claravik

BONJOUR Visiblement, mes ennuis ont cessé par miracle, puisque nous sommes lundi. 2 alternatives se posent : soit il y a un Prof.[]Mamadou caché sur le Zeb', dans ce cas j'ai un autre truc à lui demander Soit ce sont deux semaines de communications avec mon fournisseur de moins en moins aimables qui ont porté leurs fruits bref j'hésite à mettre en haut du titre de mon post ( RESOLU PAR MIRACLE ) Bien à tous

Bonsoir Bogues007 Merci de conforter ma parano Y a t'il un moyen de vérifier s'il y a un piratage de la ligne? @+++

helas C'est fais et toujours pareil

Bonjour à tous En effet, le problème est plutot étrange, et mon fournisseur (Orange) ne peut l'expliquer. Si vous avez une idée... un début de piste... Le problème perdure depuis 2 semaines et je suis en connection wifi integrée la liveboxe est reconnue par mon PC portable et le signal est fort merci

Bon du coup en farfouillant, j'ai vu dans l'application data un dossier norton symantec je lai donc supprimé manuellement . Pour ce qui concerne le mode sans échec, je suis passée par MSconfig+Boot INI+SAFE BOOT OK , le Pc redémarre il y une correction syst volume puis F8 et voilas en mode sans échec et maintenant je le fais scan par MBAm ( je précise que je t'écris sur mon autre ordiPAKADO) J'espère pour moi que je n'ai pas fais trop de betises

RE; J'ai de nouveau désinstallé Norton, G vérifié sur Ccleaner il n'y est plus depuis la première procédure, d'ailleur n'était il pas plus simple de désinstaller Symantec par ce dernier? En ce qui concerne le mode sans échec c'est touyours inaccessible!!!!!! C'est un virus qui le malmène? @++

Bonjour Apollo Je suis encore au taf' Pour ce qui est de Norton j'ai appliqué la procédure à deux reprises visiblement sans résultats Pour le démarrage en mode sans échec hélas l'échec Par contre je n'ai plus de messages intempestifs au démarrage en mode normal En rentrant chez moi (1h), je recommencerai la désinstallation de norton A plus tard

Bonsoir, voici le rapport:Si tu as encore un peu d'énergie pour regarder ceci Sophos Anti-Virus Version 4.38.0 [Win32/Intel] Virus data version 4.38E, February 2009 Includes detection for 614120 viruses, trojans and worms Copyright © 1989-2009 Sophos Plc, www.sophos.com System time 00:15:37, System date 02 February 2009 Command line qualifiers are: -f -remove -nc -nb -dn --stop-scan -idedir=C:\SDFix\IDE -p=C:\SDFix\SophosReport.txt IDE directory is: C:\SDFix\IDE File swizz-og.ide is older than 90 days File agen-hrd.ide is older than 90 days File agen-htk.ide is older than 90 days File agen-hto.ide is older than 90 days File agen-hry.ide is older than 90 days File agen-hsk.ide is older than 90 days File agen-hrx.ide is older than 90 days File agen-hrp.ide is older than 90 days File agen-hrh.ide is older than 90 days File agen-htv.ide is older than 90 days File agen-hqg.ide is older than 90 days File agen-hqm.ide is older than 90 days File agen-hqq.ide is older than 90 days File agen-hqs.ide is older than 90 days File agen-hqw.ide is older than 90 days File agen-htc.ide is older than 90 days File agen-hrf.ide is older than 90 days File agen-hsm.ide is older than 90 days File agen-hri.ide is older than 90 days File agen-hrl.ide is older than 90 days File agen-hrm.ide is older than 90 days File agen-hro.ide is older than 90 days File agen-hrs.ide is older than 90 days File agen-hrw.ide is older than 90 days File agen-hst.ide is older than 90 days File agen-hud.ide is older than 90 days File agen-hub.ide is older than 90 days File agen-hty.ide is older than 90 days File autoit-t.ide is older than 90 days File autoit-v.ide is older than 90 days File autor-jd.ide is older than 90 days File autor-kl.ide is older than 90 days File autor-jw.ide is older than 90 days File autor-jv.ide is older than 90 days File autor-jy.ide is older than 90 days File autor-ju.ide is older than 90 days File autor-ke.ide is older than 90 days File autor-je.ide is older than 90 days File autor-jp.ide is older than 90 days File autor-jo.ide is older than 90 days File autor-jm.ide is older than 90 days File autor-jl.ide is older than 90 days File autor-jk.ide is older than 90 days File autor-ji.ide is older than 90 days File autor-jf.ide is older than 90 days File autor-kf.ide is older than 90 days File backd-ab.ide is older than 90 days File backsp-a.ide is older than 90 days File backd-ac.ide is older than 90 days File banhos-y.ide is older than 90 days File bank-enm.ide is older than 90 days File banhos-z.ide is older than 90 days File bank-end.ide is older than 90 days File bank-ene.ide is older than 90 days File bank-eni.ide is older than 90 days File bankd-dj.ide is older than 90 days File bho-hc.ide is older than 90 days File bront-dw.ide is older than 90 days File buzus-o.ide is older than 90 days File buzus-p.ide is older than 90 days File click-ez.ide is older than 90 days File delban-a.ide is older than 90 days File delf-fbc.ide is older than 90 days File dloa-bss.ide is older than 90 days File dloa-btl.ide is older than 90 days File dloa-btz.ide is older than 90 days File dloa-bsq.ide is older than 90 days File dload-di.ide is older than 90 days File dload-dk.ide is older than 90 days File dorf-bu.ide is older than 90 days File dropr-ac.ide is older than 90 days File dwnl-hie.ide is older than 90 days File dwnl-hih.ide is older than 90 days File dwnl-hht.ide is older than 90 days File fakea-dh.ide is older than 90 days File fakea-hq.ide is older than 90 days File fakea-ed.ide is older than 90 days File fakea-ho.ide is older than 90 days File fakea-eb.ide is older than 90 days File fakea-dm.ide is older than 90 days File fakea-hd.ide is older than 90 days File fakea-ht.ide is older than 90 days File fakea-hu.ide is older than 90 days File fakev-fy.ide is older than 90 days File gaman-ch.ide is older than 90 days File geezo-e.ide is older than 90 days File gaman-ci.ide is older than 90 days File he4hoo-g.ide is older than 90 days File hostin-a.ide is older than 90 days File injec-cx.ide is older than 90 days File ircb-acn.ide is older than 90 days File ircb-acr.ide is older than 90 days File killa-ey.ide is older than 90 days File linea-gc.ide is older than 90 days File linea-fl.ide is older than 90 days File linea-fs.ide is older than 90 days File linea-fy.ide is older than 90 days File linea-gk.ide is older than 90 days File meredr-a.ide is older than 90 days File ntroo-ea.ide is older than 90 days File ntroo-dy.ide is older than 90 days File ntroo-dz.ide is older than 90 days File obfus-b.ide is older than 90 days File offmsg-a.ide is older than 90 days File poiso-ad.ide is older than 90 days File pswd-gen.ide is older than 90 days File psyme-kd.ide is older than 90 days File psyme-jy.ide is older than 90 days File psyme-jx.ide is older than 90 days File psyme-jw.ide is older than 90 days File pws-atu.ide is older than 90 days File pws-aty.ide is older than 90 days File pws-att.ide is older than 90 days File pws-atr.ide is older than 90 days File pws-atp.ide is older than 90 days File pws-aua.ide is older than 90 days File rexplo-d.ide is older than 90 days File rootk-dr.ide is older than 90 days File rootk-ds.ide is older than 90 days File swfdlr-b.ide is older than 90 days File tibs-uw.ide is older than 90 days File usract-a.ide is older than 90 days File vb-ebe.ide is older than 90 days File wlhack-g.ide is older than 90 days File ytkit-a.ide is older than 90 days File zlob-aop.ide is older than 90 days File zlob-aol.ide is older than 90 days Using IDE file maldoc-f.ide Using IDE file autor-om.ide Using IDE file agen-hzb.ide Using IDE file agen-iao.ide Using IDE file pdfex-ac.ide Using IDE file agen-hwu.ide Using IDE file autor-nu.ide Using IDE file agen-huq.ide Using IDE file pushdo-x.ide Using IDE file bank-eoe.ide Using IDE file mdro-bwl.ide Using IDE file bancb-qz.ide Using IDE file votera-b.ide Using IDE file swizz-oj.ide Using IDE file poiso-ag.ide Using IDE file pws-auf.ide Using IDE file gimmiv-a.ide Using IDE file sdbo-dla.ide Using IDE file buzus-r.ide Using IDE file start-bo.ide Using IDE file fakea-fs.ide Using IDE file agen-iex.ide Using IDE file fakev-hh.ide Using IDE file bho-hj.ide Using IDE file dorf-bv.ide Using IDE file zlob-aqz.ide Using IDE file acespa-a.ide Using IDE file agen-iec.ide Using IDE file agen-iea.ide Using IDE file zlob-aqu.ide Using IDE file drop-bb.ide Using IDE file drop-bg.ide Using IDE file dwnl-his.ide Using IDE file tiotua-w.ide Using IDE file zlob-aqq.ide Using IDE file zlob-aqj.ide Using IDE file bho-hp.ide Using IDE file zlob-apn.ide Using IDE file agen-hny.ide Using IDE file bank-ent.ide Using IDE file agen-huf.ide Using IDE file agen-iaz.ide Using IDE file autor-nc.ide Using IDE file zlob-aox.ide Using IDE file emold-a.ide Using IDE file agen-iam.ide Using IDE file agen-hyv.ide Using IDE file agen-hxb.ide Using IDE file fakea-ei.ide Using IDE file autor-ku.ide Using IDE file bckd-qpt.ide Using IDE file autor-ol.ide Using IDE file autor-ld.ide Using IDE file autor-ob.ide Using IDE file cmjsp-am.ide Using IDE file fakea-fx.ide Using IDE file dloa-bxx.ide Using IDE file autor-lq.ide Using IDE file autor-lr.ide Using IDE file autor-lt.ide Using IDE file fakea-ev.ide Using IDE file fakea-et.ide Using IDE file bho-hh.ide Using IDE file agen-hxq.ide Using IDE file autor-nk.ide Using IDE file autor-oa.ide Using IDE file agen-hvm.ide Using IDE file looke-ej.ide Using IDE file autor-li.ide Using IDE file banc-bep.ide Using IDE file agen-iab.ide Using IDE file smal-emq.ide Using IDE file keyge-cr.ide Using IDE file wimad-k.ide Using IDE file autor-nr.ide Using IDE file autor-lb.ide Using IDE file autor-mc.ide Using IDE file autor-ny.ide Using IDE file autor-lf.ide Using IDE file geezo-f.ide Using IDE file agen-icz.ide Using IDE file agen-ida.ide Using IDE file agen-iaj.ide Using IDE file maldoc-o.ide Using IDE file autor-oo.ide Using IDE file autor-os.ide Using IDE file fakev-gl.ide Using IDE file autor-ox.ide Using IDE file ircb-acv.ide Using IDE file autor-mo.ide Using IDE file agen-hyo.ide Using IDE file autor-nj.ide Using IDE file dwnl-hkf.ide Using IDE file dwnl-hkb.ide Using IDE file dwnl-hjq.ide Using IDE file dwnl-hjp.ide Using IDE file dwnl-hjg.ide Using IDE file agen-ign.ide Using IDE file zbot-ar.ide Using IDE file agen-hyc.ide Using IDE file zlob-arf.ide Using IDE file fakev-gf.ide Using IDE file zlob-anz.ide Using IDE file agen-iej.ide Using IDE file autor-me.ide Using IDE file mdro-bwn.ide Using IDE file pws-auy.ide Using IDE file onlin-bh.ide Using IDE file boaxxe-g.ide Using IDE file dloa-byo.ide Using IDE file dloa-byd.ide Using IDE file pws-aut.ide Using IDE file dloa-bxj.ide Using IDE file dloa-bwz.ide Using IDE file dloa-bwr.ide Using IDE file banlo-fz.ide Using IDE file pdfex-w.ide Using IDE file silly-cr.ide Using IDE file zlob-apd.ide Using IDE file dloa-bsb.ide Using IDE file agen-hwd.ide Using IDE file agen-hul.ide Using IDE file banspy-k.ide Using IDE file banho-ab.ide Using IDE file agen-hur.ide Using IDE file snpves-c.ide Using IDE file agen-hwy.ide Using IDE file agen-hwr.ide Using IDE file agen-hwt.ide Using IDE file agen-hxy.ide Using IDE file autor-nz.ide Using IDE file autor-mb.ide Using IDE file autor-nt.ide Using IDE file autor-kx.ide Using IDE file autor-no.ide Using IDE file autor-nn.ide Using IDE file agen-ibh.ide Using IDE file autor-ml.ide Using IDE file agen-ibm.ide Using IDE file agen-hyy.ide Using IDE file asp-d.ide Using IDE file auexje-a.ide Using IDE file agen-ich.ide Using IDE file agen-icv.ide Using IDE file advhac-a.ide Using IDE file autor-mf.ide Using IDE file agen-idp.ide Using IDE file agen-ifz.ide Using IDE file autor-md.ide Using IDE file arinj-a.ide Using IDE file banc-bev.ide Using IDE file dropr-ak.ide Using IDE file fakev-gw.ide Using IDE file fakea-en.ide Using IDE file poiso-af.ide Using IDE file imaut-d.ide Using IDE file ifram-bh.ide Using IDE file ifgif-a.ide Using IDE file fakea-eh.ide Using IDE file swizz-oy.ide Using IDE file fanbot-m.ide Using IDE file keylo-ku.ide Using IDE file renos-be.ide Using IDE file keylo-kw.ide Using IDE file stayt-a.ide Using IDE file skintr-d.ide Using IDE file killa-fb.ide Using IDE file dloa-bwo.ide Using IDE file dloa-bxb.ide Using IDE file fakev-gt.ide Using IDE file kolabc-d.ide Using IDE file fakev-gh.ide Using IDE file wow-kd.ide Using IDE file zlob-api.ide Using IDE file zlob-apg.ide Using IDE file drop-az.ide Using IDE file malas-h.ide Using IDE file pdfex-aa.ide Using IDE file fakea-gi.ide Using IDE file fakea-ft.ide Using IDE file sdbo-dnj.ide Using IDE file salit-an.ide Using IDE file psw-fw.ide Using IDE file dloa-bxp.ide Using IDE file yahlov-a.ide Using IDE file dwnld-e.ide Using IDE file mourn-a.ide Using IDE file delf-fbf.ide Using IDE file pws-auq.ide Using IDE file dwnl-hkh.ide Using IDE file merein-a.ide Using IDE file onlin-bf.ide Using IDE file dload-ed.ide Using IDE file bho-hw.ide Using IDE file pws-avz.ide Using IDE file agen-iaw.ide Using IDE file zlob-ape.ide Using IDE file agen-hxw.ide Using IDE file agen-hxo.ide Using IDE file bank-eoj.ide Using IDE file zimeno-c.ide Using IDE file pws-aup.ide Using IDE file bank-e.ide Using IDE file rootk-eb.ide Using IDE file zipcar-b.ide Using IDE file bank-ens.ide Using IDE file agen-hnf.ide Using IDE file agen-hvv.ide Using IDE file agen-hvk.ide Using IDE file pushdo-w.ide Using IDE file bckd-qpz.ide Using IDE file injec-db.ide Using IDE file dloa-bxh.ide Using IDE file asp-c.ide Using IDE file agen-hzu.ide Using IDE file agen-icw.ide Using IDE file agen-idg.ide Using IDE file agen-ice.ide Using IDE file freezo-d.ide Using IDE file freevi-a.ide Using IDE file formad-a.ide Using IDE file dwnl-hin.ide Using IDE file mdro-bwv.ide Using IDE file dwnl-hjh.ide Using IDE file dwnl-hkc.ide Using IDE file dwnl-hiw.ide Using IDE file agen-ibz.ide Using IDE file delf-fbl.ide Using IDE file zapch-eh.ide Using IDE file agen-iew.ide Using IDE file agen-ifh.ide Using IDE file fakea-iy.ide Using IDE file dwnl-hkk.ide Using IDE file dloa-bzl.ide Using IDE file fakev-hi.ide Using IDE file bancb-rb.ide Using IDE file fakev-go.ide Using IDE file dloa-bun.ide Using IDE file dloa-bus.ide Using IDE file wowpw-bf.ide Using IDE file vb-ebj.ide Using IDE file ambler-g.ide Using IDE file agen-ibw.ide Using IDE file fakeav-l.ide Using IDE file mdro-bwg.ide Using IDE file mdro-bwh.ide Using IDE file dloa-bxm.ide Using IDE file onlin-be.ide Using IDE file autor-of.ide Using IDE file start-bn.ide Using IDE file autor-ow.ide Using IDE file agen-hym.ide Using IDE file dloa-byq.ide Using IDE file fakea-fp.ide Using IDE file dload-ef.ide Using IDE file agen-ias.ide Using IDE file autor-pb.ide Using IDE file autor-lz.ide Using IDE file ms0806-a.ide Using IDE file autor-ly.ide Using IDE file obfjs-bd.ide Using IDE file obfjs-bf.ide Using IDE file delpdl-c.ide Using IDE file dloa-bwh.ide Using IDE file zlob-aqd.ide Using IDE file swfdlr-c.ide Using IDE file meredr-b.ide Using IDE file jolly-a.ide Using IDE file autor-lj.ide Using IDE file autor-ln.ide Using IDE file fanbot-l.ide Using IDE file autor-oz.ide Using IDE file legm-arx.ide Using IDE file zlob-apa.ide Using IDE file smal-emr.ide Using IDE file tileb-kz.ide Using IDE file fakeal-a.ide Using IDE file linea-go.ide Using IDE file bdoo-apw.ide Using IDE file bho-ig.ide Using IDE file zbot-ax.ide Using IDE file vb-ebr.ide Using IDE file agen-igy.ide Using IDE file agen-ihp.ide Using IDE file autor-pg.ide Using IDE file vapsu-ad.ide Using IDE file sasan-k.ide Using IDE file zlob-arg.ide Using IDE file zbot-ay.ide Using IDE file autor-pf.ide Using IDE file rbot-gxf.ide Using IDE file autor-pe.ide Using IDE file banlo-ga.ide Using IDE file autor-pm.ide Using IDE file autor-pl.ide Using IDE file autor-pi.ide Using IDE file r0x4h-a.ide Using IDE file fakea-gs.ide Using IDE file rootk-ef.ide Using IDE file dloa-caj.ide Using IDE file cryptb-a.ide Using IDE file click-fd.ide Using IDE file pushd-aa.ide Using IDE file qhosts-c.ide Using IDE file tibs-uy.ide Using IDE file ircb-adb.ide Using IDE file yahlov-c.ide Using IDE file corefl-f.ide Using IDE file bckd-qqr.ide Using IDE file autoi-ai.ide Using IDE file bank-eot.ide Using IDE file dloa-cbf.ide Using IDE file jeff-a.ide Using IDE file bravo-j.ide Using IDE file bank-eor.ide Using IDE file sdbo-dnp.ide Using IDE file sohan-bp.ide Using IDE file impair-a.ide Using IDE file kukoo-d.ide Using IDE file autor-rd.ide Using IDE file fakev-hv.ide Using IDE file agen-ikf.ide Using IDE file autor-qz.ide Using IDE file bho-ir.ide Using IDE file agen-ihx.ide Using IDE file autor-qx.ide Using IDE file autor-qs.ide Using IDE file autor-rb.ide Using IDE file autor-qp.ide Using IDE file tiotu-ab.ide Using IDE file fakea-gz.ide Using IDE file mdro-bpm.ide Using IDE file autor-qd.ide Using IDE file autor-qc.ide Using IDE file rbot-gxg.ide Using IDE file autor-ry.ide Using IDE file malas-i.ide Using IDE file autor-rx.ide Using IDE file hakflo-a.ide Using IDE file psw-fz.ide Using IDE file ircb-ade.ide Using IDE file bank-eos.ide Using IDE file autor-rf.ide Using IDE file agen-ilm.ide Using IDE file pdfjs-h.ide Using IDE file agen-ikx.ide Using IDE file tileb-la.ide Using IDE file diale-fv.ide Using IDE file agen-ijo.ide Using IDE file rootk-eh.ide Using IDE file agen-ikt.ide Using IDE file pdfex-ag.ide Using IDE file vundro-e.ide Using IDE file agen-iku.ide Using IDE file htaccf-a.ide Using IDE file autor-rs.ide Using IDE file autor-rv.ide Using IDE file bckd-qqo.ide Using IDE file fakeav-q.ide Using IDE file netsk-bt.ide Using IDE file autor-rj.ide Using IDE file autor-rl.ide Using IDE file dloa-cct.ide Using IDE file dloa-ccc.ide Using IDE file bank-eoq.ide Using IDE file autor-re.ide Using IDE file autor-rw.ide Using IDE file agen-iks.ide Using IDE file looke-ek.ide Using IDE file autor-ri.ide Using IDE file fakea-kf.ide Using IDE file smal-ems.ide Using IDE file fakea-he.ide Using IDE file solow-j.ide Using IDE file keylo-kz.ide Using IDE file dloa-cbm.ide Using IDE file autor-rg.ide Using IDE file pdfex-ah.ide Using IDE file agen-iii.ide Using IDE file sohan-bm.ide Using IDE file agen-ilh.ide Using IDE file nebule-s.ide Using IDE file atrn-jd.ide Using IDE file dloa-cbl.ide Using IDE file agen-ijn.ide Using IDE file agen-iij.ide Using IDE file ezio-h.ide Using IDE file proxy-iu.ide Using IDE file bckd-qqq.ide Using IDE file fujac-ao.ide Using IDE file downld-l.ide Using IDE file tometa-k.ide Using IDE file tiotua-y.ide Using IDE file agen-iio.ide Using IDE file bdoo-ara.ide Using IDE file mario-e.ide Using IDE file autor-qy.ide Using IDE file mdro-bxk.ide Using IDE file fakev-hr.ide Using IDE file fakev-ic.ide Using IDE file autor-qf.ide Using IDE file autor-qk.ide Using IDE file psw-gc.ide Using IDE file psw-gd.ide Using IDE file rbot-gxj.ide Using IDE file autor-pv.ide Using IDE file zlob-ari.ide Using IDE file banho-ad.ide Using IDE file fakea-kg.ide Using IDE file drop-bn.ide Using IDE file injec-dl.ide Using IDE file injec-df.ide Using IDE file injec-dg.ide Using IDE file insom-a.ide Using IDE file injec-dk.ide Using IDE file fakea-jx.ide Using IDE file autoi-at.ide Using IDE file pws-auh.ide Using IDE file silly-cv.ide Using IDE file redlof-c.ide Using IDE file bho-iv.ide Using IDE file autoru-u.ide Using IDE file dwnld-l.ide Using IDE file dloa-bzi.ide Using IDE file click-fe.ide Using IDE file crack-q.ide Using IDE file sdbo-dkh.ide Using IDE file pws-awv.ide Using IDE file dload-es.ide Using IDE file fakea-ij.ide Using IDE file autor-tb.ide Using IDE file dloa-ccj.ide Using IDE file waled-f.ide Using IDE file bckd-qlk.ide Using IDE file autoi-aq.ide Using IDE file autoi-ap.ide Using IDE file fakev-iu.ide Using IDE file ircbo-zd.ide Using IDE file renos-bw.ide Using IDE file fakev-ik.ide Using IDE file autoi-an.ide Using IDE file fakev-ig.ide Using IDE file fakev-ie.ide Using IDE file fakev-je.ide Using IDE file fakev-jc.ide Using IDE file zapch-ei.ide Using IDE file startp-p.ide Using IDE file kripti-a.ide Using IDE file agen-ing.ide Using IDE file decdec-c.ide Using IDE file linea-am.ide Using IDE file linea-an.ide Using IDE file dwnl-hfs.ide Using IDE file bckd-qoz.ide Using IDE file waled-d.ide Using IDE file sohan-br.ide Using IDE file bho-iz.ide Using IDE file bank-emn.ide Using IDE file poison-m.ide Using IDE file autor-sq.ide Using IDE file pcbk-fam.ide Using IDE file wowp-gen.ide Using IDE file agen-ijx.ide Using IDE file autor-ck.ide Using IDE file dloa-bsd.ide Using IDE file zlob-alw.ide Using IDE file pws-awx.ide Using IDE file pws-aww.ide Using IDE file expjs-c.ide Using IDE file mdro-btj.ide Using IDE file mdro-buy.ide Using IDE file agen-imr.ide Using IDE file dwnld-b.ide Using IDE file renos-ca.ide Using IDE file agen-ilv.ide Using IDE file dloa-cdo.ide Using IDE file dwnl-hmp.ide Using IDE file pdfjs-o.ide Using IDE file agen-iot.ide Using IDE file tiotu-ac.ide Using IDE file agen-iou.ide Using IDE file dwnl-hmr.ide Using IDE file dwnl-hme.ide Using IDE file autor-cs.ide Using IDE file dloa-cen.ide Using IDE file agen-ipa.ide Using IDE file dloa-cea.ide Using IDE file wowpws-b.ide Using IDE file rootk-el.ide Using IDE file killa-fc.ide Using IDE file fakev-ih.ide Using IDE file waled-h.ide Using IDE file votera-c.ide Using IDE file injec-dq.ide Using IDE file agen-iof.ide Using IDE file agen-ioe.ide Using IDE file fakev-im.ide Using IDE file vb-dyb.ide Using IDE file votera-d.ide Using IDE file fakea-kt.ide Using IDE file dloa-bya.ide Using IDE file agen-int.ide Using IDE file autoi-au.ide Using IDE file autor-sd.ide Using IDE file dloa-bob.ide Using IDE file banc-bfa.ide Using IDE file wimad-l.ide Using IDE file waled-g.ide Using IDE file perlif-a.ide Using IDE file fakev-id.ide Using IDE file silly-h.ide Using IDE file downln-a.ide Using IDE file daolno-a.ide Using IDE file agen-imv.ide Using IDE file dablin-a.ide Using IDE file autoi-al.ide Using IDE file dloa-cem.ide Using IDE file haxdor-b.ide Using IDE file zbot-bl.ide Using IDE file hiloti-a.ide Using IDE file autor-su.ide Using IDE file clickr-h.ide Using IDE file psw-ge.ide Using IDE file psw-gg.ide Using IDE file agen-ioa.ide Using IDE file psyme-ix.ide Using IDE file agen-imk.ide Using IDE file agen-imf.ide Using IDE file adcli-ev.ide Using IDE file agen-gtc.ide Using IDE file zbot-bu.ide Using IDE file refpro-c.ide Using IDE file autor-sv.ide Using IDE file autor-sw.ide Using IDE file agen-hii.ide Using IDE file agen-ils.ide Using IDE file rootk-ek.ide Using IDE file agen-hte.ide Using IDE file rbot-gsm.ide Using IDE file autor-tk.ide Using IDE file zbot-bp.ide Using IDE file bho-jc.ide Using IDE file adcl-gen.ide Using IDE file bckd-qqs.ide Using IDE file renos-cc.ide Using IDE file rbot-gsa.ide Using IDE file pws-axe.ide Using IDE file fretho-a.ide Using IDE file ntroo-eh.ide Using IDE file agen-ioy.ide Using IDE file agen-ioq.ide Using IDE file bho-ix.ide Using IDE file dloa-ccz.ide Using IDE file agen-imc.ide Using IDE file pwss-gen.ide Using IDE file mariof-h.ide Using IDE file autor-ta.ide Using IDE file fakea-km.ide Using IDE file autor-tc.ide Using IDE file rbot-gsk.ide Using IDE file agen-ink.ide Using IDE file pushd-ab.ide Using IDE file autor-sl.ide Using IDE file injec-di.ide Using IDE file confic-c.ide Using IDE file agen-imb.ide Using IDE file ircbo-wd.ide Using IDE file ezio-i.ide Using IDE file mdro-bxs.ide Using IDE file mariof-j.ide Using IDE file ircb-adj.ide Using IDE file ambler-h.ide Using IDE file renos-cb.ide Using IDE file pws-axb.ide Using IDE file renos-ce.ide Using IDE file pws-axk.ide Using IDE file waled-a.ide Using IDE file bank-ekt.ide Using IDE file injec-dn.ide Using IDE file ircb-aay.ide Using IDE file zbot-bm.ide Using IDE file zbot-bo.ide Using IDE file sohan-aw.ide Using IDE file autor-tu.ide Using IDE file waled-k.ide Using IDE file actxhc-a.ide Using IDE file agen-ipe.ide Using IDE file dwnl-hnd.ide Using IDE file swfdld-k.ide Using IDE file autoi-av.ide Using IDE file fakea-im.ide Using IDE file zlob-ark.ide Using IDE file jsredi-h.ide Using IDE file autor-uj.ide Using IDE file autor-ua.ide Using IDE file agen-ipv.ide Using IDE file autor-uk.ide Using IDE file rootk-em.ide Using IDE file delf-ezg.ide Using IDE file qhost-ae.ide Using IDE file autor-un.ide Using IDE file vapsu-af.ide Using IDE file kolabc-f.ide Using IDE file injec-ds.ide Using IDE file dwnl-hng.ide Using IDE file silban-f.ide Using IDE file phishk-a.ide Using IDE file poiso-ak.ide Using IDE file agen-iqm.ide Using IDE file gaferm-a.ide Using IDE file refpro-d.ide Using IDE file bckd-qrf.ide Using IDE file agen-iqq.ide Using IDE file poiso-al.ide Using IDE file sdbo-dnu.ide Using IDE file fakev-jo.ide Using IDE file killa-es.ide Using IDE file mdro-byc.ide Using IDE file bbdos-b.ide Using IDE file confic-f.ide Using IDE file autor-us.ide Using IDE file fakeer-a.ide Using IDE file rootk-eo.ide Using IDE file fakea-iq.ide Using IDE file agen-ira.ide Using IDE file sdbo-dnv.ide Using IDE file agen-irc.ide Using IDE file fakea-le.ide Using IDE file dwnl-hmw.ide Using IDE file phpshe-b.ide Using IDE file agen-irf.ide Using IDE file autor-uz.ide Using IDE file ircb-adk.ide Using IDE file dwnl-hnk.ide Using IDE file bckd-qri.ide Using IDE file autor-vf.ide Using IDE file autor-uh.ide Using IDE file fujac-av.ide Using IDE file autor-vj.ide Using IDE file spy-bo.ide Using IDE file injec-du.ide Using IDE file fakea-jc.ide Using IDE file bank-epb.ide Using IDE file mbroot-c.ide Using IDE file autor-vn.ide Using IDE file fakev-jr.ide Using IDE file autoi-ba.ide Using IDE file injec-dv.ide Using IDE file autor-vp.ide Using IDE file rbot-gvn.ide Using IDE file agen-isa.ide Using IDE file sillyv-a.ide Using IDE file vbdown-j.ide Using IDE file zasran-j.ide Using IDE file rbot-gvw.ide Using IDE file fakea-jf.ide Using IDE file agen-isc.ide Using IDE file rootk-eu.ide Using IDE file zbot-fam.ide Using IDE file dloa-cfo.ide Using IDE file autor-vt.ide Using IDE file fakev-jt.ide Using IDE file agen-isi.ide Using IDE file fakea-lf.ide Using IDE file agen-isl.ide Using IDE file pdfex-ak.ide Using IDE file autoi-bc.ide Using IDE file autoi-bd.ide Using IDE file ircb-adm.ide Using IDE file fujac-aw.ide Using IDE file mosuc-ax.ide Using IDE file spy-bq.ide Using IDE file fakea-jt.ide Using IDE file mdro-byo.ide Using IDE file jsredi-j.ide Using IDE file fakea-ju.ide Using IDE file autor-wb.ide Using IDE file fakea-jw.ide Using IDE file agen-iso.ide Using IDE file bho-jm.ide Using IDE file encjs-a.ide Using IDE file bdoo-asp.ide Using IDE file autoi-bf.ide Using IDE file dloa-cfw.ide Using IDE file autor-wk.ide Using IDE file hack-b.ide Using IDE file fakea-kc.ide Using IDE file fakea-lk.ide Using IDE file pushd-ae.ide Using IDE file agen-itd.ide Using IDE file waled-x.ide Using IDE file autor-wn.ide Full Scanning Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbc2e.ht1 Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbdam Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbdao Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbeam Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbeao Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbm Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbu2d.ht1 Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\dbvmh.ht1 Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\fiih.ht1 Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\hp Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\hpt2i.ht1 Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\rpm1mh.ht1 Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\rpmh.ht1 Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\safeweb\goog-black-enchashmh.ht1 Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\safeweb\goog-black-urlmh.ht1 Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\safeweb\goog-malware-domainmh.ht1 Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Google\Google Desktop\d16105a1dda4\safeweb\goog-white-domainmh.ht1 Could not open C:\Documents and Settings\Propri‚taire\Local Settings\Temp\etilqs_7dVwAkL7cNYbce9NuF4X Could not open C:\hiberfil.sys >>> Virus 'Mal/Packer' found in file C:\Program Files\Aprck v3\ace.dll Removal successful >>> Virus 'Mal/Packer' found in file C:\Program Files\Aprck v3\WinGenerics.dll Removal successful >>> Virus 'Mal/Packer' found in file C:\Program Files\Navilog1\gnc.exe Removal successful >>> Virus 'Dial/Carped-E' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542556.dll Removal successful >>> Virus 'Troj/Chorus-A' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542560.exe Removal successful >>> Virus 'Mal/Generic-A' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542561.exe Removal successful >>> Virus 'Troj/Chorus-A' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542567.exe Removal successful >>> Virus 'Troj/Chorus-A' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542589.exe Removal successful >>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542592.exe Removal successful >>> Virus 'Dial/Dialer-M' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542593.dll Removal successful >>> Virus 'Troj/RKFuze-A' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542597.sys Removal successful >>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1208\A0555701.dll Removal successful >>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1208\A0555702.dll Removal successful >>> Virus 'Mal/Packer' found in file C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1208\A0555703.exe Removal successful >>> Virus 'Mal/Generic-A' found in file C:\WINDOWS\system32\inft.dll Removal successful >>> Virus 'Mal/Packer' found in file C:\WINDOWS\system32\jgpsrsvc.dll Removal successful 2 boot sectors swept. 32477 files swept in 1 hour, 1 minute and 35 seconds. 19 errors were encountered. 16 viruses were discovered. 16 files out of 32477 were infected. Please send infected samples to Sophos for analysis. For advice consult www.sophos.com, email [email protected] or telephone +44 1235 559933 Ending Sophos Anti-Virus. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:25:30, on 02/02/2009 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\crypserv.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\UAService7.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\HP\KBD\KBD.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\D-Tools\daemon.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\OrangeHSS\Launcher\Launcher.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\OrangeHSS\systray\systrayapp.exe C:\Program Files\OrangeHSS\Deskboard\deskboard.exe C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\rundll32.exe C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchforfree.info/?sid=u002 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchforfree.info/browser/ R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll O1 - Hosts: 207.68.176.190 www.auto.search.msn.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user') O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user') O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O15 - Trusted Zone: http://*.mappy.com O15 - Trusted Zone: http://*.orange.fr O15 - Trusted Zone: http://rw.search.ke.voila.fr O15 - Trusted Zone: http://orange.weborama.fr O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971C.../bridge-c10.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O21 - SSODL: OOYQHCoS - {4CDBC23E-E671-6894-421D-D2DC7003E3F1} - C:\WINDOWS\System32\inft.dll (file missing) O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe -- End of file - 8171 bytes @+

ARRRRG IL s'obstine!!!! Alors qu'il est pas loin de la fenetre... Un missile pour passer en mode sans échec? @bientot :P

SmitFraudFix v2.392 RE Rapport fait à 20:44:27,75, 01/02/2009 Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\crypserv.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\UAService7.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\HP\KBD\KBD.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\D-Tools\daemon.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\OrangeHSS\Launcher\Launcher.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\OrangeHSS\systray\systrayapp.exe C:\Program Files\OrangeHSS\Deskboard\deskboard.exe C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files C:\Program Files\Google\googletoolbar1.dll PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! Agent.OMZ.Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~1\\GOEC62~1.DLL" "LoadAppInit_DLLs"=dword:00000001 »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CS3\Services\Tcpip\..\{0BB12005-840A-4892-BB28-B6206D18D9DF}: DhcpNameServer=192.168.1.1 0.0.0.0 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

bonsoir, En effet le scan était fort long... Malwarebytes' Anti-Malware 1.33 Version de la base de données: 1654 Windows 5.1.2600 Service Pack 1 01/02/2009 17:47:46 mbam-log-2009-02-01 (17-47-46).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 154473 Temps écoulé: 2 hour(s), 4 minute(s), 20 second(s) Processus mémoire infecté(s): 2 Module(s) mémoire infecté(s): 1 Clé(s) du Registre infectée(s): 32 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 10 Processus mémoire infecté(s): C:\Program Files\Media Access\MediaAccess.exe (Adware.MediaAccess) -> Unloaded process successfully. C:\Program Files\Media Access\MediaAccK.exe (Adware.MediaAccess) -> Unloaded process successfully. Module(s) mémoire infecté(s): C:\Program Files\Media Access\MediaAccC.dll (Adware.MediaAccess) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\TypeLib\{15696ae2-6ea4-47f4-bea6-a3d32693efc7} (Adware.MediaAccess) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9} (Adware.MediaAccess) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\dyfuca_bh.bhobj (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\dyfuca_bh.bhobj.1 (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\dyfuca_bh.sinkobj (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\dyfuca_bh.sinkobj.1 (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mediaaccess.installer (Adware.MediaAccess) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{1c01d150-91a4-4de0-9bf8-a35d1bdf1001} (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{7be68951-eecc-4ca3-8991-fc2054d1f7e6} (Dialer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{8d2fe65b-7dce-44af-b664-556f289bcaac} (Dialer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{aa4939c3-deca-4a48-a454-97cd587c0ef5} (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{eee4a2e5-9f56-432f-a6ed-f6f625b551e0} (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1e5f0d38-214b-4085-ad2a-d2290e6a2d2c} (Adware.MediaAccess) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{86227d9c-0efe-4f8a-aa55-30386a3f5686} (Adware.ISTBar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{00000010-6f7d-442c-93e3-4a4827c2e4c8} (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{cea206e8-8057-4a04-ace9-ff0d69a92297} (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{273773ea-e96d-49f8-9ab1-eaec34a97347} (Dialer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{0be10b0d-b4db-4693-9b1f-9aead54d17dc} (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{40b1d454-9ca4-43cc-86aa-cb175eac52fb} (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{735c5a0c-f79f-47a1-8ca1-2a2e482662a8} (Adware.Winad) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{511f9316-771b-4953-a268-1c36da667fe9} (Dialer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{db893839-10f0-4af9-92fa-b23528f530af} (Dialer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{511f9316-771b-4953-a268-1c36da667fe9} (Dialer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000010-6f7d-442c-93e3-4a4827c2e4c8} (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4} (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\media access (Adware.MediaAccess) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\LoaderX.EXE (Adware.Winad) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\AMeOpt (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\AMeOpt (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DyFuCA (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Optimizer Active Alert (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kapabout (Adware.NetOptimizer) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{86227d9c-0efe-4f8a-aa55-30386a3f5686} (Adware.ISTBar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\media access (Adware.MediaAccess) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Program Files\SideFind (Adware.ISTBar) -> Quarantined and deleted successfully. C:\Program Files\Media Access (Adware.MediaAccess) -> Delete on reboot. Fichier(s) infecté(s): C:\Program Files\Media Access\MediaAccess.exe (Adware.MediaAccess) -> Delete on reboot. C:\Program Files\Media Access\MediaAccC.dll (Adware.MediaAccess) -> Delete on reboot. C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP1153\A0542563.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Program Files\SideFind\sfbho13.dll (Adware.ISTBar) -> Quarantined and deleted successfully. C:\Program Files\Media Access\Info.txt (Adware.MediaAccess) -> Quarantined and deleted successfully. C:\Program Files\Media Access\MediaAccK.exe (Adware.MediaAccess) -> Quarantined and deleted successfully. C:\WINDOWS\hosts (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Propriétaire\Favoris\Viagra At Cheap Rates. Online Pharmacy..url (Rogue.Link) -> Quarantined and deleted successfully. C:\Documents and Settings\Propriétaire\Favoris\Online Pharmacy.url (Rogue.Link) -> Quarantined and deleted successfully. C:\Documents and Settings\Propriétaire\Favoris\Car Insurance ! Great deal !.url (Rogue.Link) -> Quarantined and deleted successfully. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:02:32, on 01/02/2009 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\crypserv.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\UAService7.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\wuauclt.exe C:\HP\KBD\KBD.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\D-Tools\daemon.exe C:\Program Files\OrangeHSS\Launcher\Launcher.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\OrangeHSS\systray\systrayapp.exe C:\Program Files\OrangeHSS\Deskboard\deskboard.exe C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchforfree.info/browser/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qfr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchforfree.info/browser/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchforfree.info/browser/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchforfree.info/?sid=u002 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchforfree.info/browser/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchforfree.info/browser/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://searchforfree.info/browser/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll F3 - REG:win.ini: run=C:\WINDOWS\htmlsync.exe O1 - Hosts: 207.68.176.190 www.auto.search.msn.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O2 - BHO: Saristar - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE50} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user') O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user') O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O15 - Trusted Zone: www.archiviosex.net O15 - Trusted Zone: www.linkautomatici.com O15 - Trusted Zone: http://*.mappy.com O15 - Trusted Zone: http://*.orange.fr O15 - Trusted Zone: www.redfunny.com O15 - Trusted Zone: www.skymasters.biz O15 - Trusted Zone: http://rw.search.ke.voila.fr O15 - Trusted Zone: http://orange.weborama.fr O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971C.../bridge-c10.cab O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://11731.kit.carpediem.fr/FanMarieLaetitia.exe O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O21 - SSODL: OOYQHCoS - {4CDBC23E-E671-6894-421D-D2DC7003E3F1} - C:\WINDOWS\System32\inft.dll O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe -- End of file - 9416 bytes Voilas !!!!! Merci

C'était un peu long hein? Clean Navipromo version 3.7.1 commencé le 01/02/2009 à 3:21:46,15 Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 1 X86-based PC ( Uniprocessor Free : AMD Athlon XP 2800+ ) BIOS : BIOS Date: 09/17/03 16:44:36 Ver: 08.00.08 USER : Propriétaire ( Administrator ) BOOT : Normal boot A:\ (USB) C:\ (Local Disk) - NTFS - Total:70 Go (Free:30 Go) D:\ (Local Disk) - FAT32 - Total:3 Go (Free:0 Go) E:\ (CD or DVD) F:\ (CD or DVD) H:\ (CD or DVD) - UDF - Total:4 Go (Free:0 Go) Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** C:\WINDOWS\mslagent ...suppression... C:\WINDOWS\mslagent supprimé ! C:\WINDOWS\msskinner ...suppression... C:\WINDOWS\msskinner supprimé ! *** Suppression dossiers dans "C:\Program Files" *** ...\Instant Access ...suppression... ...\Instant Access supprimé ! ...\Mailskinner ...suppression... ...\Mailskinner supprimé ! *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\menudm~1\progra~1" *** *** Suppression fichiers *** C:\WINDOWS\system32\msegcompid.dll supprimé ! C:\WINDOWS\system32\msclock32.dll supprimé ! C:\WINDOWS\system32\msplock32.dll supprimé ! C:\WINDOWS\system32\mseggrpid.dll supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Propri‚taire\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * ccucqgk.exe trouvé ! Copie ccucqgk.exe réalisée avec succès ! ccucqgk.exe supprimé ! ccucqgk.dat trouvé ! Copie ccucqgk.dat réalisée avec succès ! ccucqgk.dat supprimé ! ccucqgk_nav.dat trouvé ! Copie ccucqgk_nav.dat réalisée avec succès ! ccucqgk_nav.dat supprimé ! ccucqgk_navps.dat trouvé ! Copie ccucqgk_navps.dat réalisée avec succès ! ccucqgk_navps.dat supprimé ! C:\WINDOWS\prefetch\ccucqgk*.pf trouvé ! Copie C:\WINDOWS\prefetch\ccucqgk*.pf réalisée avec succès ! C:\WINDOWS\prefetch\ccucqgk*.pf supprimé ! * Dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group absent ! Certificat Montorgueil supprimé ! Certificat OOO-Favorit absent ! Certificat Sunny-Day-Design-Ltdt absent ! *** Recherche autres dossiers et fichiers connus *** *** Nettoyage terminé le 01/02/2009 à 3:34:18,84 *** -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 1 X86-based PC ( Uniprocessor Free : AMD Athlon XP 2800+ ) BIOS : BIOS Date: 09/17/03 16:44:36 Ver: 08.00.08 USER : Propriétaire ( Administrator ) BOOT : Normal boot A:\ (USB) C:\ (Local Disk) - NTFS - Total:70 Go (Free:31 Go) D:\ (Local Disk) - FAT32 - Total:3 Go (Free:0 Go) E:\ (CD or DVD) F:\ (CD or DVD) H:\ (CD or DVD) - UDF - Total:4 Go (Free:0 Go) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 01/02/2009| 3:45 ) -----------\\ SUPPRESSION Supprime! - C:\WINDOWS\Prefetch\ISTSVC.EXE-3AC062C6.pf Echec ! - C:\Program Files\SideFind\sfbho13.dll Supprime! - C:\Program Files\SideFind\sfexd001 Supprime! - C:\Program Files\SideFind\sidefind13.dll Supprime! - C:\Program Files\SideFind\update Supprime! - C:\Program Files\YourSiteBar\imagemap_normal.bmp Supprime! - C:\Program Files\YourSiteBar\imagemap_over.bmp Supprime! - C:\Program Files\YourSiteBar\Thumbs.db Supprime! - C:\Program Files\YourSiteBar\version.txt Supprime! - C:\Program Files\YourSiteBar\yoursitebar.xml Supprime! - C:\Program Files\IstSvc Echec ! - C:\Program Files\SideFind Supprime! - C:\Program Files\YourSiteBar -----------\\ DEUXIEME PASSAGE Echec ! - C:\Program Files\SideFind\sfbho13.dll Echec ! - C:\Program Files\SideFind -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\SideFind C:\Program Files\SideFind\sfbho13.dll -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\System32\\blank.htm" "Search Page"="http://searchforfree.info/browser/"'>http://searchforfree.info/browser/" "Default_Page_URL"="http://qfr9.hpwis.com/" "Default_Search_URL"="http://srch-qfr9.hpwis.com/"'>http://srch-qfr9.hpwis.com/" "Search Bar"="http://searchforfree.info/browser/" "Start Page"="http://searchforfree.info/?sid=u002" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.msn.com/" "Search Bar"="http://srch-qfr9.hpwis.com/" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PROPRI~1\Bureau\divers\w\The Westerner\Meilleur Moyen De Jouer En Fr A The Westerner Avec La Version Crack‚.txt 1 - "C:\ToolBar SD\TB_1.txt" - 01/02/2009| 2:54 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 01/02/2009| 3:51 - Option : [2] -----------\\ Fin du rapport a 3:51:21,73 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 03:54:08, on 01/02/2009 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\crypserv.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\UAService7.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\NOTEPAD.EXE C:\WINDOWS\System32\wuauclt.exe C:\HP\KBD\KBD.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\Media Access\MediaAccK.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Media Access\MediaAccess.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\OrangeHSS\Launcher\Launcher.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\OrangeHSS\systray\systrayapp.exe C:\Program Files\OrangeHSS\Deskboard\deskboard.exe C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe C:\WINDOWS\System32\cmd.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchforfree.info/browser/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qfr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchforfree.info/browser/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchforfree.info/browser/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchforfree.info/?sid=u002 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchforfree.info/browser/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchforfree.info/browser/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://searchforfree.info/browser/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll F3 - REG:win.ini: run=C:\WINDOWS\htmlsync.exe O1 - Hosts: 207.68.176.190 www.auto.search.msn.com O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {511F9316-771B-4953-A268-1C36DA667FE9} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - (no file) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O2 - BHO: Saristar - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE50} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user') O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user') O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O15 - Trusted Zone: www.archiviosex.net O15 - Trusted Zone: www.linkautomatici.com O15 - Trusted Zone: http://*.mappy.com O15 - Trusted Zone: http://*.orange.fr O15 - Trusted Zone: www.redfunny.com O15 - Trusted Zone: www.skymasters.biz O15 - Trusted Zone: http://rw.search.ke.voila.fr O15 - Trusted Zone: http://orange.weborama.fr O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971C.../bridge-c10.cab O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/2/fr/SysWebTelecomInt.cab O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://11731.kit.carpediem.fr/FanMarieLaetitia.exe O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/1050236.exe O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O21 - SSODL: OOYQHCoS - {4CDBC23E-E671-6894-421D-D2DC7003E3F1} - C:\WINDOWS\System32\inft.dll O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe -- End of file - 10109 bytes merci

Non le redémarrage un peu log et galère la suite dans peu de temps

Desolée je vois pas comment j'ais fais ça je recommence... la fatigue;

Pas de problème je ne l'ai pas mal pris -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 1 X86-based PC ( Uniprocessor Free : AMD Athlon XP 2800+ ) BIOS : BIOS Date: 09/17/03 16:44:36 Ver: 08.00.08 USER : Propriétaire ( Administrator ) BOOT : Normal boot A:\ (USB) C:\ (Local Disk) - NTFS - Total:70 Go (Free:30 Go) D:\ (Local Disk) - FAT32 - Total:3 Go (Free:0 Go) E:\ (CD or DVD) F:\ (CD or DVD) H:\ (CD or DVD) - UDF - Total:4 Go (Free:0 Go) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 01/02/2009| 2:53 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\IstSvc C:\WINDOWS\Prefetch\ISTSVC.EXE-3AC062C6.pf C:\Program Files\SideFind C:\Program Files\SideFind\sfbho13.dll C:\Program Files\SideFind\sfexd001 C:\Program Files\SideFind\sidefind13.dll C:\Program Files\SideFind\update C:\Program Files\YourSiteBar C:\Program Files\YourSiteBar\imagemap_normal.bmp C:\Program Files\YourSiteBar\imagemap_over.bmp C:\Program Files\YourSiteBar\Thumbs.db C:\Program Files\YourSiteBar\version.txt C:\Program Files\YourSiteBar\yoursitebar.xml -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\System32\\blank.htm" "Search Page"="http://searchforfree.info/browser/"'>http://searchforfree.info/browser/" "Default_Page_URL"="http://qfr9.hpwis.com/" "Default_Search_URL"="http://srch-qfr9.hpwis.com/"'>http://srch-qfr9.hpwis.com/" "Search Bar"="http://searchforfree.info/browser/" "Start Page"="http://searchforfree.info/?sid=u002" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="about:blank" "Search Bar"="http://srch-qfr9.hpwis.com/" --------------------\\ Recherche d'autres infections C:\Program Files\MailSkinner C:\Program Files\MailSkinner\anim_0.gif C:\Program Files\MailSkinner\anim_help.gif C:\Program Files\MailSkinner\OESkinner.dll C:\Program Files\MailSkinner\Thumbs.db C:\Program Files\Instant Access C:\Program Files\Instant Access\Center C:\Program Files\Instant Access\DesktopIcons C:\Program Files\Instant Access\Dialer C:\WINDOWS\System32\ccucqgk.dat C:\WINDOWS\System32\ccucqgk.exe C:\WINDOWS\System32\ccucqgk_nav.dat C:\WINDOWS\System32\ccucqgk_navps.dat ==> EGDACCESS <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PROPRI~1\Bureau\divers\w\The Westerner\Meilleur Moyen De Jouer En Fr A The Westerner Avec La Version Crack‚.txt 1 - "C:\ToolBar SD\TB_1.txt" - 01/02/2009| 2:54 - Option : [1] -----------\\ Fin du rapport a 2:54:00,59 voilas je crois que c'est tout merci