881 ----a-w C:\WINDOWS\system32\gzmrot-uninst.exe 2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr . ((((((((((((((((((((((((((((( snapshot@2007-11-22_20.32.01.50 ))))))))))))))))))))))))))))))))))))))))) . + 2007-11-23 12:11:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2007-11-24 22:40:40 5,910,528 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\ntuser.dat + 2007-11-24 22:40:41 245,760 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2007-11-23 12:11:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2007-11-24 22:40:27 5,910,528 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\ntuser.dat + 2007-11-24 22:40:27 245,760 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat + 2007-11-24 23:29:43 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_694.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1EDB33D7-144C-449B-9E9B-E1F1FE1F1AF4}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6447127D-35D2-4B3A-B728-26D27D243A33}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4}] 2007-11-20 12:52 74752 --a------ C:\WINDOWS\system32\gzmrotate.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E898F6E2-A987-401F-BB82-285C34ACC66F}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2005-09-22 06:36 C:\WINDOWS\RTHDCPL.exe] "NvCplDaemon"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [2005-12-10 03:06 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 17:35] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50] "Sunkist2k"="C:\Program Files\Multimedia Card Reader\shwicon2k.exe" [2004-09-03 17:16] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43] "RoxioEngineUtility"="C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" [2003-05-01 17:44] "RoxioDragToDisc"="C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2003-07-16 23:19] "RoxioAudioCentral"="C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" [2003-07-15 11:36] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06] "Adobe Photo Downloader"="C:\Program Files\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 00:18] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-10-12 14:54] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 13:42] "hid_start"="C:\WINDOWS\System32\Rundll32.exe" [2004-08-05 13:00] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-03-26 20:54:21] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 21:05:56] R1 DVDVRRdr_xp;DVDVRRdr_xp;C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys R3 PAC207;SoC PC-Camera Beta3;C:\WINDOWS\system32\DRIVERS\pfc027.sys R3 SunkFilt62;Alcor Micro Corp - 6362;\??\C:\WINDOWS\System32\Drivers\sunkfilt62.sys S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\MAGIX\Common\Database\bin\fbserver.exe S3 netrcacm;RCA USB Digital Cable Modem Driver;C:\WINDOWS\system32\DRIVERS\netrcacm.sys S3 SunkFilt6;Alcor Micro Corp - 6360;\??\C:\WINDOWS\System32\Drivers\sunkfilt6.sys S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-11-16 16:22:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-25 00:46:59 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-25 0:47:24 C:\ComboFix2.txt ... 2007-11-22 20:32 . --- E O F --- Qu'en penses-tu ? Suis-je guérie ? pour l'instant les virus ne se manifestent pas...sont-ils éradiqués ???

merci. alors le rapport SDFix SDFix: Version 1.115 Run by Pierre on 24/11/2007 at 23:43 Microsoft Windows XP [version 5.1.2600] Running From: C:\DOCUME~1\Pierre\Bureau\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: Trojan Files Found: C:\X.DAT - Deleted C:\Z.DAT - Deleted C:\Documents and Settings\Pierre\x.dat - Deleted C:\Documents and Settings\Pierre\z.dat - Deleted C:\Documents and Settings\Pierre\f.exe - Deleted C:\n.bat - Deleted C:\winlogon.exe - Deleted x.dat and z.dat data copied to \SDFix\Data.txt Folder C:\WINDOWS\Fonts\' - Removed Removing Temp Files... ADS Check: C:\WINDOWS No streams found. et le Hitjackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:00:06, on 25/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Photoshop Elements 4.0\apdproxy.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1EDB33D7-144C-449B-9E9B-E1F1FE1F1AF4} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {6447127D-35D2-4B3A-B728-26D27D243A33} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\ykszykbj.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: optimizer by rightonadz - {AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4} - C:\WINDOWS\system32\gzmrotate.dll O2 - BHO: (no name) - {E898F6E2-A987-401F-BB82-285C34ACC66F} - (no file) O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar1.01.2607.0\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\ykszykbj.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [hid_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrotate.dll" DllVerify O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://www.stylist4all.com/IE20020716/save/makeover.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://rozo78.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/NET/Import/ImageUploader4.cab O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.fr/downloads/BUM/B..._1/axofupld.cab O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://62.201.137.56/mmawap/jsp/composer/p...r/mmsPlayer.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab O20 - Winlogon Notify: ykszykbj - C:\WINDOWS\SYSTEM32\ykszykbj.dll O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 9627 bytes je passe à l'étape vundoFix....à toute à l'heure !!! )

UP

voici : MSNFix 1.588 C:\Documents and Settings\Pierre\Bureau\MSNFix Fix exécuté le 22/11/2007 - 19:59:39,42 By Pierre mode normal ************************ Recherche les fichiers présents ... C:\WINDOWS\b???.exe ... C:\WINDOWS\cookies.ini ... C:\WINDOWS\mrofinu*.exe ... C:\WINDOWS\mrofinu*.exe.tmp ************************ MSNCHK ***** /!\ beta test /!\ ************************ Recherche les dossiers présents ... C:\PROGRA~1\\ISM2\ ... C:\Temp\ ************************ Suppression des fichiers .. OK ... C:\WINDOWS\b???.exe .. OK ... C:\WINDOWS\cookies.ini .. OK ... C:\WINDOWS\mrofinu*.exe .. OK ... C:\WINDOWS\mrofinu*.exe.tmp ************************ Suppression des dossiers .. OK ... C:\PROGRA~1\\ISM2\ .. OK ... C:\Temp\ ************************ Nettoyage du registre ************************ Fichiers suspects /!\ ces fichiers nécessitent un avis expérimenté avant toute intervention [C:\winlogon.exe] A3879EADB0B106DC79941FF124DCA9E2 [C:\Documents and Settings\Pierre\f.exe] 52B1C318B141C2D684CDF7C2D303FD5D ==> SVP merci d'envoyer le fichier C:\DOCUME~1\Pierre\Bureau\Upload_Me.zip sur http://upload.changelog.fr Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 22112007_20091100.zip ------------------------------------------------------------------------ Auteur : !aur3n7 Contact: http://changelog.fr ------------------------------------------------------------------------ --------------------------------------------- END --------------------------------------------- et puis : ComboFix 07-11-19.3 - Pierre 2007-11-22 20:16:42.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.535 [GMT 1:00] Running from: C:\Documents and Settings\Pierre\Local Settings\Temporary Internet Files\Content.IE5\IHY3MNCD\ComboFix[1].exe * Created a new restore point . Incapable d'obtenir les privilèges Système (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Administrateur\Bureau\Live Safety Center.lnk C:\Documents and Settings\Administrateur\Bureau\Online Security Guide.lnk C:\Documents and Settings\Administrateur\Favoris\Online Security Guide.lnk C:\Documents and Settings\All Users\Bureau\webmediaplayer.lnk C:\Documents and Settings\All Users\Menu Démarrer\Live Safety Center.lnk C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\WebMediaPlayer C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\WebMediaPlayer\Conditions générales.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\WebMediaPlayer\Confidentialité.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\WebMediaPlayer\WebMediaPlayer.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\WebMediaPlayer\Website.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Conditions générales.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Confidentialité.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\WebMediaPlayer.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Website.lnk C:\Documents and Settings\Pierre\Application Data\install_fr[1].exe C:\Documents and Settings\Pierre\Bureau\Live Safety Center.lnk C:\Documents and Settings\Pierre\Bureau\Online Security Guide.lnk C:\Documents and Settings\Pierre\Favoris\Online Security Guide.lnk C:\Program Files\webmediaplayer C:\Program Files\webmediaplayer\Conditions générales.url C:\Program Files\webmediaplayer\Confidentialité.url C:\Program Files\webmediaplayer\resources\languages_v2.xml C:\Program Files\webmediaplayer\resources\webmedias C:\Program Files\webmediaplayer\skins\classic.skn C:\Program Files\webmediaplayer\sqlite3.dll C:\Program Files\webmediaplayer\uninst.exe C:\Program Files\webmediaplayer\Website.url C:\WINDOWS\pack.epk C:\WINDOWS\system32\__c00385E6.dat C:\WINDOWS\system32\__c00560A9.dat C:\WINDOWS\system32\__c0066471.dat C:\WINDOWS\system32\__c006BF9E.dat C:\WINDOWS\system32\__c006E4BC.dat C:\WINDOWS\system32\__c0070814.dat C:\WINDOWS\system32\__c0092BD6.dat C:\WINDOWS\system32\__c0098640.dat C:\WINDOWS\system32\__c009CB24.dat C:\WINDOWS\system32\__c009FB62.dat C:\WINDOWS\system32\ddayw.dll C:\WINDOWS\system32\egzncxfts_navtmp.dat C:\WINDOWS\system32\huqbwtsr.dll C:\WINDOWS\system32\idatwatw.dll C:\WINDOWS\system32\kejpwuyi.dll C:\WINDOWS\system32\kvkqhtke.dll C:\WINDOWS\system32\lsjgffmg.dll C:\WINDOWS\system32\lxcnsmxm.dll C:\WINDOWS\system32\mdmuacng.dll C:\WINDOWS\system32\mrkppvau.dll C:\WINDOWS\system32\nsdED.dll C:\WINDOWS\system32\pac.txt C:\WINDOWS\system32\prrthywr.dll C:\WINDOWS\system32\rifrfocr.dll C:\WINDOWS\system32\spniqcki.dat C:\WINDOWS\system32\spniqcki.exe C:\WINDOWS\system32\spniqcki_nav.dat C:\WINDOWS\system32\spniqcki_navps.dat C:\WINDOWS\system32\spniqcki_navup.dat C:\WINDOWS\system32\wkvqqzvq.dllbox C:\WINDOWS\system32\wqovxlcn.dll C:\WINDOWS\system32\wyadd.bak1 C:\WINDOWS\system32\wyadd.bak2 C:\WINDOWS\system32\wyadd.ini C:\WINDOWS\system32\xqosgjco.dll C:\WINDOWS\system32\ykszykbj.dllbox . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_DOMAINSERVICE -------\LEGACY_WINDOWS_LOG -------\DomainService ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-22 to 2007-11-22 )))))))))))))))))))))))))))))))))))) . 2007-11-22 20:15 145,984 --a------ C:\WINDOWS\system32\ykszykbj.dll 2007-11-22 20:14 145,984 --a------ C:\WINDOWS\system32\gymycrtp.dll 2007-11-21 22:55 773,301 ---hs---- C:\WINDOWS\system32\cokhutja.ini 2007-11-21 22:49 80,960 --a------ C:\WINDOWS\system32\jairtkxh.dll 2007-11-21 22:44 71,232 --a------ C:\WINDOWS\system32\iibdngvc.exe 2007-11-20 22:09 <REP> d-------- C:\Program Files\VideoLAN 2007-11-20 19:45 826,963 ---hs---- C:\WINDOWS\system32\hobbtpyp.ini 2007-11-20 12:52 74,752 --a------ C:\WINDOWS\system32\gzmrotate.dll 2007-11-19 19:39 828,141 ---hs---- C:\WINDOWS\system32\lifdwahl.ini 2007-11-19 19:37 83,008 --a------ C:\WINDOWS\system32\kfatroup.dll 2007-11-18 10:13 4,180 --a------ C:\WINDOWS\system32\tmp.reg 2007-11-18 10:13 0 --a------ C:\WINDOWS\system32\tmp.txt 2007-11-18 10:12 <REP> d-------- C:\Documents and Settings\administratif\SmitfraudFix 2007-11-18 09:33 679,065 ---hs---- C:\WINDOWS\system32\xygvhbhl.ini 2007-11-18 09:27 71,232 --a------ C:\WINDOWS\system32\gavhtkaw.exe 2007-11-17 23:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier 2007-11-17 23:09 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2007-11-17 23:06 <REP> d-------- C:\WINDOWS\Internet Logs 2007-11-17 22:59 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-11-17 22:47 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau 2007-11-17 22:47 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression 2007-11-17 22:47 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles 2007-11-17 22:47 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents 2007-11-17 22:47 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer 2007-11-17 22:47 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris 2007-11-17 22:47 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau 2007-11-17 22:00 82,496 --a------ C:\WINDOWS\system32\qktfioqy.dll 2007-11-17 21:57 678,621 ---hs---- C:\WINDOWS\system32\pnovhclv.ini 2007-11-17 21:51 71,232 --a------ C:\WINDOWS\system32\muprcnnq.exe 2007-11-17 08:23 36,352 --a------ C:\WINDOWS\system32\hgghecd.dll 2007-11-16 21:33 143 --a------ C:\WINDOWS\system32\mcrh.tmp 2007-11-16 15:59 40,960 --a------ C:\Documents and Settings\Pierre\f.exe 2007-11-16 15:58 36,352 --a------ C:\WINDOWS\system32\fccywus.dll 2007-11-15 20:34 36,352 --a------ C:\WINDOWS\system32\rqrqqqo.dll 2007-11-15 07:48 39,918 --a------ C:\Documents and Settings\Pierre\z.dat 2007-11-15 07:48 37,465 --a------ C:\Documents and Settings\Pierre\x.dat 2007-11-15 07:48 0 --a------ C:\z.dat 2007-11-15 07:48 0 --a------ C:\x.dat 2007-11-11 21:54 <REP> d-------- C:\Documents and Settings\Photos\anniversaire mamie dd 2007 2007-11-11 16:53 120 --a------ C:\n.bat 2007-11-11 16:49 172,032 --a------ C:\winlogon.exe 2007-11-11 13:07 <REP> d-------- C:\Documents and Settings\Pierre\Application Data\Zylom 2007-11-11 13:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom 2007-11-10 22:03 78,052 -ra------ C:\WINDOWS\system32\KOSHZ___.TTF 2007-11-10 22:03 71,324 -ra------ C:\WINDOWS\system32\KOSHB___.TTF 2007-11-10 22:03 69,592 -ra------ C:\WINDOWS\system32\KOSHI___.TTF 2007-11-10 22:03 64,764 -ra------ C:\WINDOWS\system32\KELTWI__.TTF 2007-11-10 22:03 62,668 -ra------ C:\WINDOWS\system32\KOSHR___.TTF 2007-11-10 22:03 61,540 -ra------ C:\WINDOWS\system32\KELTWBI_.TTF 2007-11-10 22:03 58,356 -ra------ C:\WINDOWS\system32\KELTWN__.TTF 2007-11-10 22:03 57,068 -ra------ C:\WINDOWS\system32\KELTWB__.TTF 2007-11-10 22:02 65,941 -ra------ C:\WINDOWS\system32\MLSEE.TTF 2007-11-10 22:02 65,155 -ra------ C:\WINDOWS\system32\MLSEG.TTF 2007-11-10 22:02 64,585 -ra------ C:\WINDOWS\system32\MLSEF.TTF 2007-11-10 22:02 63,892 -ra------ C:\WINDOWS\system32\MLSEH.TTF 2007-11-10 22:01 63,276 -ra------ C:\WINDOWS\system32\FLATBEBI.TTF 2007-11-10 22:01 61,636 -ra------ C:\WINDOWS\system32\FLATBEI_.TTF 2007-11-10 22:01 60,756 -ra------ C:\WINDOWS\system32\FLATBEB_.TTF 2007-11-10 22:01 57,972 -ra------ C:\WINDOWS\system32\FLATBEN_.TTF 2007-11-10 22:01 48,432 -ra------ C:\WINDOWS\system32\MLSJB.TTF 2007-11-10 21:54 100,828 -ra------ C:\WINDOWS\system32\WAYOT___.TTF 2007-11-10 21:54 55,424 -ra------ C:\WINDOWS\system32\WESTATE_.TTF 2007-11-10 21:54 35,156 -ra------ C:\WINDOWS\system32\WOLFGC.TTF 2007-11-10 21:51 77,304 -ra------ C:\WINDOWS\system32\SNOWCAPS.TTF 2007-11-10 21:51 62,256 -ra------ C:\WINDOWS\system32\SCROI___.TTF 2007-11-10 21:51 59,680 -ra------ C:\WINDOWS\system32\SCROBI__.TTF 2007-11-10 21:51 56,620 -ra------ C:\WINDOWS\system32\SCRON___.TTF 2007-11-10 21:51 54,936 -ra------ C:\WINDOWS\system32\SCROB___.TTF 2007-11-10 21:51 41,248 -ra------ C:\WINDOWS\system32\SHADER__.TTF 2007-11-10 21:51 25,200 -ra------ C:\WINDOWS\system32\SLASHR__.TTF 2007-11-10 21:50 108,212 -ra------ C:\WINDOWS\system32\RASP____.TTF 2007-11-10 21:50 80,760 -ra------ C:\WINDOWS\system32\RASPI___.TTF 2007-11-10 21:50 65,692 -ra------ C:\WINDOWS\system32\MLSGY.TTF 2007-11-10 21:50 61,076 -ra------ C:\WINDOWS\system32\RACEI___.TTF 2007-11-10 21:50 59,092 -ra------ C:\WINDOWS\system32\RACEBI__.TTF 2007-11-10 21:50 54,620 -ra------ C:\WINDOWS\system32\RACEN___.TTF 2007-11-10 21:50 53,740 -ra------ C:\WINDOWS\system32\RACEB___.TTF 2007-11-10 21:50 41,528 -ra------ C:\WINDOWS\system32\PRAWNHN.TTF 2007-11-10 21:45 87,548 -ra------ C:\WINDOWS\system32\PALAN___.TTF 2007-11-10 21:45 86,644 -ra------ C:\WINDOWS\system32\PALAI___.TTF 2007-11-10 21:43 248,760 -ra------ C:\WINDOWS\system32\LINENSTR.TTF 2007-11-10 21:43 74,772 -ra------ C:\WINDOWS\system32\LIBEN___.TTF 2007-11-10 21:43 71,072 -ra------ C:\WINDOWS\system32\LIBEB___.TTF 2007-11-10 21:42 160,180 -ra------ C:\WINDOWS\system32\HOTTAML.TTF 2007-11-10 21:42 67,052 -ra------ C:\WINDOWS\system32\KEYSTR__.TTF 2007-11-10 21:42 56,276 -ra------ C:\WINDOWS\system32\HANDSLR.TTF 2007-11-10 21:40 60,208 -ra------ C:\WINDOWS\system32\FLETEBI_.TTF 2007-11-10 21:39 60,084 -ra------ C:\WINDOWS\system32\FLETBI__.TTF 2007-11-10 21:39 55,764 -ra------ C:\WINDOWS\system32\FLETB___.TTF 2007-11-10 21:39 42,548 -ra------ C:\WINDOWS\system32\ELMORE.TTF 2007-11-10 21:39 29,236 -ra------ C:\WINDOWS\system32\FAIRY.TTF 2007-11-10 21:38 64,360 -ra------ C:\WINDOWS\system32\MLSIG.TTF 2007-11-10 21:37 100,612 -ra------ C:\WINDOWS\system32\COWBOZ__.TTF 2007-11-10 21:37 94,096 -ra------ C:\WINDOWS\system32\COWBOI__.TTF 2007-11-10 21:37 89,432 -ra------ C:\WINDOWS\system32\COWBOB__.TTF 2007-11-10 21:37 83,036 -ra------ C:\WINDOWS\system32\COWBOR__.TTF 2007-11-10 21:36 57,304 -ra------ C:\WINDOWS\system32\MLSIY.TTF 2007-11-10 21:35 86,856 -ra------ C:\WINDOWS\system32\BARTI___.TTF 2007-11-10 21:35 84,576 -ra------ C:\WINDOWS\system32\BARTN___.TTF 2007-11-10 21:35 82,996 -ra------ C:\WINDOWS\system32\BARTBI__.TTF . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-18 20:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-11-18 10:56 --------- d-----w C:\Program Files\Trend Micro 2007-11-17 20:48 --------- d-----w C:\Documents and Settings\Pierre\Application Data\Roxio 2007-11-17 07:47 --------- d-----w C:\Program Files\Boonty 2007-11-16 15:57 --------- d-----w C:\Documents and Settings\Pierre\Application Data\PlayFirst 2007-11-10 20:00 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-10-13 11:43 --------- d-----w C:\Program Files\iTunes 2007-10-13 11:43 --------- d-----w C:\Program Files\iPod 2007-10-13 11:41 --------- d-----w C:\Program Files\QuickTime 2007-10-13 11:38 --------- d-----w C:\Program Files\Fichiers communs\Apple 2007-10-13 11:36 --------- d-----w C:\Program Files\Apple Software Update 2007-10-13 11:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2007-10-12 13:55 --------- d-----w C:\Program Files\Fichiers communs\xing shared 2007-09-30 20:19 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-09-30 18:35 25,839,688 ----a-w C:\Documents and Settings\COMPTABILITE\wmp11-windowsxp-x86-FR-FR.exe 2007-09-26 18:48 --------- d-----w C:\Program Files\PKR 2007-09-14 12:24 364 ----a-w C:\drmHeader.bin . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1D093DA7-A70D-478D-8388-6A320F4682F8}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1EDB33D7-144C-449B-9E9B-E1F1FE1F1AF4}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6447127D-35D2-4B3A-B728-26D27D243A33}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9C8A568E-4201-478a-8536-526CF371D2E2}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}] 2007-11-22 20:15 145984 --a------ C:\WINDOWS\system32\ykszykbj.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4}] 2007-11-20 12:52 74752 --a------ C:\WINDOWS\system32\gzmrotate.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E898F6E2-A987-401F-BB82-285C34ACC66F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\WINDOWS\system32\ykszykbj.dll [2007-11-22 20:15 145984] [HKEY_CLASSES_ROOT\clsid\{11a69ae4-fbed-4832-a2bf-45af82825583}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2005-09-22 06:36 C:\WINDOWS\RTHDCPL.exe] "NvCplDaemon"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [2005-12-10 03:06 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 17:35] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50] "Sunkist2k"="C:\Program Files\Multimedia Card Reader\shwicon2k.exe" [2004-09-03 17:16] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43] "RoxioEngineUtility"="C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" [2003-05-01 17:44] "RoxioDragToDisc"="C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2003-07-16 23:19] "RoxioAudioCentral"="C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" [2003-07-15 11:36] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06] "Adobe Photo Downloader"="C:\Program Files\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 00:18] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-10-12 14:54] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 13:42] "hid_start"="C:\WINDOWS\System32\Rundll32.exe" [2004-08-05 13:00] "combofix"="C:\WINDOWS\system32\cmd.exe" [2004-08-05 13:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "combofix"="C:\WINDOWS\system32\cmd.exe" [2004-08-05 13:00] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ykszykbj] ykszykbj.dll 2007-11-22 20:15 145984 C:\WINDOWS\system32\ykszykbj.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\WINDOWS\system32\ddayw.dll R1 DVDVRRdr_xp;DVDVRRdr_xp;C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys R3 PAC207;SoC PC-Camera Beta3;C:\WINDOWS\system32\DRIVERS\pfc027.sys R3 SunkFilt62;Alcor Micro Corp - 6362;\??\C:\WINDOWS\System32\Drivers\sunkfilt62.sys S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\MAGIX\Common\Database\bin\fbserver.exe S3 netrcacm;RCA USB Digital Cable Modem Driver;C:\WINDOWS\system32\DRIVERS\netrcacm.sys S3 SunkFilt6;Alcor Micro Corp - 6360;\??\C:\WINDOWS\System32\Drivers\sunkfilt6.sys S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2007-11-16 16:22:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-22 20:28:19 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... C:\WINDOWS\system32\ykszykbj.dllbox 20810 bytes scan completed successfully hidden files: 1 ************************************************************************** . Completion time: 2007-11-22 20:32:48 - machine was rebooted . --- E O F ---

aidez moi svp, c'est de pire en pire

personne pour m'aider ?

et voici mon rapport Hijack Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:56:22, on 18/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\muprcnnq.exe C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Photoshop Elements 4.0\apdproxy.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\mrofinu1188.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\Rundll32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar1.01.2607.0\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\yzuyavhh.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe O4 - HKLM\..\Run: [hid_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrotate.dll" DllVerify O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1188.exe 61A847B5BBF72813339330466188719AB689201522886B092CBD44BD8689220221DD3257 O4 - HKLM\..\Run: [cc1b0c41] rundll32.exe "C:\WINDOWS\system32\lhbhvgyx.dll",b O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://www.stylist4all.com/IE20020716/save/makeover.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://rozo78.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/NET/Import/ImageUploader4.cab O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.fr/downloads/BUM/B..._1/axofupld.cab O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://62.201.137.56/mmawap/jsp/composer/p...r/mmsPlayer.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0092BD6.dat O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: DomainService - - C:\WINDOWS\system32\muprcnnq.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 9083 bytes