GLH

Bonjour, Suite à la résolution d'un problème de Spyware avec l'aide de Bruce Lee sur votre forum, je viens de découvrir que je ne peux plus visionner la majorité de mes WEBTV avec Media Player (version 11). Exemple: FRANCE24 (mms://live.france24.com/france24_fr.wsx) J'ai le message d'erreur suivant : Le Lecteur Windows Media ne peut pas lire le fichier parce que le protocole spécifié n'est pas pris en charge. Une des seules WEBTV dans ma liste que je suis encore capable de visionner avec Windows Media Player est : http://195.10.10.104:80/canal7tv/live.asf Avec ADSL TV tout fonctionne bien. J'utilise ZONEALARM comme pare-feu dans lequel j'ai fait un peu (peut-être trop) de ménage. Quoique même en le désactivant j'ai le même problème. Pouvez-vous m'aider ? Merci. GLH Résolu car j'ai réinstallé Windows Media Player et ça fonctionne. Merci quqnd même.

Bonjour Bruce Lee Question marquée en résolu. Merci pour votre grande expertise. Au plaisir, GLH

Bonjour Bruce Lee, Effectivement, je n'ai plus de problème de Spyware. Toutefois, j'ai découvert que je ne pouvais plus visionner la majorité de mes WEBTV avec Media Player (version 11). Exemple: FRANCE24 (mms://live.france24.com/france24_fr.wsx) J'ai le message d'erreur suivant : Le Lecteur Windows Media ne peut pas lire le fichier parce que le protocole spécifié n'est pas pris en charge. Une des seules WEBTV dans ma liste que je suis encore capable de visionner avec Windows Media Player est : http://195.10.10.104:80/canal7tv/live.asf Avec ADSL TV tout fonctionne bien. J'utilise ZONEALARM comme pare-feu dans lequel j'ai fait un peu (peut-être trop) de ménage. Pouvez-vous m'aider ou dois-je transmettre ma question dans une autre section du forum? Merci. GLH GLH

Bonjour, Tout est OK. Merci grandement pour tout. GLH

Bonjour Bruce Lee, Après avoir désactivé et réactivé la restauration du système, voici le nouveau rapport avec Kaspersky. Merci encore, GLH ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Saturday, December 01, 2007 10:37:51 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 1/12/2007 Kaspersky Anti-Virus database records: 469768 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ E:\ F:\ G:\ H:\ I:\ Scan Statistics: Total number of scanned objects: 61235 Number of viruses found: 1 Number of infected objects: 1 Number of suspicious objects: 0 Duration of the scan process: 00:50:42 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS03756668-D360-4B67-9E8C-82BB48C80E45.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS0614384B-4A92-481A-8404-244C810D388A.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS0BA0E4BB-44CB-4DED-9C6D-692E4F979229.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS162EA091-1EBF-4F2D-AAC1-2C639EC21F6C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS175917BA-9293-4A1D-B0AF-48D05C55C5E9.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS1C7FA165-22AA-405E-A90A-2CF7FCBE65F7.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS2061A003-0BA4-45F6-B8DB-F19CAA54525D.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS210BDC7B-234E-49DC-978D-4F413137EF80.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS225CA980-B350-42E9-A144-8F6DDD861166.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS235F488C-E66C-43D0-A769-21FB77FE95BE.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS32B9EC42-1987-4802-8324-FA53693EB093.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS32E890FD-8B1C-46D1-9F9E-0B2CF886CBBE.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3815AE46-B04B-445C-8A12-07CE175E7C95.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS382415F3-9506-47EC-A390-63758AFF0A7B.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS399BEE66-1517-433D-B105-ADF0330F6F2C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3BAFCCB8-A119-43C3-90F5-E613836F1460.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3D65B2EB-F120-48F3-9146-2FD15AF33E5F.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS4424C565-969B-461E-BEB4-D1067A46C800.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS49E713DE-AE9B-4126-AA06-5465093196AD.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS4A1D1418-72DC-4CAD-B8FC-C28B2312F2F1.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS4A51AE42-3D60-47BF-A34F-CDC765881D05.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS4B53E3BC-DC03-402C-ACFA-39722450EFE4.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS4E25AD99-0A1D-4B54-880C-8F37383D9F4E.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS4E72C8F8-83BC-41FC-83CC-BB5D9C212768.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS4F9E7405-48C4-420B-97C2-AEEAF2654361.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS51E71FDA-8AF1-4C7C-9A65-60061A321A60.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS54D4A8BD-FB3C-486E-A35B-34132A37628C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS5A041781-169F-4A0D-9474-9378F9D87DA6.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS5B716A8E-51FD-4523-A1BE-74ED698FFFA0.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS5BA48E59-61BE-49DD-852D-C20054FBEFEA.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS5BDB5542-7A62-44B7-BBE1-6FB3306651F2.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS5F03B57F-9EBA-471E-BE52-03DB924BB22D.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS60374A71-70C7-4004-B1BF-8388364B83BB.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS67BAEA1C-48DA-40CE-AD16-7F21F6D7ACD2.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS67D47C49-F2D7-43F4-8CB5-EA6832677CF0.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS6ADAF457-D465-4B9F-AC9C-A59194E1A732.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7044DEEC-DD7F-4AFE-813E-BE4D14085CD4.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS75F5AB30-C53A-4C52-94F4-D3D9D476BFE9.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS78A565F1-A24A-45BC-8CFB-2E4EEC13B78A.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS794FFB04-798A-42DF-9D96-76D1B300F8EB.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7B25672A-F5D5-4F3D-A327-BB64C6AD8931.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7CC080ED-9E4F-49C1-A371-9E13CBEEFD03.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7E4425DA-F38C-4F46-83F4-1408CBD2364D.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS825B439A-8CEB-42A4-991A-F62E7328C667.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS829C409F-E519-4383-8665-C84EFD4F9441.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS884E3BBF-F911-4474-8624-BB6620DC5AA9.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS89C875D7-AA97-4A03-8693-E214E24F83BB.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS89DCCFB1-9C6E-4B65-A8A7-23BFDF2B7993.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS8C983074-FB8C-4DF5-A886-0E91D125FAF4.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS8FCB43C4-4BED-4415-846B-D8879F988A98.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS8FFFDFCA-E104-4B03-A826-FBA6882CFFA9.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS910C42DF-9CD9-4CBE-B5BC-BAF14663E480.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS91BA6792-E6C6-4EE0-9D8A-D6375F1B4F1B.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS9B38D1E7-50FC-4DBB-9292-4584406F2E89.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS9CF27C11-D468-4560-AB16-249E66131C08.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA1135191-0532-4300-9F12-F0A8B2A93B06.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA294E8DB-E145-48A3-8614-1FA53C1F5422.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA4A2A02D-E814-49B4-97F1-49B4AC2C9131.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSAD4E3355-90EB-4C0B-BBB4-303E17F3D187.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSAE07C0C3-A3DC-45D6-95A1-FE3901032E28.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSAF559A32-BD84-4788-B08D-B11DC46EF1F3.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSB8D9ACDE-3D8A-47A2-95A2-079DD7ED77D0.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSBE1AAA45-AC13-4BF9-A77E-8E9A00A70A87.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC0E39DE3-138C-453D-B220-610934F39B63.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC30D2486-EC7D-491B-B244-B49C9398069E.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC8C74C7B-EFB2-4A84-8239-F8A44B011055.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSCDF91E6C-18E9-4B41-830E-16D526BD4EB0.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSD01AB645-5A5E-470F-B0B2-6C79C49D40F0.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSD4EF4544-7FF0-4A9B-BA96-39BDFAEB7EDC.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSD68BA0EB-A73F-4B4D-922F-4F96306E3BA1.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSD7319950-F09E-4569-84EC-0AD6390D3DE3.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSDA706142-6FEC-4C1F-BCE1-DA3794561EBE.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSDB4AD9F0-C3C9-47D9-B366-F6F6AAE4F6EF.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSDB9EB0FF-1C0F-454C-8FD7-D272261312D4.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSDE48A6EE-FCF4-484D-98EF-A4D6F979043C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE2FD7415-676E-4B77-B093-3DD1DE7139E3.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE333AE0B-C0F6-4077-A585-8D1C0F817464.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE5EDEAFF-82D1-4BF2-8611-FD43DDCAFE4A.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE60BAB1A-853C-419D-9D76-54A04F118DE8.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE85F25CF-DE5E-4B05-8774-0D5F7B02CB24.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSEA7B71B5-7BD8-4965-9124-E3ABF7469FBD.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSEF0F34D4-F752-4AEF-B50E-00327F7115D1.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSF09BC50E-FB73-494A-87E4-8818575ECA23.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSF127B83C-A0B7-4F5C-8BDF-82635300788C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSF379313F-4F7A-4871-B268-BE68E43CBB88.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSF8438554-49D7-42DF-BF4C-9C371E007010.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSFBA49D12-EB81-4069-B7BB-D8378837EEE3.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSFDF3CC49-7F6B-4ACF-9C94-CEB7A0FC4EEC.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSFFCE24B5-FD6D-4CE1-8B8A-7CE3F3BD29EA.tmp Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT.LOG Object is locked skipped C:\Documents and Settings\profil1\Application Data\AVG7\Log\emc.log Object is locked skipped C:\Documents and Settings\profil1\Application Data\Webroot\Spy Sweeper\Logs71201081744.ses Object is locked skipped C:\Documents and Settings\profil1\Cookies\index.dat Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Historique\History.IE5\MSHist012007120120071202\index.dat Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\profil1\NTUSER.DAT Object is locked skipped C:\Documents and Settings\profil1\NTUSER.DAT.LOG Object is locked skipped C:\Program Files\HP\hpcoretech\hpcmerr.log Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\masters.bak Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\masters.mst Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters.base Object is locked skipped C:\RECYCLER\S-1-5-21-2550433394-552794737-1191653178-500\Dc1.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP405\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped C:\WINDOWS\Internet Logs\GÉRALD.ldb Object is locked skipped C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped C:\WINDOWS\Prefetch\layout.ini Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\ZLT063c7.TMP Object is locked skipped C:\WINDOWS\Temp\ZLT063cb.TMP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.

Rebonjour, Voici le nouveau rapport. Je suis déçu car j'ai trouvé le moyen d'attraper 2 autres virus... Merci grandement, GLH ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Friday, November 30, 2007 4:17:53 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 30/11/2007 Kaspersky Anti-Virus database records: 469593 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ E:\ F:\ G:\ H:\ I:\ Scan Statistics: Total number of scanned objects: 61177 Number of viruses found: 2 Number of infected objects: 2 Number of suspicious objects: 0 Duration of the scan process: 00:49:56 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS0272BDD7-D85A-46DF-8A98-9E8731DE97E9.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS077CD181-2768-457F-A4F4-E582514D2989.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS08A77DED-A871-4D53-9512-CD967886562F.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS098333B1-101D-49C9-BF28-22FDE2C47429.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS09B9119A-728E-49F4-99F6-78D2B26B751C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS0AB407E7-A7CD-4331-B193-6F6E8363B30F.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS0FC960ED-9EC8-4646-A7ED-058A246CF750.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS111BCA41-11A3-45CC-9B8F-440C67360979.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS16B06F6B-1D78-4B91-B50A-25085FD981B6.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS1A82DBDB-3FDF-4902-B461-982863B87035.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS1E9EBC02-AE6D-4712-A239-DF7695D85DA3.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS222279B0-A9BF-46F6-AFB9-609D92C920ED.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS23FF153E-F107-4083-BF65-D21BF6C6F7AF.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS26931AE9-B168-41FA-8837-BB118B21A04E.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS270DE171-E751-4258-92C8-FCC896234696.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS293678C7-4085-4256-A379-8DFA8707F41B.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS2A93EE83-53B8-4A86-85B2-2733CFC9BE6F.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS2AC42BA2-0264-4443-8CDC-D90F168392C7.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS2B681DA3-14DE-4BE8-B9AD-2465EA3E1035.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS2CB9D6F6-440F-4540-90FE-C7AC337EC6F5.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS32B7CAC9-8CA7-42A2-9279-CBB8049C53D3.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS358E6B3A-F244-4E5C-93B1-6F1E58A15CA9.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS35F2AD53-664B-4920-BAB8-A976965327DE.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3639C0B6-1C3A-47CD-BA5F-A1696C2E4C1B.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS36EE0E47-AAA2-43F1-8B46-EDD13D27E995.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS38032B8D-6659-4B9F-9EA0-DE0685E19B09.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3C359879-BE95-4E25-933A-52BF0E8F551F.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3DC7C1BD-E1F3-47A3-854B-CEE499990202.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3E543D3B-93A3-4572-B520-1E09CB4F8B4E.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS4411C04F-CCD9-4B51-8A5F-80CF7FCD76EA.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS46AA6D99-6DFE-48DE-9F02-D0EBB7E194D4.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS46E4B39B-3F26-40B3-9B2E-1CEC86125FFF.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS4A87C5EC-840E-4527-ADB7-57641DB8D393.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS4AA30C4D-430F-4A4D-A987-C8CB0616D486.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS568E97E1-66BC-4212-8FCF-649A24769BF8.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS5EFD403D-3539-4EF3-B788-361D9710CFD5.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS600A367E-485F-4FDA-8ECD-F7A810B800B7.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS66B48F4F-3401-4F17-A577-F647D8D35E97.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS690CE2F9-973A-4618-985E-87B800C6E8EC.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS69E0F246-3A7D-44A3-A891-5448A7E45CC3.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS70F49C57-E6BC-4AD3-BAC7-DE478FAC5E79.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7267D3B3-1720-484F-8C8D-785A1DDE4F8D.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7CD92B0F-97A4-43DB-A0C9-DD01C47E6130.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7FC831CB-E225-4012-8027-2E5629B9744F.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS816BD766-F830-4552-9097-58E4FE19A58C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS84E64C4C-640E-4EBC-9BAB-905D3F8AC608.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS857CC7DC-95B2-46F9-A525-354EF81B760C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS86574BDC-4997-43A7-9B7F-46236B3958C1.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS87AFA65B-EA97-48A2-830C-30F8A5ED4772.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS90624155-C88C-403D-A584-76E543D5452C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS90A2F153-5354-487F-B53F-0E3433396F22.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS9117D37A-EDBD-49C2-A57C-622E3CD4FBB8.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS94E39DEC-6D92-4B41-999B-5728910453A9.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS9C09647C-FEAC-4A0A-B372-A5116BD29802.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA1405319-3A53-4A4D-B498-46347305653E.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA14C976A-3E59-4168-BFDB-D981BD6D2C30.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA6DB4858-3CFA-4947-9AD9-3B584DF4188D.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA8054C7B-9BE3-4BDC-B027-110D6A5D695B.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSAC6F05CC-1EDE-4577-8E9C-70B3C8DFDB4F.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSB3EFA9C9-74CF-42B2-88EB-F16AB5C8F9D5.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSB42A3B92-7877-4CCA-8308-6D4E2C6C9E78.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSB54BC617-AFF2-4E30-B704-B30A0C336555.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSBEC033A8-6826-4869-B21F-41B78CE65811.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSBF9FEEF0-1746-43FB-B0D2-87D3B10F76DE.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC0EC8B63-7484-4EED-9D9A-33B91864019E.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC4C681A1-1059-427F-A63A-65760255E1FC.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC87C75DD-1F14-43D2-AF79-5C77958727D3.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC8EF44C7-3261-417E-BF85-4FBAE5231CDA.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC909398A-0748-4540-9428-498802DA1BE7.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSD00324D9-3C89-4C54-96E2-48E615E7C70D.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSD1106D4C-87B7-4557-A555-2D632D33AAB8.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSDF4130AC-1B89-40B2-9609-18E5CF27BA02.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSDFF2E9A8-709D-43FE-AC1D-0ACEF1D10B6C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE0077279-E92F-4A99-854A-517CCA6831EB.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE25FB5D7-CC6F-4E61-8812-2EE9DB1096F9.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE3009710-9267-41D1-897D-F1D951FF9764.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE3A49294-5A7B-4568-B642-6BFE99C1CE04.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE62CFAD6-D4F7-4493-A12A-A99518D4F4F6.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE7E0A3CA-7D09-4073-96D1-37C47283BEC5.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSEA823304-4CD4-4DAD-BB68-A62060119BB3.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSEB167EF9-1CD5-43B1-933D-F66A3218CCAD.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSEB273568-1ABB-41C6-9EBF-4E28CA564C34.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSEBA96B2C-98FB-4215-85B7-E406ABD92A00.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSEC033255-0584-4252-B2BF-4A79604D0D39.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSF0DC057D-F600-4BB9-AF26-C50B29EDDCD4.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSF39F5BCF-8627-490A-B326-86BD9033FC96.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSF84D9CA9-CED1-4B07-8EC9-1571EB109822.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSFBFF525D-C409-457F-A853-0772B4BBC73D.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSFF40ACE4-9BBE-40FC-9BAF-383120EAC87E.tmp Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT.LOG Object is locked skipped C:\Documents and Settings\profil1\Application Data\AVG7\Log\emc.log Object is locked skipped C:\Documents and Settings\profil1\Application Data\Webroot\Spy Sweeper\Logs71130093707.ses Object is locked skipped C:\Documents and Settings\profil1\Cookies\index.dat Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\profil1\NTUSER.DAT Object is locked skipped C:\Documents and Settings\profil1\NTUSER.DAT.LOG Object is locked skipped C:\Program Files\HP\hpcoretech\hpcmerr.log Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\masters.bak Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\masters.mst Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters.base Object is locked skipped C:\RECYCLER\S-1-5-21-2550433394-552794737-1191653178-500\Dc1.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP404\A0129801.ini Infected: not-a-virus:AdWare.Win32.Sahat.ao skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP404\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped C:\WINDOWS\Internet Logs\GÉRALD.ldb Object is locked skipped C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped C:\WINDOWS\Prefetch\layout.ini Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\ZLT0525e.TMP Object is locked skipped C:\WINDOWS\Temp\ZLT05261.TMP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.

Bonjour, Élements supprimés. Voici le nouveau rapport via kaspersky Merci. GLH ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Friday, November 30, 2007 1:40:15 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 30/11/2007 Kaspersky Anti-Virus database records: 469480 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ E:\ F:\ G:\ H:\ I:\ L:\ Scan Statistics: Total number of scanned objects: 61080 Number of viruses found: 2 Number of infected objects: 2 Number of suspicious objects: 0 Duration of the scan process: 00:50:35 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS0272BDD7-D85A-46DF-8A98-9E8731DE97E9.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS077CD181-2768-457F-A4F4-E582514D2989.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS08A77DED-A871-4D53-9512-CD967886562F.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS098333B1-101D-49C9-BF28-22FDE2C47429.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS09B9119A-728E-49F4-99F6-78D2B26B751C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS0AB407E7-A7CD-4331-B193-6F6E8363B30F.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS0FC960ED-9EC8-4646-A7ED-058A246CF750.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS111BCA41-11A3-45CC-9B8F-440C67360979.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS16B06F6B-1D78-4B91-B50A-25085FD981B6.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS1A82DBDB-3FDF-4902-B461-982863B87035.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS1E9EBC02-AE6D-4712-A239-DF7695D85DA3.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS222279B0-A9BF-46F6-AFB9-609D92C920ED.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS23FF153E-F107-4083-BF65-D21BF6C6F7AF.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS26931AE9-B168-41FA-8837-BB118B21A04E.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS270DE171-E751-4258-92C8-FCC896234696.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS293678C7-4085-4256-A379-8DFA8707F41B.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS2A93EE83-53B8-4A86-85B2-2733CFC9BE6F.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS2AC42BA2-0264-4443-8CDC-D90F168392C7.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS2B681DA3-14DE-4BE8-B9AD-2465EA3E1035.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS2CB9D6F6-440F-4540-90FE-C7AC337EC6F5.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS32B7CAC9-8CA7-42A2-9279-CBB8049C53D3.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS358E6B3A-F244-4E5C-93B1-6F1E58A15CA9.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS35F2AD53-664B-4920-BAB8-A976965327DE.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3639C0B6-1C3A-47CD-BA5F-A1696C2E4C1B.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS36EE0E47-AAA2-43F1-8B46-EDD13D27E995.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS38032B8D-6659-4B9F-9EA0-DE0685E19B09.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3C359879-BE95-4E25-933A-52BF0E8F551F.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3DC7C1BD-E1F3-47A3-854B-CEE499990202.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS3E543D3B-93A3-4572-B520-1E09CB4F8B4E.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS4411C04F-CCD9-4B51-8A5F-80CF7FCD76EA.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS46AA6D99-6DFE-48DE-9F02-D0EBB7E194D4.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS46E4B39B-3F26-40B3-9B2E-1CEC86125FFF.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS4A87C5EC-840E-4527-ADB7-57641DB8D393.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS4AA30C4D-430F-4A4D-A987-C8CB0616D486.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS568E97E1-66BC-4212-8FCF-649A24769BF8.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS5EFD403D-3539-4EF3-B788-361D9710CFD5.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS600A367E-485F-4FDA-8ECD-F7A810B800B7.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS66B48F4F-3401-4F17-A577-F647D8D35E97.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS690CE2F9-973A-4618-985E-87B800C6E8EC.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS69E0F246-3A7D-44A3-A891-5448A7E45CC3.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS70F49C57-E6BC-4AD3-BAC7-DE478FAC5E79.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7267D3B3-1720-484F-8C8D-785A1DDE4F8D.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7CD92B0F-97A4-43DB-A0C9-DD01C47E6130.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS7FC831CB-E225-4012-8027-2E5629B9744F.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS816BD766-F830-4552-9097-58E4FE19A58C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS84E64C4C-640E-4EBC-9BAB-905D3F8AC608.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS857CC7DC-95B2-46F9-A525-354EF81B760C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS86574BDC-4997-43A7-9B7F-46236B3958C1.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS87AFA65B-EA97-48A2-830C-30F8A5ED4772.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS90624155-C88C-403D-A584-76E543D5452C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS90A2F153-5354-487F-B53F-0E3433396F22.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS9117D37A-EDBD-49C2-A57C-622E3CD4FBB8.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS94E39DEC-6D92-4B41-999B-5728910453A9.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMS9C09647C-FEAC-4A0A-B372-A5116BD29802.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA1405319-3A53-4A4D-B498-46347305653E.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA14C976A-3E59-4168-BFDB-D981BD6D2C30.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA6DB4858-3CFA-4947-9AD9-3B584DF4188D.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSA8054C7B-9BE3-4BDC-B027-110D6A5D695B.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSAC6F05CC-1EDE-4577-8E9C-70B3C8DFDB4F.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSB3EFA9C9-74CF-42B2-88EB-F16AB5C8F9D5.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSB42A3B92-7877-4CCA-8308-6D4E2C6C9E78.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSB54BC617-AFF2-4E30-B704-B30A0C336555.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSBEC033A8-6826-4869-B21F-41B78CE65811.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSBF9FEEF0-1746-43FB-B0D2-87D3B10F76DE.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC0EC8B63-7484-4EED-9D9A-33B91864019E.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC4C681A1-1059-427F-A63A-65760255E1FC.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC87C75DD-1F14-43D2-AF79-5C77958727D3.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC8EF44C7-3261-417E-BF85-4FBAE5231CDA.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSC909398A-0748-4540-9428-498802DA1BE7.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSD00324D9-3C89-4C54-96E2-48E615E7C70D.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSD1106D4C-87B7-4557-A555-2D632D33AAB8.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSDF4130AC-1B89-40B2-9609-18E5CF27BA02.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSDFF2E9A8-709D-43FE-AC1D-0ACEF1D10B6C.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE0077279-E92F-4A99-854A-517CCA6831EB.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE25FB5D7-CC6F-4E61-8812-2EE9DB1096F9.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE3009710-9267-41D1-897D-F1D951FF9764.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE3A49294-5A7B-4568-B642-6BFE99C1CE04.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE62CFAD6-D4F7-4493-A12A-A99518D4F4F6.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSE7E0A3CA-7D09-4073-96D1-37C47283BEC5.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSEA823304-4CD4-4DAD-BB68-A62060119BB3.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSEB167EF9-1CD5-43B1-933D-F66A3218CCAD.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSEB273568-1ABB-41C6-9EBF-4E28CA564C34.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSEBA96B2C-98FB-4215-85B7-E406ABD92A00.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSEC033255-0584-4252-B2BF-4A79604D0D39.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSF0DC057D-F600-4BB9-AF26-C50B29EDDCD4.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSF39F5BCF-8627-490A-B326-86BD9033FC96.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSF84D9CA9-CED1-4B07-8EC9-1571EB109822.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSFBFF525D-C409-457F-A853-0772B4BBC73D.tmp Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSMSFF40ACE4-9BBE-40FC-9BAF-383120EAC87E.tmp Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT.LOG Object is locked skipped C:\Documents and Settings\profil1\Application Data\AVG7\Log\emc.log Object is locked skipped C:\Documents and Settings\profil1\Application Data\Webroot\Spy Sweeper\Logs71130093707.ses Object is locked skipped C:\Documents and Settings\profil1\Cookies\index.dat Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Historique\History.IE5\MSHist012007113020071201\index.dat Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\profil1\NTUSER.DAT Object is locked skipped C:\Documents and Settings\profil1\NTUSER.DAT.LOG Object is locked skipped C:\Program Files\HP\hpcoretech\hpcmerr.log Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\masters.bak Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\masters.mst Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters.base Object is locked skipped C:\RECYCLER\S-1-5-21-2550433394-552794737-1191653178-500\Dc1.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP404\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped C:\WINDOWS\Internet Logs\GÉRALD.ldb Object is locked skipped C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped C:\WINDOWS\Prefetch\layout.ini Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\gah95on6.ini Infected: not-a-virus:AdWare.Win32.Sahat.ao skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\ZLT0525e.TMP Object is locked skipped C:\WINDOWS\Temp\ZLT05261.TMP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.

Bonjour Bruce Lee, Contrôles activeX configurés Voici le rapport via KASPERSKY Merci. Au prochain message... GLH ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, November 29, 2007 7:53:58 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 30/11/2007 Kaspersky Anti-Virus database records: 468634 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ E:\ F:\ G:\ H:\ I:\ Scan Statistics: Total number of scanned objects: 75348 Number of viruses found: 8 Number of infected objects: 188 Number of suspicious objects: 0 Duration of the scan process: 00:53:44 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT.LOG Object is locked skipped C:\Documents and Settings\profil1\Application Data\AVG7\Log\emc.log Object is locked skipped C:\Documents and Settings\profil1\Cookies\index.dat Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\profil1\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\profil1\NTUSER.DAT Object is locked skipped C:\Documents and Settings\profil1\NTUSER.DAT.LOG Object is locked skipped C:\Download\Mini-golf\miniputtsetup.exe/mmbun2.exe Infected: not-a-virus:AdWare.Win32.MediaMotor.a skipped C:\Download\Mini-golf\miniputtsetup.exe/loudcash.exe Infected: not-a-virus:AdWare.Win32.WinAD.i skipped C:\Download\Mini-golf\miniputtsetup.exe SetupFactory: infected - 2 skipped C:\Download\Spyware\Combofix\Clean\clean.zip/clean/pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped C:\Download\Spyware\Combofix\Clean\clean.zip ZIP: infected - 1 skipped C:\Download\Spyware\Combofix\Clean\pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped C:\Download\Spyware\Combofix\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Download\Spyware\Hijack\backups\backup-20071128-172315-374-startup.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\Download\Spyware\Hijack\backups\backup-20071128-172315-559-setings.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\Download\Spyware\Smitfraud\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Download\Spyware\Smitfraud\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Download\Spyware\Smitfraud\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Download\Spyware\Smitfraud\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Download\Spyware\Smitfraud\SmitfraudFix.exe RarSFX: infected - 2 skipped C:\Download\Spyware\Smitfraud\SmitfraudFix.zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Download\Spyware\Smitfraud\SmitfraudFix.zip ZIP: infected - 1 skipped C:\Program Files\HP\hpcoretech\hpcmerr.log Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\masters.bak Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\masters.mst Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters.base Object is locked skipped C:\qoobox\Quarantine\C\WINDOWS\system32\bronto.dll.vir Infected: Backdoor.Win32.Small.cmf skipped C:\qoobox\Quarantine\C\WINDOWS\system32\msanton.exe.vir Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\qoobox\Quarantine\C\WINDOWS\system32\sol852.txt.vir Infected: Trojan.Win32.Qhost.zs skipped C:\qoobox\Quarantine\C\WINDOWS\system32\timoty.exe.vir Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\qoobox\Quarantine\C\WINDOWS\system32\winter.exe.vir Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\RECYCLER\S-1-5-21-2550433394-552794737-1191653178-500\Dc1.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP395\A0125282.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP395\A0125283.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP395\A0125284.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP395\A0125285.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP396\A0125305.dll Infected: Backdoor.Win32.Small.cmf skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP396\A0125306.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP396\A0125324.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP396\A0125325.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP396\A0125326.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP396\A0125391.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP396\A0125392.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP396\A0125393.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP396\A0125407.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP396\A0125408.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP396\A0125412.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP396\A0125413.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP396\A0125414.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125429.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125430.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125431.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125509.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125510.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125511.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125527.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125528.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125529.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125535.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125536.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125537.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125560.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125561.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0125562.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0126561.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0126563.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP397\A0126565.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126602.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126603.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126604.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126620.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126621.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126622.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126636.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126637.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126638.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126646.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126647.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126648.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126660.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126661.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126662.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126667.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126668.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126669.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126677.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126678.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126679.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126684.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126685.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126686.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127684.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127685.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127686.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127703.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127704.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127705.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127713.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127714.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127720.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127722.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127723.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127761.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127764.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127765.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127777.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127780.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0127781.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127814.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127815.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127816.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127831.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127832.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127833.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127840.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127841.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127842.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127885.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127886.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127889.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127902.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127903.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127920.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127923.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP400\A0127924.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0127951.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0127952.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0127953.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0127969.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0127972.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0127973.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0127995.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128004.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128004.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128004.exe RarSFX: infected - 2 skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128017.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128019.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128020.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128057.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128058.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128060.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128081.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128082.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128112.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128113.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128164.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128167.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0128168.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129164.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129166.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129167.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129186.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129206.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129207.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129208.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129218.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129221.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129222.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129248.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129249.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129251.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129271.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129274.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129290.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129293.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129294.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129302.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP401\A0129305.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129324.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129325.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129338.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129384.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129399.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129400.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129401.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129418.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129419.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129420.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129454.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129455.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129456.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129485.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129488.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129495.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129496.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129497.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129505.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129506.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129515.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129521.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129522.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129525.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129532.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129533.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129534.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129548.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\A0129549.exe Infected: not-virus:Hoax.Win32.Renos.vj skipped C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP402\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped C:\WINDOWS\Internet Logs\GÉRALD.ldb Object is locked skipped C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped C:\WINDOWS\Prefetch\layout.ini Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\gah95on6.ini Infected: not-a-virus:AdWare.Win32.Sahat.ao skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\ZLT01cd0.TMP Object is locked skipped C:\WINDOWS\Temp\ZLT01cd3.TMP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.

Bonjour, Voici les 2 rapports. À noter: J'ai du démarrer en mode sans échec avec le profil ADMIN pour supprimer le fichier msanton.exe car j'avais le message "accès refusé" avec mon profil régulier. Je n'ai pas trouvé le fichier à détruire statup.exe. J'ai même fait une recherche et j'ai trouvé seulement le fichier startup.exe-1a4af53d.pf dans c:\windows\Prefetch. Je ne l'ai pas détruit. Pendant l'exécution de Combofix, j'ai eu 2 fois le message suivant de mon programme Spybot: Catégorie: Winlogon Élement: SHELL Ancienne valeur: explorer.exe Nouvelle valeur: Explorer.exe J'ai refusé la modif. *************** Je n'ai plus de pop-up aux 5 minutes Tout semble normal. Merciiiii **************** Question : Avec tous les tests que j'ai fait avant de faire appel au forum et suivant vos instructions, je me retrouve avec 3 outils anti-spyware (SPYBOT, AVG et Webroot Spy Sweeper). Lequel ou lesquels dois-je garder ? Encore merci. GLH Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:46:51, on 2007-11-28 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\HP\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Webroot\Spy Sweeper\SSU.EXE C:\Download\Spyware\Hijack\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.novem.ca/Novem_accueil_fichiers/slide0005.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKCU\..\Run: [spybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- End of file - 5757 bytes ComboFix 07-11-19.3 - profil1 2007-11-28 17:49:31.4 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.146 [GMT -5:00] Running from: C:\Download\Spyware\Combofix\ComboFix.exe . ((((((((((((((((((((((((((((( Fichiers créés 2007-10-28 to 2007-11-28 )))))))))))))))))))))))))))))))))))) . 2007-11-24 12:58 <REP> d-------- C:\Documents and Settings\NetworkService\Application Data\Webroot 2007-11-24 11:27 20,280 --a------ C:\WINDOWS\system32\drivers\SSFS0BB9.sys 2007-11-24 11:26 1,526,072 --a------ C:\WINDOWS\WRSetup.dll 2007-11-24 11:14 <REP> d-------- C:\Program Files\Webroot 2007-11-24 11:14 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\Webroot 2007-11-24 11:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Webroot 2007-11-24 11:14 163,640 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys 2007-11-24 11:14 21,816 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys 2007-11-24 11:12 <REP> d-------- C:\Documents and Settings\profil1\Application Data\Webroot 2007-11-24 00:00 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Grisoft 2007-11-23 23:43 <REP> d-------- C:\Documents and Settings\profil1\Application Data\Grisoft 2007-11-23 23:42 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-11-23 22:25 <REP> d-------- C:\Program Files\RegistrySmart 2007-11-23 22:25 <REP> d-------- C:\Documents and Settings\profil1\Application Data\RegistrySmart 2007-11-23 20:47 <REP> d-------- C:\Program Files\Yahoo! 2007-11-23 20:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2007-11-23 20:46 <REP> d-------- C:\Program Files\CCleaner 2007-11-23 16:54 <REP> d-ah----- C:\Documents and Settings\Administrateur\Voisinage réseau 2007-11-23 16:54 <REP> d-ah----- C:\Documents and Settings\Administrateur\Voisinage d'impression 2007-11-23 16:54 <REP> d-ah----- C:\Documents and Settings\Administrateur\Modèles 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Mes documents 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Menu Démarrer 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Favoris 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Bureau 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Application Data\Symantec 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Application Data\CyberLink 2007-11-22 23:14 <REP> d-------- C:\Documents and Settings\profil1\Application Data\TrojanHunter 2007-11-22 22:40 <REP> d-------- C:\Program Files\TrojanHunter 5.0 2007-11-22 21:06 15,872 --a------ C:\WINDOWS\windisk.dll 2007-10-28 14:15 <REP> d-------- C:\WINDOWS\MaxTV 2007-10-28 14:15 <REP> d-------- C:\Program Files\DMV . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-28 03:55 --------- d-----w C:\Program Files\adslTV 2007-11-24 23:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\AVG7 2007-11-24 19:04 --------- d-----w C:\Documents and Settings\profil1\Application Data\wsInspector 2007-11-24 17:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-11-24 04:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft 2007-11-18 16:48 --------- d-----w C:\Documents and Settings\profil1\Application Data\Skype 2007-11-08 12:45 --------- d-----w C:\Documents and Settings\profil1\Application Data\AdobeUM 2007-10-28 19:41 --------- d-----w C:\Documents and Settings\profil1\Application Data\vlc 2007-10-27 11:35 --------- d-----w C:\Program Files\QuickTime 2007-10-27 11:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2007-10-27 11:34 --------- d-----w C:\Program Files\Apple Software Update 2007-10-27 11:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2007-10-19 22:03 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-10-16 01:42 --------- d-----w C:\Program Files\Fichiers communs\NSV 2007-10-16 00:54 --------- d-----w C:\Program Files\Fichiers communs\Nullsoft 2007-10-08 22:03 --------- d-----w C:\Program Files\Skype 2007-10-08 22:03 --------- d-----w C:\Program Files\Fichiers communs\Skype 2007-10-08 22:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype 2007-10-08 20:37 --------- d-----w C:\Program Files\PhotoCam 2007-10-08 19:41 --------- d-----w C:\Program Files\AutoWebCam 2007-10-08 19:40 --------- d-----w C:\Program Files\STOIK Imaging 2007-10-08 19:40 --------- d-----w C:\Documents and Settings\profil1\Application Data\STOIK 2007-10-08 18:23 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-10-01 21:24 23,864 ----a-w C:\WINDOWS\system32\drivers\sskbfd.sys 2007-09-21 18:47 202,826 ----a-w C:\WINDOWS\system32\atasnt40.dll 2003-04-24 12:00 94,864 --sh--w C:\WINDOWS\twain.dll 2004-08-19 23:09 50,688 --sh--w C:\WINDOWS\twain_32.dll 2004-08-19 23:09 1,028,096 --sh--w C:\WINDOWS\system32\mfc42.dll 2004-08-19 23:09 54,784 --sh--w C:\WINDOWS\system32\msvcirt.dll 2004-08-19 23:09 413,696 --sh--w C:\WINDOWS\system32\msvcp60.dll 2004-08-19 23:09 343,040 --sh--w C:\WINDOWS\system32\msvcrt.dll 2004-08-19 23:09 553,472 --sh--w C:\WINDOWS\system32\oleaut32.dll 2004-08-19 23:09 83,456 --sh--w C:\WINDOWS\system32\olepro32.dll 2004-08-19 23:10 12,288 --sh--w C:\WINDOWS\system32\regsvr32.exe . ((((((((((((((((((((((((((((( snapshot@2007-11-23_ 0.16.22.10 ))))))))))))))))))))))))))))))))))))))))) . + 2007-10-01 21:24:34 16,184 ----a-w C:\WINDOWS\system32\ssiefr.EXE + 2007-10-01 21:24:36 219,448 ----a-w C:\WINDOWS\system32\WRLogonNtf.dll + 2007-10-01 21:24:36 26,424 ----a-w C:\WINDOWS\system32\wrlzma.dll + 2007-01-26 03:14:30 271,936 ----a-w C:\WINDOWS\WRUninstall.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2004-05-12 01:03] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2004-07-01 13:58 C:\WINDOWS\SOUNDMAN.EXE] "AlcWzrd"="ALCWZRD.EXE" [2004-07-05 20:05 C:\WINDOWS\ALCWZRD.EXE] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-05-20 11:47] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 17:28] "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 08:38] "AVG7_EMC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe" [2007-05-20 11:47] "Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2006-08-23 23:38] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-10-27 06:24] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25] "SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2007-10-01 16:40] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 18:09] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe" [2007-05-20 11:47] R0 SSFS0BB9;Spy Sweeper File System Filer Driver: 0BB9;C:\WINDOWS\system32\Drivers\SSFS0BB9.SYS R3 DCamUSBKodak;Kodak DVC323 Digital Video Camera;C:\WINDOWS\system32\DRIVERS\dvc323.sys R3 WebSTARNdis;WebSTAR DPX USB Cable Modem Adapter;C:\WINDOWS\system32\DRIVERS\WebSTAR.sys . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-11-24 16:55:29 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job" - C:\Program Files\RegistrySmart\RegistrySmart.exe - C:\Program Files\RegistrySmart . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-28 17:53:10 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-28 17:54:14 C:\ComboFix2.txt ... 2007-11-27 18:25 C:\ComboFix3.txt ... 2007-11-25 12:10 . --- E O F ---

Bonjour, Ci-dessous les 2 rapports. Je n'ai pas pu exécuter l'opération avec FIXME.REG en mode sans échec car j'ai eu le message suvant: La modification du regsitre a été désactivé par votre administrateur Aussi, je n'ai pas pu changer l'affichage en mode sans échec. Après toutes les autres opérations, j'ai toujours le pop-up Potential Spyware Operation et je n'ai pas accès au gestionnaire de tâche. Merci des encouragements.... GLH --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 06:15:55 2007-11-28 + Résultat de l'analyse: C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126654.ini -> Adware.Sahat : Nettoyé. C:\System Volume Information\_restore{FD800764-76F2-4733-8454-F2186A20644F}\RP398\A0126653.dll -> Adware.WinAD : Nettoyé. C:\Documents and Settings\profil1\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\profil1\Cookies\profil1@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé. C:\Documents and Settings\profil1\Cookies\[email protected][2].txt -> TrackingCookie.Adbrite : Nettoyé. C:\Documents and Settings\profil1\Cookies\profil1@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé. C:\Documents and Settings\profil1\Cookies\profil1@estat[1].txt -> TrackingCookie.Estat : Nettoyé. C:\Documents and Settings\profil1\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Nettoyé. C:\Documents and Settings\profil1\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Nettoyé. C:\Documents and Settings\profil1\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Nettoyé. C:\Documents and Settings\profil1\Cookies\profil1@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé. C:\Documents and Settings\profil1\Cookies\[email protected][2].txt -> TrackingCookie.Netflame : Nettoyé. C:\Documents and Settings\profil1\Cookies\profil1@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\profil1\Cookies\[email protected][2].txt -> TrackingCookie.Webtrends : Nettoyé. Fin du rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 06:23:46, on 2007-11-28 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\system32\msanton.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\HP\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Download\Spyware\Hijack\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.novem.ca/Novem_accueil_fichiers/slide0005.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\msanton.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [version] C:\WINDOWS\system32\timoty.exe O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKCU\..\Run: [spybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" O4 - HKCU\..\Run: [froody] C:\WINDOWS\system32\timoty.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: setings.exe O4 - Global Startup: startup.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- End of file - 6220 bytes

Bonjour, Ci-dessous le rapport de ComboFix suivant les opérations requises. Sur siri.urz.free.fr/upload, j'ai eu le message suivant pour les 2 fichiers à traiter : Le fichier existe déja, une analyse est en cours... Merci de ne pas renvoyer le fichier. Vous allez être redirigé, sinon cliquez ici *************** De plus, après le reboot généré par de ComboFix, j'ai eu le message suivant via mon programme Sypbot Catégorie : System Stratup user entry Modif: Valeur deleted Élemément: froody Ancienne valeur : C:\WINDOWS\system32\timoty.exe J'ai refusé la modif Je n'ai pas encore rebooter mais j'ai encore le pop-up Potential Spyware Operation Merci !!!! ComboFix 07-11-19.3 - profil1 2007-11-27 18:17:22.3 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.99 [GMT -5:00] Running from: C:\Documents and Settings\profil1\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\profil1\Bureau\CFScript.txt * Created a new restore point FILE C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ C:\Documents and Settings\profil1\wn852.exe C:\WINDOWS\system32\libcurl.dll C:\WINDOWS\system32\msanton.exe C:\WINDOWS\system32\sol852.txt C:\WINDOWS\system32\timoty.exe C:\WINDOWS\trayicons.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\profil1\wn852.exe C:\WINDOWS\system32\libcurl.dll C:\WINDOWS\system32\msanton.exe C:\WINDOWS\system32\sol852.txt C:\WINDOWS\system32\timoty.exe C:\WINDOWS\trayicons.exe . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-27 to 2007-11-27 )))))))))))))))))))))))))))))))))))) . 2007-11-24 12:58 <REP> d-------- C:\Documents and Settings\NetworkService\Application Data\Webroot 2007-11-24 11:27 20,280 --a------ C:\WINDOWS\system32\drivers\SSFS0BB9.sys 2007-11-24 11:26 1,526,072 --a------ C:\WINDOWS\WRSetup.dll 2007-11-24 11:14 <REP> d-------- C:\Program Files\Webroot 2007-11-24 11:14 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\Webroot 2007-11-24 11:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Webroot 2007-11-24 11:14 163,640 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys 2007-11-24 11:14 21,816 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys 2007-11-24 11:12 <REP> d-------- C:\Documents and Settings\profil1\Application Data\Webroot 2007-11-24 00:00 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Grisoft 2007-11-23 23:43 <REP> d-------- C:\Documents and Settings\profil1\Application Data\Grisoft 2007-11-23 23:42 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-11-23 22:25 <REP> d-------- C:\Program Files\RegistrySmart 2007-11-23 22:25 <REP> d-------- C:\Documents and Settings\profil1\Application Data\RegistrySmart 2007-11-23 20:47 <REP> d-------- C:\Program Files\Yahoo! 2007-11-23 20:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2007-11-23 20:46 <REP> d-------- C:\Program Files\CCleaner 2007-11-23 16:54 <REP> d-ah----- C:\Documents and Settings\Administrateur\Voisinage r‚seau 2007-11-23 16:54 <REP> d-ah----- C:\Documents and Settings\Administrateur\Voisinage d'impression 2007-11-23 16:54 <REP> d-ah----- C:\Documents and Settings\Administrateur\ModŠles 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Mes documents 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Menu D‚marrer 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Favoris 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Bureau 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Application Data\Symantec 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Application Data\CyberLink 2007-11-22 23:14 <REP> d-------- C:\Documents and Settings\profil1\Application Data\TrojanHunter 2007-11-22 22:40 <REP> d-------- C:\Program Files\TrojanHunter 5.0 2007-11-22 21:06 15,872 --a------ C:\WINDOWS\windisk.dll 2007-10-28 14:15 <REP> d-------- C:\WINDOWS\MaxTV 2007-10-28 14:15 <REP> d-------- C:\Program Files\DMV 2007-10-27 06:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2007-10-27 06:34 <REP> d-------- C:\Program Files\Apple Software Update 2007-10-27 06:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple 2007-10-27 06:24 <REP> d-------- C:\Program Files\QuickTime . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-27 01:12 --------- d-----w C:\Program Files\adslTV 2007-11-24 23:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\AVG7 2007-11-24 19:04 --------- d-----w C:\Documents and Settings\profil1\Application Data\wsInspector 2007-11-24 17:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-11-24 04:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft 2007-11-18 16:48 --------- d-----w C:\Documents and Settings\profil1\Application Data\Skype 2007-11-08 12:45 --------- d-----w C:\Documents and Settings\profil1\Application Data\AdobeUM 2007-10-28 19:41 --------- d-----w C:\Documents and Settings\profil1\Application Data\vlc 2007-10-19 22:03 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-10-16 01:42 --------- d-----w C:\Program Files\Fichiers communs\NSV 2007-10-16 00:54 --------- d-----w C:\Program Files\Fichiers communs\Nullsoft 2007-10-08 22:03 --------- d-----w C:\Program Files\Skype 2007-10-08 22:03 --------- d-----w C:\Program Files\Fichiers communs\Skype 2007-10-08 22:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype 2007-10-08 20:37 --------- d-----w C:\Program Files\PhotoCam 2007-10-08 19:41 --------- d-----w C:\Program Files\AutoWebCam 2007-10-08 19:40 --------- d-----w C:\Program Files\STOIK Imaging 2007-10-08 19:40 --------- d-----w C:\Documents and Settings\profil1\Application Data\STOIK 2007-10-08 18:23 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-10-01 21:24 23,864 ----a-w C:\WINDOWS\system32\drivers\sskbfd.sys 2007-09-21 18:47 202,826 ----a-w C:\WINDOWS\system32\atasnt40.dll 2003-04-24 12:00 94,864 --sh--w C:\WINDOWS\twain.dll 2004-08-19 23:09 50,688 --sh--w C:\WINDOWS\twain_32.dll 2004-08-19 23:09 1,028,096 --sh--w C:\WINDOWS\system32\mfc42.dll 2004-08-19 23:09 54,784 --sh--w C:\WINDOWS\system32\msvcirt.dll 2004-08-19 23:09 413,696 --sh--w C:\WINDOWS\system32\msvcp60.dll 2004-08-19 23:09 343,040 --sh--w C:\WINDOWS\system32\msvcrt.dll 2004-08-19 23:09 553,472 --sh--w C:\WINDOWS\system32\oleaut32.dll 2004-08-19 23:09 83,456 --sh--w C:\WINDOWS\system32\olepro32.dll 2004-08-19 23:10 12,288 --sh--w C:\WINDOWS\system32\regsvr32.exe . ((((((((((((((((((((((((((((( snapshot@2007-11-23_ 0.16.22.10 ))))))))))))))))))))))))))))))))))))))))) . + 2007-10-01 21:24:34 16,184 ----a-w C:\WINDOWS\system32\ssiefr.EXE + 2007-10-01 21:24:36 219,448 ----a-w C:\WINDOWS\system32\WRLogonNtf.dll + 2007-10-01 21:24:36 26,424 ----a-w C:\WINDOWS\system32\wrlzma.dll + 2007-01-26 03:14:30 271,936 ----a-w C:\WINDOWS\WRUninstall.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2004-05-12 01:03] "froody"="C:\WINDOWS\system32\timoty.exe" [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2004-07-01 13:58 C:\WINDOWS\SOUNDMAN.EXE] "AlcWzrd"="ALCWZRD.EXE" [2004-07-05 20:05 C:\WINDOWS\ALCWZRD.EXE] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-05-20 11:47] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 17:28] "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 08:38] "AVG7_EMC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe" [2007-05-20 11:47] "Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2006-08-23 23:38] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-10-27 06:24] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25] "version"="C:\WINDOWS\system32\timoty.exe" [] "SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2007-10-01 16:40] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 18:09] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe" [2007-05-20 11:47] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"= 1 (0x1) "DisableTaskMgr"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"= 1 (0x1) "DisableTaskMgr"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoControlPanel"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoControlPanel"= 1 (0x1) "NoWindowsUpdate"= 1 (0x1) R0 SSFS0BB9;Spy Sweeper File System Filer Driver: 0BB9;C:\WINDOWS\system32\Drivers\SSFS0BB9.SYS R3 DCamUSBKodak;Kodak DVC323 Digital Video Camera;C:\WINDOWS\system32\DRIVERS\dvc323.sys R3 WebSTARNdis;WebSTAR DPX USB Cable Modem Adapter;C:\WINDOWS\system32\DRIVERS\WebSTAR.sys . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2007-11-24 16:55:29 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job" - C:\Program Files\RegistrySmart\RegistrySmart.ex - C:\Program Files\RegistrySmart . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-27 18:24:05 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-27 18:25:49 - machine was rebooted C:\ComboFix2.txt ... 2007-11-25 12:10 C:\ComboFix3.txt ... 2007-11-23 00:16 . --- E O F ---

Rebonjour, Voici le rapport via Combofix Merci. GLH ComboFix 07-11-19.3 - profil1 2007-11-25 12:05:07.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.120 [GMT -5:00] Running from: C:\Documents and Settings\profil1\Bureau\ComboFix.exe . ((((((((((((((((((((((((((((( Fichiers créés 2007-10-25 to 2007-11-25 )))))))))))))))))))))))))))))))))))) . 2007-11-24 12:58 <REP> d-------- C:\Documents and Settings\NetworkService\Application Data\Webroot 2007-11-24 11:27 20,280 --a------ C:\WINDOWS\system32\drivers\SSFS0BB9.sys 2007-11-24 11:26 1,526,072 --a------ C:\WINDOWS\WRSetup.dll 2007-11-24 11:14 <REP> d-------- C:\Program Files\Webroot 2007-11-24 11:14 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\Webroot 2007-11-24 11:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Webroot 2007-11-24 11:14 163,640 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys 2007-11-24 11:14 23,864 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys 2007-11-24 11:14 21,816 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys 2007-11-24 11:12 <REP> d-------- C:\Documents and Settings\profil1\Application Data\Webroot 2007-11-24 00:00 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Grisoft 2007-11-23 23:43 <REP> d-------- C:\Documents and Settings\profil1\Application Data\Grisoft 2007-11-23 23:42 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-11-23 22:25 <REP> d-------- C:\Program Files\RegistrySmart 2007-11-23 22:25 <REP> d-------- C:\Documents and Settings\profil1\Application Data\RegistrySmart 2007-11-23 20:47 <REP> d-------- C:\Program Files\Yahoo! 2007-11-23 20:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2007-11-23 20:46 <REP> d-------- C:\Program Files\CCleaner 2007-11-23 16:54 <REP> d-ah----- C:\Documents and Settings\Administrateur\Voisinage réseau 2007-11-23 16:54 <REP> d-ah----- C:\Documents and Settings\Administrateur\Voisinage d'impression 2007-11-23 16:54 <REP> d-ah----- C:\Documents and Settings\Administrateur\Modèles 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Mes documents 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Menu Démarrer 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Favoris 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Bureau 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Application Data\Symantec 2007-11-23 16:54 <REP> d-a------ C:\Documents and Settings\Administrateur\Application Data\CyberLink 2007-11-22 23:19 289,280 --a------ C:\WINDOWS\system32\libcurl.dll 2007-11-22 23:19 6,144 --a------ C:\WINDOWS\system32\msanton.exe 2007-11-22 23:14 <REP> d-------- C:\Documents and Settings\profil1\Application Data\TrojanHunter 2007-11-22 22:40 <REP> d-------- C:\Program Files\TrojanHunter 5.0 2007-11-22 21:09 8,116 --a------ C:\WINDOWS\system32\sol852.txt 2007-11-22 21:06 15,872 --a------ C:\WINDOWS\windisk.dll 2007-11-22 20:48 28,417 --a------ C:\WINDOWS\trayicons.exe 2007-11-18 14:21 28,417 --a------ C:\Documents and Settings\profil1\wn852.exe 2007-10-28 14:18 9 --a------ C:\WINDOWS\system32\client.sid 2007-10-28 14:15 <REP> d-------- C:\WINDOWS\MaxTV 2007-10-28 14:15 <REP> d-------- C:\Program Files\DMV 2007-10-27 06:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2007-10-27 06:34 <REP> d-------- C:\Program Files\Apple Software Update 2007-10-27 06:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple 2007-10-27 06:24 <REP> d-------- C:\Program Files\QuickTime . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-25 01:31 --------- d-----w C:\Program Files\adslTV 2007-11-24 23:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\AVG7 2007-11-24 19:04 --------- d-----w C:\Documents and Settings\profil1\Application Data\wsInspector 2007-11-24 17:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-11-24 04:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft 2007-11-23 04:19 6,144 ----a-w C:\WINDOWS\system32\timoty.exe 2007-11-18 16:48 --------- d-----w C:\Documents and Settings\profil1\Application Data\Skype 2007-11-08 12:45 --------- d-----w C:\Documents and Settings\profil1\Application Data\AdobeUM 2007-10-28 19:41 --------- d-----w C:\Documents and Settings\profil1\Application Data\vlc 2007-10-19 22:03 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-10-16 01:42 --------- d-----w C:\Program Files\Fichiers communs\NSV 2007-10-16 00:54 --------- d-----w C:\Program Files\Fichiers communs\Nullsoft 2007-10-08 22:03 --------- d-----w C:\Program Files\Skype 2007-10-08 22:03 --------- d-----w C:\Program Files\Fichiers communs\Skype 2007-10-08 22:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype 2007-10-08 20:37 --------- d-----w C:\Program Files\PhotoCam 2007-10-08 19:41 --------- d-----w C:\Program Files\AutoWebCam 2007-10-08 19:40 --------- d-----w C:\Program Files\STOIK Imaging 2007-10-08 19:40 --------- d-----w C:\Documents and Settings\profil1\Application Data\STOIK 2007-10-08 18:23 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-09-21 18:47 202,826 ----a-w C:\WINDOWS\system32\atasnt40.dll 2003-04-24 12:00 94,864 --sh--w C:\WINDOWS\twain.dll 2004-08-19 23:09 50,688 --sh--w C:\WINDOWS\twain_32.dll 2004-08-19 23:09 1,028,096 --sh--w C:\WINDOWS\system32\mfc42.dll 2004-08-19 23:09 54,784 --sh--w C:\WINDOWS\system32\msvcirt.dll 2004-08-19 23:09 413,696 --sh--w C:\WINDOWS\system32\msvcp60.dll 2004-08-19 23:09 343,040 --sh--w C:\WINDOWS\system32\msvcrt.dll 2004-08-19 23:09 553,472 --sh--w C:\WINDOWS\system32\oleaut32.dll 2004-08-19 23:09 83,456 --sh--w C:\WINDOWS\system32\olepro32.dll 2004-08-19 23:10 12,288 --sh--w C:\WINDOWS\system32\regsvr32.exe . ((((((((((((((((((((((((((((( snapshot@2007-11-23_ 0.16.22.10 ))))))))))))))))))))))))))))))))))))))))) . + 2007-10-01 21:24:34 16,184 ----a-w C:\WINDOWS\system32\ssiefr.EXE + 2007-10-01 21:24:36 219,448 ----a-w C:\WINDOWS\system32\WRLogonNtf.dll + 2007-10-01 21:24:36 26,424 ----a-w C:\WINDOWS\system32\wrlzma.dll + 2007-01-26 03:14:30 271,936 ----a-w C:\WINDOWS\WRUninstall.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2004-05-12 01:03] "froody"="C:\WINDOWS\system32\timoty.exe" [2007-11-22 23:19] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2004-07-01 13:58 C:\WINDOWS\SOUNDMAN.EXE] "AlcWzrd"="ALCWZRD.EXE" [2004-07-05 20:05 C:\WINDOWS\ALCWZRD.EXE] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-05-20 11:47] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 17:28] "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 08:38] "AVG7_EMC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe" [2007-05-20 11:47] "Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2006-08-23 23:38] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-10-27 06:24] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25] "version"="C:\WINDOWS\system32\timoty.exe" [2007-11-22 23:19] "SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2007-10-01 16:40] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 18:09] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe" [2007-05-20 11:47] C:\Documents and Settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\ setings.exe [2007-11-22 23:19:58] C:\Documents and Settings\profil1\Menu D‚marrer\Programmes\D‚marrage\ setings.exe [2007-11-22 23:19:58] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ startup.exe [2007-11-22 23:19:58] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "froody"=C:\WINDOWS\system32\timoty.exe "timeNoticeSL001"="C:\Documents and Settings\profil1\wn852.exe" net [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "version"=C:\WINDOWS\system32\timoty.exe R0 SSFS0BB9;Spy Sweeper File System Filer Driver: 0BB9;C:\WINDOWS\system32\Drivers\SSFS0BB9.SYS R3 DCamUSBKodak;Kodak DVC323 Digital Video Camera;C:\WINDOWS\system32\DRIVERS\dvc323.sys R3 WebSTARNdis;WebSTAR DPX USB Cable Modem Adapter;C:\WINDOWS\system32\DRIVERS\WebSTAR.sys . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-11-24 16:55:29 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job" - C:\Program Files\RegistrySmart\RegistrySmart.exe - C:\Program Files\RegistrySmart . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-25 12:09:02 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-25 12:10:27 C:\ComboFix2.txt ... 2007-11-23 00:16 . --- E O F ---

Bonjour Bru Lee, Voici le rapport via smitfraudfix Merci P.S. désolé pour les 2 réponses vide. C'est mon erreur de débutant.... SmitFraudFix v2.254 Rapport fait à 7:23:04,01, 2007-11-25 Executé à partir de C:\Download\Spyware\Smitfraud\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\msanton.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\HP\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Webroot\Spy Sweeper\SSU.EXE C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\profil1 »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\profil1\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\profil1\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: WebSTAR DPX USB Cable Modem Adapter - Miniport d'ordonnancement de paquets DNS Server Search Order: 24.200.241.37 DNS Server Search Order: 24.201.245.77 DNS Server Search Order: 24.200.243.189 HKLM\SYSTEM\CCS\Services\Tcpip\..\{22F396DE-0056-4B62-87FB-504F35026341}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189 HKLM\SYSTEM\CS1\Services\Tcpip\..\{22F396DE-0056-4B62-87FB-504F35026341}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189 HKLM\SYSTEM\CS2\Services\Tcpip\..\{22F396DE-0056-4B62-87FB-504F35026341}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin