abricot31

salut gof!!! comment faire pour suprimmer les virus et object trouvé par kaspersky online g appuyer sur "new scan" et suite a nouveau scan , ben c le meme resultat , les virus n ont il pas ete chassé??

waooo super kaspersky online scanner j aime bien!!! voici son rapport merci bien!!! gof ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Friday, January 25, 2008 12:26:30 PM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 25/01/2008 Kaspersky Anti-Virus database records: 532093 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ Scan Statistics: Total number of scanned objects: 63454 Number of viruses found: 2 Number of infected objects: 5 Number of suspicious objects: 0 Duration of the scan process: 00:55:31 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\user\.housecall6.6\Quarantine\facebook.com-carpeta5.zip.bac_a02972/pictura-002.JPEG-www.facebook.com Infected: Backdoor.Win32.IRCBot.aqz skipped C:\Documents and Settings\user\.housecall6.6\Quarantine\facebook.com-carpeta5.zip.bac_a02972 ZIP: infected - 1 skipped C:\Documents and Settings\user\.housecall6.6\Quarantine\facebook.com-carpeta5.zip.bac_a02972 CryptFF.b: infected - 1 skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\call1024.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\call256.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\call512.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\callmember256.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chat1024.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chat16384.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chat2048.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chat256.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chat4096.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chat512.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chat8192.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chatmember256.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chatmsg1024.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chatmsg16384.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chatmsg2048.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chatmsg256.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chatmsg32768.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chatmsg4096.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chatmsg512.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chatmsg8192.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chatsync\2b\2b6fb8257bddb884.dat Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chatsync\94\94e31cf687650799.dat Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chatsync\98\98e9b860707c36ab.dat Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chatsync\c5\c533eed3e7fa4bea.dat Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\chatsync\e8\e89ce40667015ae9.dat Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\contactgroup256.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\dyncontent\bundle.dat Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\index2.dat Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\profile4096.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\transfer256.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\transfer512.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\user1024.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\user16384.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\user256.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\user32768.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\user4096.dbb Object is locked skipped C:\Documents and Settings\user\Application Data\Skype\soufianou1\voicemail256.dbb Object is locked skipped C:\Documents and Settings\user\Cookies\index.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Ares\My Shared Folder\avg anti-spyware plus 7 5 1 43 3339 patched multilingual-rel.rar/Setup + Patch.exe Infected: Trojan.Win32.Pakes.bzo skipped C:\Documents and Settings\user\Local Settings\Application Data\Ares\My Shared Folder\avg anti-spyware plus 7 5 1 43 3339 patched multilingual-rel.rar CAB: infected - 1 skipped C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\user\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\user\NTUSER.DAT Object is locked skipped C:\Documents and Settings\user\ntuser.dat.LOG Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{98C79A28-BB8A-4F9F-B7F8-88910C9E04F6}\RP408\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped C:\WINDOWS\Internet Logs\USER-6C29F98C60.ldb Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_73c.dat Object is locked skipped C:\WINDOWS\Temp\ZLT01975.TMP Object is locked skipped C:\WINDOWS\Temp\ZLT01979.TMP Object is locked skipped C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.

bonjour gof dieu merci je n ai eu aucun pblem sauf ce matin , g eu une fenetre de spybot me disant qu une modification importante du registre a eu lieu au sujet du fichier "mssecure.exe" et ma demandé si j acceptai ou non (cette modif) j ai choisi d accepter j esper avoir pris la bonne decision!!! bonne journée a toi !!!

bonjour gof!!! voila les 2 rapports !! je pense avoir suivie a la lettre tes instuctions !! y a du mieu ?? je comprend pas grand chose WINSeeker 1.0B - bibi26 Fichier/dossier recherché : mssecure.exe Date recherchée : Aucune (jj/mm/aaaa) Répertoire à scanner : c:\ (Récursif) --> Fichiers/Dossiers trouvés --> Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 12:57:18, on 24/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\DAP\DAP.EXE C:\Program Files\LimeWire\LimeWire.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.312\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.meteomedia.com/weather/agxx0006/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing) O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [speedOptimizer] C:\PROGRA~1\SPEEDO~1\SPO.EXE -s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: www.secuser.com O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{DE1FDF38-FA70-4FA0-85C3-4C79A04FFB93}: NameServer = 208.67.222.222 193.55.10.102 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\Power Translator\LogoMedia TranslateDotNet Server.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe merci pour ton aide gof!!!!

bonjour gof le voici : Logfile of HijackThis v1.99.1 Scan saved at 14:41:32, on 23/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Ares\Ares.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\DAP\DAP.EXE C:\Program Files\ooVoo\ooVoo.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\VideoLAN\VLC\vlc.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.782\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.meteomedia.com/weather/agxx0006/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing) O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [speedOptimizer] C:\PROGRA~1\SPEEDO~1\SPO.EXE -s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Microsoft Security] mssecure.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: www.secuser.com O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{DE1FDF38-FA70-4FA0-85C3-4C79A04FFB93}: NameServer = 208.67.222.222 193.55.10.102 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\Power Translator\LogoMedia TranslateDotNet Server.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe merci gof

salut gof voici le rapport msn fix : MSNFix 1.639-2 C:\Documents and Settings\user\Bureau\MSNFix Fix exécuté le 22/01/2008 - 12:59:23,43 By user mode normal ************************ Recherche les fichiers présents ... C:\DOCUME~1\user\LOCALS~1\Temp\*.dmp ... C:\DOCUME~1\user\LOCALS~1\Temp\facebook.com*.zip ************************ Recherche les dossiers présents Aucun dossier trouvé ************************ Suppression des fichiers .. OK ... C:\DOCUME~1\user\LOCALS~1\Temp\*.dmp .. OK ... C:\DOCUME~1\user\LOCALS~1\Temp\facebook.com*.zip ************************ Nettoyage du registre ************************ Fichiers suspects Aucun Fichier trouvé Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 22012008_13034934.zip ------------------------------------------------------------------------ Auteur : !aur3n7 Contact: http://changelog.fr ------------------------------------------------------------------------ --------------------------------------------- END --------------------------------------------- merci gof

bonjour gof comme tu me la conseillé, g desactivé toute la securité,g fait l extraction complete du fichier "diag help" (l archive) et puis enfin g lancé go.cmd dont voici le rapport.diag help ma demandé d uploader un fichier chose que g essayer de faire sans succé.(apres avoir selectionné le fichier ds "parcourir" qd je clique sur "envoyer" rien ne se produit ) la fentere noire "c windows systeme 32 cmd.exe me demande d appyuer sur une touche pour continuer, la aussi rien ne se produit )et puis y a avg qui me sort une fenetre (je vien de le reactiver) qui m indique la presence de "trojan.inject.mf " ds "c\doc\user\temp\krfgevrh9f98c60.dll" et me conseil de "nettoyer et de metre en quarentaine" chose que je viens de faire!!!(en esperant avoir prix la bonne decision) es que c est le trojan isolé et reperé par diag help ?(et mis ds le fichier qu on ma demander d uploader) voicie le rapport de diaghelp:(merci beaucoup gof) DiagHelp version v1.4 - http://www.malekal.com excute le 21/01/2008 à 12:23:24,85 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->21/01/2008 12:23:16 C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->21/01/2008 12:22:09 C:\WINDOWS\prefetch\WINRAR.EXE-39C6DAD9.pf -->21/01/2008 12:20:29 C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->21/01/2008 12:19:36 C:\WINDOWS\prefetch\WSCNTFY.EXE-1B24F5EB.pf -->21/01/2008 12:13:36 C:\WINDOWS\prefetch\A2FREE.EXE-34CE1BFD.pf -->21/01/2008 12:10:36 C:\WINDOWS\prefetch\ASHQUICK.EXE-13F2975D.pf -->21/01/2008 12:10:06 C:\WINDOWS\prefetch\WMIPRVSE.EXE-28F301A9.pf -->21/01/2008 12:05:03 C:\WINDOWS\prefetch\AVAST.SETUP-032170A8.pf -->21/01/2008 11:47:46 C:\WINDOWS\prefetch\Layout.ini -->21/01/2008 09:02:26 C:\WINDOWS\System32\drivers\fidbox.idx -->17/01/2008 13:23:31 C:\WINDOWS\System32\drivers\fidbox.dat -->17/01/2008 13:23:31 C:\WINDOWS\System32\drivers\aswmon.sys -->04/12/2007 15:56:02 C:\WINDOWS\System32\drivers\aswmon2.sys -->04/12/2007 15:55:46 C:\WINDOWS\System32\drivers\aswRdr.sys -->04/12/2007 15:53:39 C:\WINDOWS\System32\drivers\aswTdi.sys -->04/12/2007 15:51:52 C:\WINDOWS\System32\drivers\aavmker4.sys -->04/12/2007 15:49:02 C:\WINDOWS\System32\vsconfig.xml -->21/01/2008 07:33:35 C:\WINDOWS\System32\wpa.dbl -->20/01/2008 13:56:13 C:\WINDOWS\System32\jupdate-1.6.0_03-b05.log -->06/01/2008 15:52:43 C:\WINDOWS\System32\TZLog.log -->12/12/2007 07:38:11 C:\WINDOWS\System32\CONFIG.NT -->11/12/2007 15:14:07 C:\WINDOWS\System32\aswBoot.exe -->04/12/2007 14:04:28 C:\WINDOWS\System32\AVASTSS.scr -->04/12/2007 13:54:04 C:\WINDOWS\System32\MRT.exe -->03/12/2007 00:00:05 C:\WINDOWS\System32\jscript.dll -->14/11/2007 08:28:02 C:\WINDOWS\System32\tzchange.exe -->13/11/2007 12:31:11 C:\WINDOWS\System32\zllictbl.dat -->05/11/2007 12:08:32 C:\WINDOWS\System32\mshtml.dll -->30/10/2007 11:18:16 C:\WINDOWS\System32\quartz.dll -->29/10/2007 23:43:32 C:\WINDOWS\System32\xpsp3res.dll -->29/10/2007 16:35:14 C:\WINDOWS\System32\perfh00C.dat -->28/10/2007 13:44:32 C:\WINDOWS\System32\perfh009.dat -->28/10/2007 13:44:32 C:\WINDOWS\System32\perfc00C.dat -->28/10/2007 13:44:32 C:\WINDOWS\System32\perfc009.dat -->28/10/2007 13:44:32 C:\WINDOWS\System32\PerfStringBackup.INI -->28/10/2007 13:44:31 C:\WINDOWS\System32\shell32.dll -->25/10/2007 17:56:24 C:\WINDOWS\System32\wmasf.dll -->25/10/2007 09:28:30 C:\WINDOWS\System32\wininet.dll -->11/10/2007 07:13:41 C:\WINDOWS\System32\urlmon.dll -->11/10/2007 07:13:41 C:\WINDOWS\System32\shlwapi.dll -->11/10/2007 07:13:41 C:\WINDOWS\System32\shdocvw.dll -->11/10/2007 07:13:40 C:\WINDOWS\WindowsUpdate.log -->21/01/2008 07:34:17 C:\WINDOWS.log -->21/01/2008 07:33:32 C:\WINDOWS\wiadebug.log -->21/01/2008 07:33:31 C:\WINDOWS\wiaservc.log -->21/01/2008 07:33:29 C:\WINDOWS\bootstat.dat -->21/01/2008 07:32:14 C:\WINDOWS\SchedLgU.Txt -->20/01/2008 23:33:17 C:\WINDOWS\NeroDigital.ini -->20/01/2008 17:59:56 C:\WINDOWS\ntbtlog.txt -->19/01/2008 08:27:10 C:\WINDOWS\wmsetup.log -->13/01/2008 14:37:00 C:\WINDOWS\setupact.log -->11/01/2008 16:50:30 C:\WINDOWS\SCARFACE AUTOCRACK (OPTIMA SYSTEMS RELEASE) Uninstall Log.txt -->11/01/2008 15:36:13 C:\WINDOWS\setupapi.log -->10/01/2008 19:22:37 C:\WINDOWS\IE4 Error Log.txt -->08/01/2008 23:25:48 C:\WINDOWS\tsoc.log -->22/12/2007 07:54:21 C:\WINDOWS\tabletoc.log -->22/12/2007 07:54:21 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1524 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x00c30000 0x7000 1.01.0000.0162 C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll 0x10000000 0x13000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll 0x012a0000 0x38000 3.00.0000.0058 C:\Program Files\a-squared Free\a2freecontmenu.dll 0x52200000 0xb000 7.00.0362.0000 C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll 0x02350000 0x4000 5.03.0017.0000 C:\Program Files\Zone Labs\ZoneAlarm\zlavscan_Loc040c.dll 0x64f00000 0x12000 4.07.1098.0000 C:\Program Files\Alwil Software\Avast4\ashShell.dll 0x02470000 0x2c000 C:\Program Files\WinRAR\rarext.dll 0x35550000 0xe000 8.00.0000.0003 C:\PROGRA~1\DAP\PRIVAC~1\DAPCTX~1.DLL 0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL 0x024a0000 0x2a000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll 0x02d90000 0x11a000 1.05.0000.0008 C:\PROGRA~1\SPYBOT~1\SDHelper.dll 0x325c0000 0x12000 11.00.5510.0000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll 0x15110000 0x25a000 11.00.5721.5145 C:\WINDOWS\system32\wmvcore.dll 0x11c70000 0x3a000 11.00.5721.5238 C:\WINDOWS\system32\WMASF.DLL 0x00c80000 0x19000 1.00.0201.0000 C:\WINDOWS\system32\CmdLineExt.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 756 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1490-B735 Répertoire de C:\WINDOWS\temp 05/11/2004 09:29 208 896 alcupd.exe 27/10/2004 08:47 40 960 ChCfg.exe 17/11/2004 09:11 9 319 936 RTLCPL.exe 15/11/2004 11:20 77 824 soundman.exe 4 fichier(s) 9 647 616 octets 0 Rép(s) 23 484 928 000 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1490-B735 Répertoire de C:\WINDOWS\system32 04/08/2004 00:54 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 23 484 928 000 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1490-B735 Répertoire de C:\WINDOWS\Downloaded Program Files 09/11/2007 15:03 <REP> . 09/11/2007 15:03 <REP> .. 01/11/2006 00:14 65 desktop.ini 10/04/2000 16:12 1 765 fhg.inf 02/11/2005 18:01 1 777 xscan.inf 02/11/2005 18:07 435 712 xscan53.ocx 4 fichier(s) 439 319 octets Total des fichiers listés : 4 fichier(s) 439 319 octets 2 Rép(s) 23 484 928 000 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\GameSpy Arcade\\Aphex.exe"="C:\\Program Files\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade" "C:\\Program Files\\DAP\\DAP.exe"="C:\\Program Files\\DAP\\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"="C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe:*:Enabled:pes6.exe" "C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"="C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent" "C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares p2p for windows" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 127.0.0.1 avpcheckupdate.com 127.0.0.1 www.avpcheckupdate.com 127.0.0.1 client.exeupdate.com 127.0.0.1 eupdatepage.com 127.0.0.1 www.eupdatepage.com 127.0.0.1 exeupdate.com 127.0.0.1 www.exeupdate.com 127.0.0.1 hotwinupdates.com 127.0.0.1 www.hotwinupdates.com 127.0.0.1 lavasoftupdate.com 127.0.0.1 www.lavasoftupdate.com 127.0.0.1 malwarewipeupdate.com 127.0.0.1 www.malwarewipeupdate.com 127.0.0.1 msupdate.net 127.0.0.1 www.msupdate.net 127.0.0.1 msupdater.net 127.0.0.1 www.msupdater.net 127.0.0.1 necessaryupdates.com 127.0.0.1 www.necessaryupdates.com 127.0.0.1 newupdates.lzio.com 127.0.0.1 redirect.msupdate.net 127.0.0.1 search.keyword.exeupdate.com 127.0.0.1 securityupdatesite.com 127.0.0.1 www.securityupdatesite.com 127.0.0.1 settings.updatemysettings.com 127.0.0.1 spyaxeupdate.com 127.0.0.1 www.spyaxeupdate.com 127.0.0.1 spyfalconupdate.com 127.0.0.1 www.spyfalconupdate.com 127.0.0.1 systemupdates.net 127.0.0.1 www.systemupdates.net 127.0.0.1 trial.updates.winsoftware.com 127.0.0.1 updatemysettings.com 127.0.0.1 www.updatemysettings.com 127.0.0.1 updates.spywarequake.com 127.0.0.1 urgentsystemupdate.biz 127.0.0.1 www.urgentsystemupdate.biz 127.0.0.1 urgentsystemupdate.com 127.0.0.1 www.urgentsystemupdate.com 127.0.0.1 windupdates.com 127.0.0.1 update.680180.net 127.0.0.1 pandaantivirus-2007.com 127.0.0.1 www.pandaantivirus-2007.com 127.0.0.1 pandadownload-now.com 127.0.0.1 www.pandadownload-now.com 127.0.0.1 panda-hq.com 127.0.0.1 www.panda-hq.com catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-21 12:25:21 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 352 - svchost.exe 716 - csrss.exe 756 - winlogon.exe 800 - services.exe 812 - lsass.exe 988 - svchost.exe 1056 - svchost.exe 1152 - svchost.exe 1320 - svchost.exe 1440 - guard.exe 1524 - explorer.exe 1656 - MDM.EXE 1740 - firefox.exe 1848 - ashServ.exe 2028 - nvsvc32.exe 2052 - cmd.exe 2372 - ashMaiSv.exe 2452 - SOUNDMAN.EXE 2540 - PDVDServ.exe 2588 - ashDisp.exe 2612 - ashWebSv.exe 2732 - SweetIM.exe 2828 - ctfmon.exe 2848 - wscntfy.exe 2896 - GoogleToolbarNo 2976 - IEXPLORE.EXE 3140 - LimeWire.exe 3192 - DAP.exe 3316 - IEXPLORE.EXE 3380 - Skype.exe 3892 - skypePM.exe Total number of processes = 32 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806E2000 - \WINDOWS\system32\hal.dll F7ADB000 - \WINDOWS\system32\KDCOM.DLL F79EB000 - \WINDOWS\system32\BOOTVID.dll F74AB000 - ACPI.sys F7ADD000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F749A000 - pci.sys F75DB000 - isapnp.sys F7BA3000 - pciide.sys F785B000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F7ADF000 - intelide.sys F75EB000 - MountMgr.sys F747B000 - ftdisk.sys F7AE1000 - dmload.sys F7455000 - dmio.sys F7863000 - PartMgr.sys F75FB000 - sfsync03.sys F760B000 - VolSnap.sys F743D000 - atapi.sys F761B000 - disk.sys F762B000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F741D000 - fltMgr.sys F740B000 - sr.sys F73F4000 - KSecDD.sys F7367000 - Ntfs.sys F733A000 - NDIS.sys F731E000 - kl1.sys F786B000 - \WINDOWS\system32\DRIVERS\TDI.SYS F730A000 - srescan.sys F7873000 - sfhlp02.sys F72F8000 - sfdrv01.sys F72DD000 - Mup.sys F763B000 - agp440.sys F768B000 - \SystemRoot\system32\DRIVERS\intelppm.sys F6A9E000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys F6A8A000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F790B000 - \SystemRoot\system32\DRIVERS\usbuhci.sys F6A67000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F7913000 - \SystemRoot\system32\DRIVERS\usbehci.sys F6A3C000 - \SystemRoot\system32\DRIVERS\yukonwxp.sys F791B000 - \SystemRoot\system32\DRIVERS\fdc.sys F6A2B000 - \SystemRoot\system32\DRIVERS\serial.sys F7AC3000 - \SystemRoot\system32\DRIVERS\serenum.sys F6A17000 - \SystemRoot\system32\DRIVERS\parport.sys F769B000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F7923000 - \SystemRoot\system32\DRIVERS\mouclass.sys F792B000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F76AB000 - \SystemRoot\system32\DRIVERS\imapi.sys F76BB000 - \SystemRoot\system32\DRIVERS\cdrom.sys F76CB000 - \SystemRoot\system32\DRIVERS\redbook.sys F69F4000 - \SystemRoot\system32\DRIVERS\ks.sys F67B2000 - \SystemRoot\system32\drivers\ALCXWDM.SYS F678E000 - \SystemRoot\system32\drivers\portcls.sys F76DB000 - \SystemRoot\system32\drivers\drmk.sys F7C96000 - \SystemRoot\system32\DRIVERS\audstub.sys F76EB000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F7ACF000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F6777000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F76FB000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F770B000 - \SystemRoot\system32\DRIVERS\raspptp.sys F6766000 - \SystemRoot\system32\DRIVERS\psched.sys F771B000 - \SystemRoot\system32\DRIVERS\msgpc.sys F7933000 - \SystemRoot\system32\DRIVERS\ptilink.sys F793B000 - \SystemRoot\system32\DRIVERS\raspti.sys F671B000 - \SystemRoot\system32\DRIVERS\rdpdr.sys F772B000 - \SystemRoot\system32\DRIVERS\termdd.sys F7B13000 - \SystemRoot\system32\DRIVERS\swenum.sys F66C2000 - \SystemRoot\system32\DRIVERS\update.sys F72AD000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F774B000 - \SystemRoot\System32\Drivers\NDProxy.SYS F775B000 - \SystemRoot\system32\DRIVERS\usbhub.sys F7B1B000 - \SystemRoot\system32\DRIVERS\USBD.SYS F794B000 - \SystemRoot\system32\DRIVERS\flpydisk.sys F53A4000 - \SystemRoot\system32\DRIVERS\klif.sys F796B000 - \SystemRoot\system32\DRIVERS\usbccgp.sys F7B29000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F7C05000 - \SystemRoot\System32\Drivers\Null.SYS F7B2D000 - \SystemRoot\System32\Drivers\Beep.SYS F7C11000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys F7973000 - \SystemRoot\System32\drivers\vga.sys F7B33000 - \SystemRoot\System32\Drivers\mnmdd.SYS F7B35000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F797B000 - \SystemRoot\System32\Drivers\Msfs.SYS F7983000 - \SystemRoot\System32\Drivers\Npfs.SYS F6E69000 - \SystemRoot\system32\DRIVERS\rasacd.sys F52CA000 - \SystemRoot\system32\DRIVERS\ipsec.sys F5272000 - \SystemRoot\system32\DRIVERS\tcpip.sys F6EF5000 - \SystemRoot\System32\Drivers\aswTdi.SYS F5251000 - \SystemRoot\system32\DRIVERS\ipnat.sys F5229000 - \SystemRoot\system32\DRIVERS\netbt.sys F6EE5000 - \SystemRoot\system32\DRIVERS\wanarp.sys F51C9000 - \SystemRoot\System32\vsdatant.sys F51A8000 - \SystemRoot\system32\DRIVERS\pfc027.sys F6ED5000 - \SystemRoot\system32\DRIVERS\STREAM.SYS F66BA000 - \SystemRoot\system32\DRIVERS\hidusb.sys F6EA5000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS F7993000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS F509F000 - \SystemRoot\System32\drivers\afd.sys F6E95000 - \SystemRoot\system32\DRIVERS\netbios.sys F5074000 - \SystemRoot\system32\DRIVERS\rdbss.sys F5005000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys F6E85000 - \SystemRoot\System32\Drivers\Fips.SYS F7C5F000 - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys F79A3000 - \SystemRoot\System32\Drivers\Aavmker4.SYS F767B000 - \SystemRoot\System32\Drivers\Cdfs.SYS F4E2A000 - \SystemRoot\System32\Drivers\dump_atapi.sys F7B71000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys F53A0000 - \SystemRoot\System32\drivers\Dxapi.sys F79CB000 - \SystemRoot\System32\watchdog.sys BF000000 - \SystemRoot\System32\drivers\dxg.sys F7C74000 - \SystemRoot\System32\drivers\dxgthk.sys BF012000 - \SystemRoot\System32\nv4_disp.dll BA5FC000 - \SystemRoot\system32\DRIVERS\ndisuio.sys B9B35000 - \SystemRoot\System32\Drivers\Fastfat.SYS B9A57000 - \SystemRoot\System32\Drivers\aswMon2.SYS B9812000 - \SystemRoot\system32\drivers\wdmaud.sys F4E92000 - \SystemRoot\system32\drivers\sysaudio.sys B9655000 - \SystemRoot\system32\DRIVERS\mrxdav.sys F7B2F000 - \SystemRoot\System32\Drivers\ParVdm.SYS B95DB000 - \SystemRoot\system32\DRIVERS\srv.sys F5131000 - \SystemRoot\system32\DRIVERS\secdrv.sys B95B3000 - \SystemRoot\System32\Drivers\aswRdr.SYS B9039000 - \SystemRoot\System32\Drivers\HTTP.sys B448C000 - \SystemRoot\system32\drivers\kmixer.sys F7C32000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 126 Liste des programmes installes a-squared Free 3.1 Adobe Flash Player 9 ActiveX Artweaver avast! Antivirus AVG Anti-Spyware 7.5 BitTorrent 5.0.9 Command & Conquer Generals Command & Conquer Generals Composant Hmk Correctif Windows XP - KB873339 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB888302 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Crazy Taxi Dive Download Accelerator Plus (DAP) eMedia eMule F1 2002 Google Earth Google Toolbar for Internet Explorer Gran Diccionario de la Lengua Española HijackThis 1.99.1 Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB926239) J2SE Runtime Environment 5.0 Update 10 Java 6 Update 3 Java SE Runtime Environment 6 Update 1 L'ile au trésor Language Engineering Power Translator Le Visuel Les Indispensables Éducation pour Microsoft Office LimeWire PRO 4.12.11 Macrogaming SweetIM 1.2a Marvell Miniport Driver Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Encarta 2007 - Études Microsoft Encarta Maths Microsoft Office Professional Edition 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921503) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925454) Mise à jour de sécurité pour Windows XP (KB925902) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928090) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour de sécurité pour Windows XP (KB929123) Mise à jour de sécurité pour Windows XP (KB929969) Mise à jour de sécurité pour Windows XP (KB930178) Mise à jour de sécurité pour Windows XP (KB931261) Mise à jour de sécurité pour Windows XP (KB931768) Mise à jour de sécurité pour Windows XP (KB931784) Mise à jour de sécurité pour Windows XP (KB932168) Mise à jour de sécurité pour Windows XP (KB933566) Mise à jour de sécurité pour Windows XP (KB933729) Mise à jour de sécurité pour Windows XP (KB935839) Mise à jour de sécurité pour Windows XP (KB935840) Mise à jour de sécurité pour Windows XP (KB936021) Mise à jour de sécurité pour Windows XP (KB937143) Mise à jour de sécurité pour Windows XP (KB937894) Mise à jour de sécurité pour Windows XP (KB938127) Mise à jour de sécurité pour Windows XP (KB938829) Mise à jour de sécurité pour Windows XP (KB939653) Mise à jour de sécurité pour Windows XP (KB941202) Mise à jour de sécurité pour Windows XP (KB941568) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB942615) Mise à jour de sécurité pour Windows XP (KB943460) Mise à jour de sécurité pour Windows XP (KB944653) Mise à jour Encarta_Les Indispensables Éducation Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB927891) Mise à jour pour Windows XP (KB929338) Mise à jour pour Windows XP (KB930916) Mise à jour pour Windows XP (KB931836) Mise à jour pour Windows XP (KB933360) Mise à jour pour Windows XP (KB936357) Mise à jour pour Windows XP (KB938828) Mise à jour pour Windows XP (KB942763) Mise à jour pour Windows XP (KB942840) Mise à jour pour Windows XP (KB946627) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Mozilla Firefox (2.0.0.11) MSN MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 6.0 Parser (KB933579) Nero OEM NVIDIA Drivers PC Camera PC Camera PowerDVD Pro Evolution Soccer 6 Pro Evolution Soccer 6 Quick Zip 4.60.017b Race Driver 3 Realtek AC'97 Audio Rebel Raiders: Operation Nighthawk Security Update pour Microsoft .NET Framework 2.0 (KB928365) Shareaza 2.3.1.0 Skype™ 3.5 Snowboarding Championship 2004 SpeedOptimizer SpeedRam2 Spider-Man 2 Spider-Man 2 Spybot - Search & Destroy SweetIM For Internet Explorer 1.0a TopSpin TopSpin VIDAL CD VideoLAN VLC media player 0.8.6d WebFldrs XP Windows Installer 3.1 (KB893803) Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format 11 runtime Windows Media Format 11 runtime WinRAR archiver WordWeb xp-AntiSpy 3.96-6 Xvid 1.1.3 final uninstall Yahoo! Anti-Spy Yahoo! Install Manager Yahoo! Toolbar Yahoo! Toolbar avec bloqueur de fenêtres pop-up ZoneAlarm Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1490-B735 Répertoire de C:\Program Files 14/01/2008 12:28 <REP> . 14/01/2008 12:28 <REP> .. 01/09/2007 12:03 <REP> Activision 01/09/2007 12:09 <REP> Activision Value 10/01/2008 10:17 <REP> Ahead 19/12/2006 15:38 <REP> Alwil Software 28/04/2007 21:46 <REP> Artweaver 0.4 12/01/2008 10:26 <REP> a-squared Free 10/09/2007 10:22 <REP> Atari 01/11/2006 00:28 <REP> AvRack 09/01/2008 08:07 <REP> BitTorrent 07/12/2006 22:25 <REP> Codemasters 25/12/2006 21:35 <REP> Common Files 01/11/2006 00:11 <REP> ComPlus Applications 06/12/2006 15:33 <REP> CyberLink 19/12/2006 16:28 <REP> DAP 09/12/2007 13:32 <REP> Dictionnaire 27/08/2007 19:55 <REP> Dive 08/12/2006 14:38 <REP> EA Games 27/04/2007 15:12 <REP> EA SPORTS 08/01/2008 14:15 <REP> eMule 10/01/2008 10:16 <REP> Fichiers communs 06/05/2007 23:03 <REP> Google 14/01/2008 12:28 <REP> Grisoft 01/11/2006 00:26 <REP> Intel 11/12/2007 22:55 <REP> Internet Explorer 06/01/2008 15:52 <REP> Java 01/01/2002 00:11 <REP> KONAMI 07/12/2006 22:04 <REP> Learning Essentials 12/01/2008 10:52 <REP> LimeWire 12/01/2008 12:08 <REP> Macrogaming 01/11/2006 00:27 <REP> Marvell 03/01/2007 08:21 <REP> Messenger 07/12/2006 22:05 <REP> Microsoft Etudes 01/11/2006 00:16 <REP> microsoft frontpage 01/11/2006 00:34 <REP> Microsoft Office 01/11/2006 00:34 <REP> Microsoft Visual Studio 01/11/2006 00:34 <REP> Microsoft Works 01/11/2006 00:35 <REP> Microsoft.NET 01/11/2006 00:12 <REP> Movie Maker 21/01/2008 08:03 <REP> Mozilla Firefox 12/02/2007 21:02 <REP> MSN 01/11/2006 00:11 <REP> MSN Gaming Zone 05/11/2007 20:05 <REP> MSN Messenger 04/01/2007 09:05 <REP> MSXML 4.0 16/08/2007 13:08 <REP> MSXML 6.0 01/11/2006 00:13 <REP> NetMeeting 07/12/2006 14:11 <REP> NovaLogic 01/11/2006 00:11 <REP> Online Services 14/06/2007 13:08 <REP> Outlook Express 25/12/2006 21:35 <REP> PC Camera 13/12/2006 15:24 <REP> Power Translator 10/09/2007 09:24 <REP> QA International 11/01/2008 15:37 <REP> QuickTime 24/01/2007 13:52 <REP> QuickZip4 07/12/2006 23:26 <REP> Radical Games 01/11/2006 00:28 <REP> Realtek Sound Manager 14/03/2007 18:55 <REP> Rebel Raiders Operation Nighthawk 27/08/2007 13:24 <REP> SDLL 13/12/2006 17:29 <REP> Sega 01/11/2006 00:13 <REP> Services en ligne 12/01/2008 19:02 <REP> Shareaza 17/08/2007 21:17 <REP> Skype 19/12/2006 16:29 <REP> SpeedOptimizer 10/02/2007 15:13 <REP> SpeedRam2 04/11/2007 22:49 <REP> Spybot - Search & Destroy 09/01/2008 12:41 <REP> uTorrent 11/12/2006 21:57 <REP> VIDAL 10/01/2008 20:46 <REP> VideoLAN 22/02/2007 13:43 <REP> Windows Media Connect 2 22/02/2007 16:21 <REP> Windows Media Player 01/11/2006 00:11 <REP> Windows NT 02/01/2008 23:20 <REP> WinRAR 23/11/2007 16:37 <REP> WordWeb 01/11/2006 00:16 <REP> xerox 05/11/2007 13:27 <REP> xp-AntiSpy 10/01/2008 13:20 <REP> Xvid 23/12/2006 22:58 <REP> Yahoo! 05/11/2007 09:48 <REP> Zone Labs 0 fichier(s) 0 octets 79 Rép(s) 23 467 352 064 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1490-B735 Répertoire de C:\Program Files\fichiers communs 10/01/2008 10:16 <REP> . 10/01/2008 10:16 <REP> .. 10/01/2008 10:16 <REP> Ahead 01/11/2006 00:34 <REP> DESIGNER 07/12/2006 22:23 <REP> InstallShield 31/12/2006 16:41 <REP> Java 14/09/2007 15:51 <REP> Microsoft Shared 01/11/2006 00:13 <REP> MSSoap 01/11/2006 00:59 <REP> ODBC 01/11/2006 00:13 <REP> Services 17/08/2007 21:17 <REP> Skype 01/11/2006 00:59 <REP> SpeechEngines 14/06/2007 13:15 <REP> System 0 fichier(s) 0 octets 13 Rép(s) 23 467 352 064 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1490-B735 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 01/11/2006 00:34 <REP> . 01/11/2006 00:34 <REP> .. 01/11/2006 00:34 <REP> 1033 01/11/2006 00:34 <REP> 1036 11/07/2003 10:15 1 292 872 MSONSEXT.DLL 15/07/2003 06:52 35 896 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 11/07/2003 02:25 80 448 PKMWS.DLL 5 fichier(s) 1 659 186 octets 4 Rép(s) 23 467 347 968 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 1490-B735 Répertoire de C:\Program Files\common files 25/12/2006 21:35 <REP> . 25/12/2006 21:35 <REP> .. 25/12/2006 21:35 <REP> PCCamera 23/12/2006 22:58 <REP> Scanner 0 fichier(s) 0 octets 4 Rép(s) 23 467 347 968 octets libres c:\Documents and Settings\user\.housecall6.6\getMac.exe c:\Documents and Settings\user\.housecall6.6\patch.exe c:\Documents and Settings\user\.housecall6.6\tsc.exe c:\Documents and Settings\user\Application Data\LimeWire\.NetworkShare\LimeWireWin4.16.2.exe c:\Documents and Settings\user\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\FileTrans.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\LogoTrans_1.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\NewShortcut1_10.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\NewShortcut10.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\NewShortcut11.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\NewShortcut12.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\NewShortcut13.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\NewShortcut2_1.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\NewShortcut3_1.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\NewShortcut4_1.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\NewShortcut5_1.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\NewShortcut6_1.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\NewShortcut7_1.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\NewShortcut8.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\NewShortcut9.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\TransIt.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{66EDF2E5-6C37-4939-A837-FBF2C52F91CD}\TranslationMirror.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{BBB1528C-2F8C-4526-9C8E-699F17AF21CA}\ARPPRODUCTICON.exe c:\Documents and Settings\user\Application Data\Microsoft\Installer\{EE8FE8AF-C57B-4AEB-AAFA-69261D3FCE22}\_E81581DF9C82_49F7_AD14_855DD9DC34DB.exe c:\Documents and Settings\user\Application Data\MSNInstaller\msnauins.exe c:\Documents and Settings\user\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\user\Bureau\DiagHelp\diff.exe c:\Documents and Settings\user\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\user\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\user\Bureau\DiagHelp\find2.exe c:\Documents and Settings\user\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\user\Bureau\DiagHelp\grep.exe c:\Documents and Settings\user\Bureau\DiagHelp\gzip.exe c:\Documents and Settings\user\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\user\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\user\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\user\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\user\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\user\Bureau\DiagHelp\sigcheck.exe c:\Documents and Settings\user\Bureau\DiagHelp\streams.exe c:\Documents and Settings\user\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\user\Bureau\DiagHelp\tar.exe c:\Documents and Settings\user\Incomplete\l3codecx(2).exe c:\Documents and Settings\user\Local Settings\Application Data\Ares\My Shared Folder\limewirewin.exe c:\Documents and Settings\user\Local Settings\Temp\BitTorrent-5.0.9.exe c:\Documents and Settings\user\Local Settings\Temp\RDtemp.exe c:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE51M7WDER\ATF-Cleaner[1].exe c:\Documents and Settings\user\Mes documents\EasyUpgrade.exe c:\Documents and Settings\user\Mes documents\Europe_Algerie.exe c:\Documents and Settings\user\Mes documents\l3codecx(2).exe c:\Documents and Settings\user\Mes documents\adsl esasy pilotes\ZXDSL 852V6.0\ZXDSL 852V6.0.0a_D14\LAN\DSLTest.exe c:\Documents and Settings\user\Mes documents\adsl esasy pilotes\ZXDSL 852V6.0\ZXDSL 852V6.0.0a_D14\LAN\setup.exe c:\Documents and Settings\user\Mes documents\adsl esasy pilotes\ZXDSL 852V6.0\ZXDSL 852V6.0.0a_D14\LAN\StmClean.exe c:\Documents and Settings\user\Mes documents\adsl esasy pilotes\ZXDSL 852V6.0\ZXDSL 852V6.0.0a_D14\LAN\stmtrace.exe c:\Documents and Settings\user\Mes documents\adsl esasy pilotes\ZXDSL 852V6.0\ZXDSL 852V6.0.0a_D14\LAN\usbenum.exe c:\Documents and Settings\user\Mes documents\adsl esasy pilotes\ZXDSL 852V6.0\ZXDSL 852V6.0.0a_D14\WAN\DSLTest.exe c:\Documents and Settings\user\Mes documents\adsl esasy pilotes\ZXDSL 852V6.0\ZXDSL 852V6.0.0a_D14\WAN\setup.exe c:\Documents and Settings\user\Mes documents\adsl esasy pilotes\ZXDSL 852V6.0\ZXDSL 852V6.0.0a_D14\WAN\StmClean.exe c:\Documents and Settings\user\Mes documents\adsl esasy pilotes\ZXDSL 852V6.0\ZXDSL 852V6.0.0a_D14\WAN\stmtrace.exe c:\Documents and Settings\user\Mes documents\adsl esasy pilotes\ZXDSL 852V6.0\ZXDSL 852V6.0.0a_D14\WAN\usbenum.exe c:\Documents and Settings\user\Mes documents\Default album\utility\dap8.exe c:\Documents and Settings\user\Mes documents\Default album\utility\eMule0.47c-Installer.exe c:\Documents and Settings\user\Mes documents\Default album\utility\Install_MSN_Messenger.EXE c:\Documents and Settings\user\Mes documents\flash demo axil\FoxitReader.exe c:\Documents and Settings\user\Mes documents\flash demo axil\Upgrade32max.exe c:\Documents and Settings\user\Mes documents\flash demo axil\uptoolb34_39.exe c:\Documents and Settings\user\Mes documents\flash du ng4\CiBoxTools.exe c:\Documents and Settings\user\Mes documents\flash du ng4\CiBoxToolsv3.00.exe c:\Documents and Settings\user\Mes documents\flash du ng4\El_Macetero_v1[1].0.exe c:\Documents and Settings\user\Mes documents\flash du stream 1100\Kup230 Engineer Patched.exe c:\Documents and Settings\user\Mes documents\logiciel telechargé(from interN)\BitTorrent-5.0.7.exe c:\Documents and Settings\user\Mes documents\logiciel telechargé(from interN)\FoxitReader.exe c:\Documents and Settings\user\Mes documents\logiciel telechargé(from interN)\l3codecx.exe c:\Documents and Settings\user\Mes documents\logiciel telechargé(from interN)\quickzip.exe c:\Documents and Settings\user\Mes documents\logiciel telechargé(from interN)\SkypeSetup.exe c:\Documents and Settings\user\Mes documents\logiciel telechargé(from interN)\Speedram2_Setup.exe c:\Documents and Settings\user\Mes documents\logiciel telechargé(from interN)\Upgrade32max.exe c:\Documents and Settings\user\Mes documents\logiciel telechargé(from interN)\XviD-1.1.3-28062007.exe c:\Documents and Settings\user\Mes documents\logiciel telechargé(from interN)\yinst_current.exe c:\Documents and Settings\user\Mes documents\logiciel telechargé(from interN)\ypsr_dat_06.09.22.16_setup_.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\a2FreeSetup.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\aresregular209_installer.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\Artweaver.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\ATF-Cleaner.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\attrib.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\avgas-setup-7.5.1.43-3339.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\camfrog.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\find.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\findstr.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\Firefox Setup 1.5.0.12.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\Globe7Setup_8.0.0.1.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\Google_Earth_BZXW.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\Install_Messenger.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\INSTALL_MSN_MESSENGER_NT.EXE c:\Documents and Settings\user\Mes documents\My Completed Downloads\LimeWireWin.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\MPSetup.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\oovoosetup.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\realalt151.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\regedit.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\Shareaza_2.3.1.0_Win32.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SkypeSetup.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\spybotsd15.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\vlc-0.8.6d-win32.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\xp-AntiSpy_setup-english.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\ypsr_dat_07.04.13.15_setup_.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\ypsr_dat_07.06.08.15_setup_.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\ypsr_prog_01.14.01_fr_setup_.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\zaSetup_fr.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\catchme.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\dummy.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\cliptext.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\download.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\dummy.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\ERUNT.EXE c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\FixPath.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\isadmin.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\LS.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\MD5File.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\Process.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\procs.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\psservice.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\RegDACL.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\regedit.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\RestartIt!.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\sc.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\SF.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\shutdown.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\swreg.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\swsc.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\unzip.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\WINMSG.EXE c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\zip.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\Replace\W2K.exe c:\Documents and Settings\user\Mes documents\My Completed Downloads\SDFix\SDFix\apps\Replace\XP.exe c:\Documents and Settings\user\Mes documents\My Skype Received Files\Angel.exe c:\Documents and Settings\user\Mes documents\My Skype Received Files\SkypeSetup.exe c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\user\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_USER-6C29F98C60.tar.gz a l'adresse http://upload.malekal.com

of course i can

salut gof stp excuse moi mais g un petit souci avec "go.cmd" qd je clique decu 2 fois y a un message d erreur qui me di "des fichiers sont manquants...vs n avez pas du decompresser la totalite de l archive..(chose que j ai faite) ... le programme ne peu continuer... excuse moi stp !!! et encore une fois merci !!!!

bonjour gof desole de te decevoir mais dans le repertoir sdfix il n y a que "catchme" ,"runthis" et enfin un raccourci sdfix fead me on line !!!

salut gof !! stp pourais tu m indiquer le chemin a suivre pour trouver le fichier "report.txt" j ai lancer le moteur de recherche windows mais il ne le trouve pas moi non plus dailleurs !! merci!!

bonjour gof merci pour tes conseils et toute mes excuses pour les erreurs que j ai faite je pensai bien faire en fesant des scan suplementaires!! je vien tout juste de quiter le mode sans exhec; en effet apres avoir lancer sdfix et taper sur la lettre "y" j ai patienter tt la matiné ,aparement aucun scan n a demarrer et rien ne c est produi comme pour la derniere fois!! je te pose les rapport hijack et avg!! et encore une fois merci!!! Logfile of HijackThis v1.99.1 Scan saved at 12:38:06, on 19/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\WordWeb\wweb32.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.359\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.meteomedia.com/weather/agxx0006/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing) O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [speedOptimizer] C:\PROGRA~1\SPEEDO~1\SPO.EXE -s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Microsoft Security] mssecure.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: www.secuser.com O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{DE1FDF38-FA70-4FA0-85C3-4C79A04FFB93}: NameServer = 208.67.222.222 193.55.10.102 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\Power Translator\LogoMedia TranslateDotNet Server.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 14:49:37 17/01/2008 + Résultat de l'analyse: C:\Program Files\Yahoo!\YPSR\Quarantine\ppq254.tmp -> TrackingCookie.247realmedia : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq39.tmp -> TrackingCookie.247realmedia : Nettoyé. C:\Documents and Settings\user\Cookies\user@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1.tmp -> TrackingCookie.2o7 : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq12.tmp -> TrackingCookie.2o7 : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq13.tmp -> TrackingCookie.2o7 : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6F.tmp -> TrackingCookie.Adrevolver : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq70.tmp -> TrackingCookie.Adtech : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq8.tmp -> TrackingCookie.Adtech : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq10.tmp -> TrackingCookie.Advertising : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq9.tmp -> TrackingCookie.Advertising : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15.tmp -> TrackingCookie.Adviva : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3A.tmp -> TrackingCookie.Adviva : Nettoyé. C:\Documents and Settings\user\Cookies\user@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq16.tmp -> TrackingCookie.Atdmt : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppqC.tmp -> TrackingCookie.Atdmt : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq20.tmp -> TrackingCookie.Bluestreak : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD.tmp -> TrackingCookie.Bluestreak : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3B.tmp -> TrackingCookie.Burstnet : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq11.tmp -> TrackingCookie.Casalemedia : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1F.tmp -> TrackingCookie.Casalemedia : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2C.tmp -> TrackingCookie.Clickbank : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq22.tmp -> TrackingCookie.Comclick : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2D.tmp -> TrackingCookie.Comclick : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4E.tmp -> TrackingCookie.Dealtime : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq29.tmp -> TrackingCookie.Doubleclick : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE.tmp -> TrackingCookie.Doubleclick : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4D.tmp -> TrackingCookie.Falkag : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2F.tmp -> TrackingCookie.Fastclick : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7.tmp -> TrackingCookie.Fastclick : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3D.tmp -> TrackingCookie.Fortunecity : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq66.tmp -> TrackingCookie.Gemius : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq78.tmp -> TrackingCookie.Gemius : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3E.tmp -> TrackingCookie.Goclick : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq30.tmp -> TrackingCookie.Hitbox : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq31.tmp -> TrackingCookie.Hitbox : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3F.tmp -> TrackingCookie.Hitbox : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6.tmp -> TrackingCookie.Hitbox : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq80.tmp -> TrackingCookie.Hitbox : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq17.tmp -> TrackingCookie.Mediaplex : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq32.tmp -> TrackingCookie.Pointroll : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppqB.tmp -> TrackingCookie.Pointroll : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq18.tmp -> TrackingCookie.Questionmarket : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7E.tmp -> TrackingCookie.Questionmarket : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq40.tmp -> TrackingCookie.Realmedia : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq49.tmp -> TrackingCookie.Realmedia : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq41.tmp -> TrackingCookie.Revenue : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq69.tmp -> TrackingCookie.Revsci : Nettoyé. C:\Documents and Settings\user\Cookies\user@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\user\Cookies\user@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq36.tmp -> TrackingCookie.Serving-sys : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5.tmp -> TrackingCookie.Serving-sys : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA.tmp -> TrackingCookie.Serving-sys : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppqF.tmp -> TrackingCookie.Serving-sys : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq19.tmp -> TrackingCookie.Sextracker : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1A.tmp -> TrackingCookie.Sextracker : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1B.tmp -> TrackingCookie.Sextracker : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq23.tmp -> TrackingCookie.Sextracker : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq24.tmp -> TrackingCookie.Sextracker : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq26.tmp -> TrackingCookie.Sextracker : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2A.tmp -> TrackingCookie.Sextracker : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2B.tmp -> TrackingCookie.Sextracker : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2E.tmp -> TrackingCookie.Sextracker : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq33.tmp -> TrackingCookie.Sextracker : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq43.tmp -> TrackingCookie.Sextracker : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq44.tmp -> TrackingCookie.Sextracker : Nettoyé. C:\Documents and Settings\user\Cookies\user@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq42.tmp -> TrackingCookie.Smartadserver : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4C.tmp -> TrackingCookie.Smartadserver : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq75.tmp -> TrackingCookie.Spylog : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1C.tmp -> TrackingCookie.Statcounter : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq38.tmp -> TrackingCookie.Statcounter : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq28.tmp -> TrackingCookie.Tacoda : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1E.tmp -> TrackingCookie.Tradedoubler : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4.tmp -> TrackingCookie.Tradedoubler : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq45.tmp -> TrackingCookie.Trafficmp : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4A.tmp -> TrackingCookie.Trafficmp : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq46.tmp -> TrackingCookie.Tribalfusion : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4B.tmp -> TrackingCookie.Tribalfusion : Nettoyé. C:\Documents and Settings\user\Cookies\user@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3.tmp -> TrackingCookie.Weborama : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq34.tmp -> TrackingCookie.Weborama : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq255.tmp -> TrackingCookie.Webtrendslive : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq27.tmp -> TrackingCookie.Webtrendslive : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq14.tmp -> TrackingCookie.Yieldmanager : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1D.tmp -> TrackingCookie.Yieldmanager : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2.tmp -> TrackingCookie.Zedo : Nettoyé. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq47.tmp -> TrackingCookie.Zedo : Nettoyé. C:\Documents and Settings\user\Local Settings\Temp\fotoparamyspace.com.zip/image_0014.jpeg-www.myspace.com -> Trojan.Delf.akj : Nettoyé et sauvegardé (mise en quarantaine). Fin du rapport thank you

tres cher gof!! tout mes remerciement pour l attention que vous avez aporté a mon problem!! c est tres gentil a vous!!! alors voila avant de suivre vos instructions g procerdé a l analyse de mon disque dure par:a squared free,spy bot, trend micro on line ,je n ai rien trouver de bien grave!!mais ce qui ma surpris et que je n ai rien trouver lorsque j ai lancer un scan avast puis qd je suis entré ds la zone de quarantaine et que j ai lancer le scan sur le fichier infecté par win 32 adware on ma di que le virus a ete detruit!! celan ne ma pas empecher de suivre votre tuto et de lancer en mode sans exhec avg et atf (avg a trouver un cheval de troi dont je croyait m etre debarassé il y a un bon moment)mon seul souci a ete avec sdfix,apres instalation et ouverture de l archive et double clik sur "run this bat" y a un ecran bleu et puis y a ecri que je doit taper "y" chose que j ai faite a plusieurs reprises, mais rien ne se passe a la suite!! pas de scan je comprend pas!! ce qui cloche??voila!!! encore une merci pour ton aide!!!

salut a tous , c est ma premiere inscription a un forum et donc la premiere fois que je poste un sujet,excusez donc mon ignorance mon pblem est que cet apremidi g telecharger ds un p2p un logiciel qui c averé etre un virus " Win32:Adware-gen" (nommé par avast )ds les forum que g brievement parcouru, il est conseillé de telecharger "HijackThis "chose que g faite,je vous poste donc le resultat du raport en esperant trouver chez vous l interpreation adequate ansi que la marche a suivre pour eliminer cet adware!!! merci infiniment!!! ( mes connaissance en informatique sont rudimentaire ) Logfile of HijackThis v1.99.1 Scan saved at 21:43:21, on 13/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\DAP\DAP.EXE C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Ahead\nero\nero.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.360\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.meteomedia.com/weather/agxx0006/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing) O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [speedOptimizer] C:\PROGRA~1\SPEEDO~1\SPO.EXE -s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Microsoft Security] mssecure.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: www.secuser.com O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{DE1FDF38-FA70-4FA0-85C3-4C79A04FFB93}: NameServer = 208.67.222.222 193.55.10.102 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\Power Translator\LogoMedia TranslateDotNet Server.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe