cyrielle

Merci beaucoup, Je vais faire au mieux pour suivre tout tes conseils. Mon ordi et moi avons mérité un p'tit repos... encore merci Bonne soirée et à bientôt

g supprimé OtMoveIt et Flash Disinfector et conservé Ewido g Téléchargé F-Secure et lancé le scan: je n'ai pas réussi à poster le rapport mais il me dit qu'il n'a trouvé aucun item caché quels sont tes quelques conseils de sécurisation? Crois-tu k mon ordi est clean? Q faire des virus en quarantaine? Où aurais je pu choper ce virus pourri? et k dois-je ne plus faire ? (je relirais avec plus d'attention les qques liens k tu m'as déjà donné) JE connecte parfois un app photo numérique à l'ordi? une ptite clé USB? le disque dur ext portable à une box TV de tele2 ? y aurait-il des risques pour ces derniers d'avoir été infectés? comment le vérifier? Sinon j'ai refilé le virus a mon frère par clé USB, peut-il suivre la même "marche à suivre que tu m'as donné"? ou vaut-il mieux que je lui donne l'adresse de ce forum? En tout cas je te remercie... ...merci pour ta patience tes compétences et ta gentillesse!

j'ai lancé le scan d'antivir et il a trouvé "juste" 1 virus, voila le rapport: AntiVir PersonalEdition Classic Report file date: samedi 23 février 2008 17:22 Scanning for 1120425 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: SYSTEM Computer name: AZEMA Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 20:22:16 ANTIVIR2.VDF : 7.0.2.113 1673728 Bytes 08/02/2008 20:22:16 ANTIVIR3.VDF : 7.0.2.180 334848 Bytes 22/02/2008 20:22:16 AVEWIN32.DLL : 7.6.0.67 3293696 Bytes 22/02/2008 20:22:18 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.6.0.3 360488 Bytes 22/02/2008 20:22:18 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: E:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: samedi 23 février 2008 17:22 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'notepad.exe' - '1' Module(s) have been scanned Scan process 'HijackThis.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'hpqgalry.exe' - '1' Module(s) have been scanned Scan process 'KHALMNPR.EXE' - '1' Module(s) have been scanned Scan process 'hpqwmi.exe' - '1' Module(s) have been scanned Scan process 'Residence.exe' - '1' Module(s) have been scanned Scan process 'SonyTray.exe' - '1' Module(s) have been scanned Scan process 'SetPoint.exe' - '1' Module(s) have been scanned Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned Scan process 'wcescomm.exe' - '1' Module(s) have been scanned Scan process 'ApntEx.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'WkUFind.exe' - '1' Module(s) have been scanned Scan process 'hpcmpmgr.exe' - '1' Module(s) have been scanned Scan process 'mmtask.exe' - '1' Module(s) have been scanned Scan process 'iPodService.exe' - '1' Module(s) have been scanned Scan process 'dragdiag.exe' - '1' Module(s) have been scanned Scan process 'Demon.exe' - '1' Module(s) have been scanned Scan process 'CnxMon.exe' - '1' Module(s) have been scanned Scan process 'eabservr.exe' - '1' Module(s) have been scanned Scan process 'qttask.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned Scan process 'HP Wireless Assistant.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'Apoint.exe' - '1' Module(s) have been scanned Scan process 'AGRSMMSG.exe' - '1' Module(s) have been scanned Scan process 'SMax4PNP.exe' - '1' Module(s) have been scanned Scan process 'hkcmd.exe' - '1' Module(s) have been scanned Scan process 'igfxtray.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'SMAgent.exe' - '1' Module(s) have been scanned Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 55 processes with 55 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'E:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( '47' files ). Starting the file scan: Begin scan in 'C:\' C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\INFECTED\48224755.qua [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47f248a7.qua'! Begin scan in 'E:\' <WD Passport> End of the scan: samedi 23 février 2008 18:42 Used time: 1:19:37 min The scan has been done completely. 5523 Scanning directories 484458 Files were scanned 1 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 1 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 484457 Files not concerned 10976 Archives were scanned 2 Warnings 10 Notes pffffffffffffffffouuu, enfin ! j'ai mis ce virus et les 164 autres de hier soir en quarantaine, que dois je en faire? je vais maintenant suivre les derniers conseil que tu m'as donné ... Antivir t'alerte-t-il encore de la présence d'un trojan comme le faisait Avast! ?

pour OTMoveIt.exe voilà le rapport: C:\Program Files\MSN Apps\Updater\Download\AU3415718 moved successfully. C:\Program Files\MSN Apps\Updater\Download\AU156140 moved successfully. C:\Program Files\MSN Apps\Updater\Download moved successfully. C:\Program Files\MSN Apps\Updater moved successfully. C:\Program Files\MSN Apps\ST moved successfully. C:\Program Files\MSN Apps\Shared moved successfully. C:\Program Files\MSN Apps\MSN Toolbar moved successfully. C:\Program Files\MSN Apps moved successfully. File/Folder C:\Program Files\Yahoo!\Common\yinsthelper.dll not found. File/Folder not found. Created on 02/23/2008 17:12:11

Pour les cracks et keygens g ne sais pas kes k c ? ni d'ou ils viennent (peut être didier? mon oncle qui me donne parfois d trucs ?) g fait c k tu m'as dit dans "l'onglet Restauration du système g fait c k tu m'as dit avec Ewido et avec HIJACKTHIS voici son nouveau log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:59:07, on 23/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\PROGRA~1\MESSAG~1\Demon.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\Program Files\HPQ\SHARED\HPQWMI.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2.fr/internet/portail/go/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Picture Package Menu.lnk = ? O4 - Global Startup: Picture Package VCD Maker.lnk = ? O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.73\AMVConverter\grab.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.73\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 9454 bytes je v maitenant faire desuite le trucs avec OTMoveIt.exe merci encore de ton aide

scan d'ewido lui a trouvé 20 infections: __________________________________________________ ewido anti-spyware online scanner http://www.ewido.net __________________________________________________ Name: TrackingCookie.Adbrite Path: C:\Documents and Settings\arnaud\Cookies\arnaud@adbrite[2].txt Risk: Medium Name: TrackingCookie.Adbrite Path: C:\Documents and Settings\arnaud\Cookies\arnaud@ads.adbrite[1].txt Risk: Medium Name: TrackingCookie.Adtech Path: C:\Documents and Settings\arnaud\Cookies\arnaud@adtech[1].txt Risk: Medium Name: TrackingCookie.Advertising Path: C:\Documents and Settings\arnaud\Cookies\arnaud@advertising[1].txt Risk: Medium Name: TrackingCookie.Adviva Path: C:\Documents and Settings\arnaud\Cookies\arnaud@adviva[2].txt Risk: Medium Name: TrackingCookie.Adviva Path: C:\Documents and Settings\arnaud\Cookies\arnaud@adviva[3].txt Risk: Medium Name: TrackingCookie.Atdmt Path: C:\Documents and Settings\arnaud\Cookies\arnaud@atdmt[2].txt Risk: Medium Name: TrackingCookie.Bluestreak Path: C:\Documents and Settings\arnaud\Cookies\arnaud@bluestreak[2].txt Risk: Medium Name: TrackingCookie.Bluestreak Path: C:\Documents and Settings\arnaud\Cookies\arnaud@bluestreak[3].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Documents and Settings\arnaud\Cookies\arnaud@bs.serving-sys[2].txt Risk: Medium Name: TrackingCookie.Doubleclick Path: C:\Documents and Settings\arnaud\Cookies\arnaud@doubleclick[1].txt Risk: Medium Name: TrackingCookie.Doubleclick Path: C:\Documents and Settings\arnaud\Cookies\arnaud@doubleclick[2].txt Risk: Medium Name: TrackingCookie.Estat Path: C:\Documents and Settings\arnaud\Cookies\arnaud@estat[1].txt Risk: Medium Name: TrackingCookie.Estat Path: C:\Documents and Settings\arnaud\Cookies\arnaud@estat[2].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Documents and Settings\arnaud\Cookies\arnaud@serving-sys[1].txt Risk: Medium Name: TrackingCookie.Smartadserver Path: C:\Documents and Settings\arnaud\Cookies\arnaud@smartadserver[1].txt Risk: Medium Name: TrackingCookie.Smartadserver Path: C:\Documents and Settings\arnaud\Cookies\arnaud@smartadserver[2].txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: C:\Documents and Settings\arnaud\Cookies\arnaud@tradedoubler[2].txt Risk: Medium Name: TrackingCookie.Weborama Path: C:\Documents and Settings\arnaud\Cookies\arnaud@weborama[2].txt Risk: Medium Name: TrackingCookie.Smartadserver Path: C:\Documents and Settings\arnaud\Cookies\arnaud@smartadserver[3].txt Risk: Medium maintenant voilà le rapport hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:53:28, on 23/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\PROGRA~1\MESSAG~1\Demon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HPQ\SHARED\HPQWMI.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\arnaud\Mes documents\fichier\PROGRAMMES\VIRUS\ewido_micro.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2.fr/internet/portail/go/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Picture Package Menu.lnk = ? O4 - Global Startup: Picture Package VCD Maker.lnk = ? O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.73\AMVConverter\grab.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.73\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 10625 bytes voilà, j'en peu plus g vais me coucher bonne nuit et merci ogu !

pour info *g aussi (normalement) virer les toolbars, sauf MSN que je ne trouve pas et pour répondre à: D'ailleuirs pourrais-tu m'en dire plus à propos de la toolbar MSN (MSN Apps)?? J'aimerais savoir son rôle etc...: je n'en sais rien du tout *quant à E:\ c'est mon disque dur externe portable là g suis entrain de scanner avec ewido

g virer avast et les restes de norton si tout c bien passé g installé antivir g lancé le scan qui a duré 2 heures et trouvé 164 virus voilà le rapport: AntiVir PersonalEdition Classic Report file date: vendredi 22 février 2008 21:23 Scanning for 1120425 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: SYSTEM Computer name: AZEMA Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 20:22:16 ANTIVIR2.VDF : 7.0.2.113 1673728 Bytes 08/02/2008 20:22:16 ANTIVIR3.VDF : 7.0.2.180 334848 Bytes 22/02/2008 20:22:16 AVEWIN32.DLL : 7.6.0.67 3293696 Bytes 22/02/2008 20:22:18 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.6.0.3 360488 Bytes 22/02/2008 20:22:18 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: E:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: vendredi 22 février 2008 21:23 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'usnsvc.exe' - '1' Module(s) have been scanned Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned Scan process 'hpqwmi.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'hpqgalry.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'Residence.exe' - '1' Module(s) have been scanned Scan process 'SonyTray.exe' - '1' Module(s) have been scanned Scan process 'KHALMNPR.EXE' - '1' Module(s) have been scanned Scan process 'SetPoint.exe' - '1' Module(s) have been scanned Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned Scan process 'wcescomm.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'WkUFind.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'hpcmpmgr.exe' - '1' Module(s) have been scanned Scan process 'mmtask.exe' - '1' Module(s) have been scanned Scan process 'ApntEx.exe' - '1' Module(s) have been scanned Scan process 'dragdiag.exe' - '1' Module(s) have been scanned Scan process 'iPodService.exe' - '1' Module(s) have been scanned Scan process 'Demon.exe' - '1' Module(s) have been scanned Scan process 'CnxMon.exe' - '1' Module(s) have been scanned Scan process 'eabservr.exe' - '1' Module(s) have been scanned Scan process 'qttask.exe' - '1' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned Scan process 'HP Wireless Assistant.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'Apoint.exe' - '1' Module(s) have been scanned Scan process 'AGRSMMSG.exe' - '1' Module(s) have been scanned Scan process 'SMax4PNP.exe' - '1' Module(s) have been scanned Scan process 'hkcmd.exe' - '1' Module(s) have been scanned Scan process 'igfxtray.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'SMAgent.exe' - '1' Module(s) have been scanned Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 57 processes with 57 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'E:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( '47' files ). Starting the file scan: Begin scan in 'C:\' C:\2ifetri.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '48252fff.qua'! C:\awda2.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '48233024.qua'! C:\h.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '48222fe9.qua'! C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! C:\x.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '48222ffb.qua'! C:\xn1i9x.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47f0303e.qua'! C:\xo8wr9.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47f73045.qua'! C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\INFECTED\48222fe9.qua [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47f1301b.qua'! C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\INFECTED\48222ffb.qua [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47f13022.qua'! C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\INFECTED\48233024.qua [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47f13027.qua'! C:\Documents and Settings\arnaud\Local Settings\Temp\lr4x.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47f331f5.qua'! C:\Documents and Settings\arnaud\Mes documents\fichier\PROGRAMMES\Utilitaires Didier\Slysoft.CloneDVD.v2.8.5.1.Keygen.Only-TSZ.zip [0] Archive type: ZIP --> Slysoft.CloneDVD.v2.8.5.1.Keygen.Only-TSZ/Keygen.exe [DETECTION] Is the Trojan horse TR/Agent.15485 [iNFO] The file was moved to '48383700.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP397\A0083889.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef41f7.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP397\A0083892.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef41fb.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP397\A0083903.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4200.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP397\A0083906.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4203.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP397\A0083908.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4207.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP397\A0083918.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef420b.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP397\A0083921.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef420f.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP397\A0083930.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4216.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP397\A0083933.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef421a.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP397\A0083957.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef421c.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP397\A0083960.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef421f.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP397\A0083967.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4222.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0084068.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef422b.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0084088.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef422f.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0084091.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4232.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0084106.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4234.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0084109.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4236.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0084111.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4238.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0084122.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef423b.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0084125.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef423e.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0084155.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4241.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0085155.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4244.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0085158.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4247.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0085169.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4249.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0085172.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef424b.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0085174.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef424d.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0085200.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4250.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0085203.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4251.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0085237.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4255.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0085240.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4257.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0085251.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4259.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0085254.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef425b.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0085256.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef425c.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0085296.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4261.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0085342.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4265.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0085345.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef426b.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0085347.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef426d.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0086342.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4271.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0086346.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4274.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0086347.inf [DETECTION] Contains detection pattern of the worm WORM/Autorun.cea.1 [iNFO] The file was moved to '47ef4275.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0086377.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4278.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0086380.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef427c.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0086381.inf [DETECTION] Contains detection pattern of the worm WORM/Autorun.cea.1 [iNFO] The file was moved to '47ef427e.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0086393.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4280.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0086396.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4283.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0086397.inf [DETECTION] Contains detection pattern of the worm WORM/Autorun.cea.1 [iNFO] The file was moved to '47ef4291.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0086398.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4294.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0086409.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4296.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0086424.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef429c.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP400\A0086438.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef429f.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP401\A0086450.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pqm [iNFO] The file was moved to '47ef42a5.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP401\A0086463.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pqm [iNFO] The file was moved to '47ef42a8.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP401\A0086473.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42aa.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP401\A0086488.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pqm [iNFO] The file was moved to '47ef42ac.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP401\A0086501.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42ae.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP401\A0086506.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pqm [iNFO] The file was moved to '47ef42b0.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP401\A0086508.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42b2.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP402\A0086514.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42b8.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP402\A0086515.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pqm [iNFO] The file was moved to '47ef42b9.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086561.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42c3.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086562.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pqm [iNFO] The file was moved to '47ef42c6.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086590.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42ca.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086593.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42cc.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086594.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pqm [iNFO] The file was moved to '47ef42ce.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086610.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42d1.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086611.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pqm [iNFO] The file was moved to '47ef42d4.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086631.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42d6.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086632.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pqm [iNFO] The file was moved to '47ef42d8.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086647.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42da.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086648.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pqm [iNFO] The file was moved to '47ef42db.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086649.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42dd.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086688.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42e0.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086690.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42e2.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086691.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pqm [iNFO] The file was moved to '47ef42e4.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP403\A0086693.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42e7.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086730.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.psv [iNFO] The file was moved to '47ef42eb.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086752.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42ee.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086756.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.psv [iNFO] The file was moved to '47ef42f2.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086772.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.psv [iNFO] The file was moved to '47ef42f4.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086791.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42f6.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086794.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42f8.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086795.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.psv [iNFO] The file was moved to '47ef42fa.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086797.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42fd.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086811.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef42ff.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086812.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.psv [iNFO] The file was moved to '47ef4301.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086813.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4302.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086829.inf [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.psv [iNFO] The file was moved to '47ef4305.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086842.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4308.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086845.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef430a.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086860.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef430d.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086863.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef430f.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086867.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4312.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086868.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4313.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086895.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4316.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086899.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4319.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0086921.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef431e.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0086948.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4320.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0086952.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4324.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0086971.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4327.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0086974.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4329.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0086985.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef432c.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0086988.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef432d.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087015.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4330.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087018.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4332.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087029.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4334.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087032.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4336.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087050.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4339.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087052.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef433b.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087054.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef433d.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087063.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef433f.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087102.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4342.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087103.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4344.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087144.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4347.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087147.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef434a.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087149.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef434c.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087162.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef434e.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087165.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4350.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP406\A0087191.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4354.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP406\A0087256.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4358.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP406\A0087259.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef435a.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP406\A0087262.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef435d.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP406\A0087263.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef435e.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP406\A0087280.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4360.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP406\A0087301.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4363.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP406\A0087304.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4365.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP406\A0087363.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4367.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP406\A0087366.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4369.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP406\A0087385.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef436c.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP406\A0087388.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef436d.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP406\A0087390.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef436f.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP412\A0087991.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4389.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP413\A0088313.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4395.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP413\A0088314.dll [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4397.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP414\A0088437.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef439f.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP414\A0088438.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef43a1.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP414\A0088439.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef43a2.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP414\A0088440.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef43a4.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP414\A0088441.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef43a5.qua'! C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP414\A0088442.exe [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef43a7.qua'! Begin scan in 'E:\' <WD Passport> E:\2ifetri.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '4825478a.qua'! E:\3wcxx91.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '4822479a.qua'! E:\xn1i9x.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47f04793.qua'! E:\h.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '48224755.qua'! E:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP398\A0084017.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4765.qua'! E:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP399\A0084214.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4768.qua'! E:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP404\A0086872.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef476a.qua'! E:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0086992.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef476c.qua'! E:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP405\A0087117.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef476e.qua'! E:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP414\A0088457.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4772.qua'! E:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP414\A0088458.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4774.qua'! E:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP414\A0088459.com [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4776.qua'! E:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP414\A0088460.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef4778.qua'! E:\System Volume Information\_restore{E5E56298-4119-4B20-8BA8-5833BC5D949D}\RP807\A0065900.cmd [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen [iNFO] The file was moved to '47ef477b.qua'! End of the scan: vendredi 22 février 2008 23:10 Used time: 1:46:53 min The scan has been done completely. 5746 Scanning directories 492305 Files were scanned 164 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 164 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 492141 Files not concerned 10974 Archives were scanned 2 Warnings 10 Notes merci pour ta patience Ogu

merci Ogu le lien que tu m'as donné pour telecharger OTMoveIt ne marche pas mais j'ai trouvé un autre qui marche en revanche je copie C:\WINDOWS\system32\amvo.exe dans la colone indiquée et clique sur MoveIT et là: ça ne marche pas cela m'affiche dans résult: File/Folder C:\WINDOWS\system32\amvo.exe not found. Created on 02/22/2008 20:34:00 ????

merci de ta reponse rapide voila mon log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:13:54, on 22/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\PROGRA~1\MESSAG~1\Demon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\HPQ\SHARED\HPQWMI.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2.fr/internet/portail/go/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Picture Package Menu.lnk = ? O4 - Global Startup: Picture Package VCD Maker.lnk = ? O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.73\AMVConverter\grab.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.73\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 11137 bytes encore merci

merci bcp je v essayer tout ça et j'envoie mon log

bonjour, Avast me détecte depuis presque 1mois le virus Win32:OnLineGames [Trj] a chaque demarage. des fois je clique sur suprimer et des fois sur mise en quarentaine. Mais j'ai bien peur que maintenant il soit un peu partout dans l'ordi. j'ai même infecté l'ordi de mon frere par clé USB Je suis nulle en informatique. J'aimerai réussir a virer ce virus (et peut être d'autres) de mon ordi et surement de mon disque dur externe portable A l'aiiiiiiiiiiiiiiiiiiiiiiiiiide j'ai lu dans le sujet virus Win32:OnLineGames [Trj] [résolu] que vous avez réussi a aider lamiss34 Le peu que j'ai compris c'est qu'il fallait telecharger HijackThis et vous montrer les entrailles de ma machine les voilà: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:41:30, on 22/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\PROGRA~1\MESSAG~1\Demon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\HPQ\SHARED\HPQWMI.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2.fr/internet/portail/go/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Picture Package Menu.lnk = ? O4 - Global Startup: Picture Package VCD Maker.lnk = ? O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.73\AMVConverter\grab.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.73\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 11186 bytes si un ptit chirurgien pouvais essayer de m'oppérrer tout ça et de me virer les tumeurs merciiiiiiiiiiiiiiii en attendant une réponse