alpina d10

je viens de recupere un cd de windons juste une question peut on perdre des donnees avec cette manipulation?

je viens de retrouver le cd est ce que je suis oblige de sauvegarde des photos, dossiers etc..car j ais pas de dique dur externe

la restauration a une date anterieur sa ne marche pas et evidemment je ne retrouve plus mon cd suite a mon demenagement

carte reseau fast ethernet pci realtek trl8139 familly#2 intel pentium processor 1.73 ghz ati mobility radeon x700 c est suufisant? sinon ou le trouve precisement 1.00 go de ram microsoft windows xp e familiale version 2002 sp 3

salut ticlou la aussi sa marche pas

bonjour apres avoir assayer de resoudre mon probleme on m a dirige ici (merci a did ) voila mon probleme: impossible de telecharger des fichiers ,quand je clic sur l etoile historique c est le neant ,dans la barre d outils impossible de l ouvrir l options internet meme dans le panneau config le dossier options internet je ne peux l ouvrir j entends le bruit de activex mais il ne fonctionne plus et enfin impossible de faire un copier /coller bref au secours!!!!

et celui de java aussi merci a+

et pourquoi dans le panneau de config le dossier options internet ne s ouvre pas ?

le pire c est que j entends le bruit de l avtivex mais il ne fontionne pas

merci pour ton aide peut tu m indiquez ou sur le forum ou quel menbre? si au moins je pouvais telechargez l historique je m en fiche!!

re pas moyen de faire autrement!!!

re bingo je viens de trouver mon dvd-rom de restauration de mon satellite m60 toshiba le soucis si je l utilise il indique le formatage du disque dur supprime toutes les informations enregistrees sue ce dernier et que si je l installe j efface tous les programmes installes ainsi que mes donnees personnelles oups c est pas celui la !!!sorry

j'ais un cd ecrit microsoft toshiba works 8 se serais sa avec un numero de tracking id

un exemple source: avira antivir categorie 1 evenement 4122 utilisateur system ordinateur famille : application hang categorie 101 evenement 1002 utilisateur n/a ordinateur famille : crypt 32 categorie aucun evenement 8 utilisateur n/a ordinateur famille il en faut encore ?

oui effectivement c est pas quelques lignes mais un dictionnaire comment faire pour vous les indiquez?

re oui exacte il est present mais que dire des 2 dossiers infecte si dessus apres le rapport de malwarebyte's et pourquoi je n ais pas d historique et je ne peux plus faire de copier:coller et je ne peux surtout pas telecharger des dossiers etc.. je deviens fou merci pour le temps que tu me consacre

OULA Logfile of random's system information tool 1.06 (written by random/random) Run by uset at 2010-01-13 23:09:37 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 24 GB (25%) free of 95 GB Total RAM: 1022 MB (44% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:09 0, on 2010-01-13 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Canon\BJCard\Bjmcmng.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\lxctcoms.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Secunia\PSI (RC4)\psi.exe C:\WINDOWS\explorer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\uset\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\uset.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Secunia PSI (RC4).lnk = C:\Program Files\Secunia\PSI (RC4)\psi.exe O4 - Global Startup: Bootvis.lnk = C:\Documents and Settings\uset\Bureau\BootVisfr\Bootvis_Sleep.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://.spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} - http://www.nanoscan.com/as/cabs/ascstubie.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1155119580000 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{87E4CE68-A48D-47DC-8E97-9FE6ED01D490}: NameServer = 80.10.246.2,80.10.246.129 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Canon BJ Memory Card Manager (Bjmcmng) - CANON INC. - C:\Program Files\Canon\BJCard\Bjmcmng.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 6941 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1220877576.job C:\WINDOWS\tasks\Google Software Updater.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}] Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-08-09 184320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-05-05 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-08-09 184320] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "LXCTCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16 [] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"=C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [2007-02-26 437160] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe [2005-04-12 88358] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] C:\Program Files\Apoint2K\Apoint.exe [2003-10-30 192512] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-22 339968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-18 266497] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJLaunchEXE] C:\Program Files\Canon\BJCard\BJLaunch.exe [2002-03-14 630784] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe [2005-04-28 675840] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CFSServ.exe] CFSServ.exe -NoClient [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cselect] C:\WINDOWS\system32\cselect.exe [2005-04-12 110592] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla] C:\WINDOWS\system32\dla\tfswctrl.exe [2005-01-14 122939] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint] C:\Program Files\Lexmark 5400 Series\ezprint.exe [2006-11-22 82864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-12-24 28672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 5400 Series Fax Server] C:\Program Files\Lexmark 5400 Series\fm3032.exe [2006-11-22 304048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh] C:\Program Files\ltmoh\Ltmoh.exe [2005-04-12 184320] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE [2005-09-01 221184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxctmon.exe] C:\Program Files\Lexmark 5400 Series\lxctmon.exe [2006-11-22 291760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [2004-11-17 1077327] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe [2005-05-17 118784] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe [2005-02-26 65536] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TCtryIOHook] C:\WINDOWS\system32\TCtrlIOHook.exe [2005-04-20 28672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2005-04-11 65536] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe [2005-03-08 24576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe [2004-11-30 53248] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPSMain] C:\WINDOWS\system32\TPSMain.exe [2005-01-21 266240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe [2005-04-05 73728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zooming] C:\WINDOWS\system32\ZoomingHook.exe [2004-07-14 24576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Manager.lnk] C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk] C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpotdd01.exe [2003-04-06 28672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe /start [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk] C:\Program Files\SAGEM WiFi manager\WLANUTL.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^uset^Menu Démarrer^Programmes^Démarrage^Lancement rapide de Microsoft Office OneNote 2003.lnk] C:\PROGRA~1\MICROS~2\OFFICE11\ONENOTEM.EXE [2007-04-19 64864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^uset^Menu Démarrer^Programmes^Démarrage^Ubisoft register.lnk] C:\PROGRA~1\Ubisoft\Register\schedule.exe [2003-10-01 28672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "BackWeb Client - 7681197"=2 "F-Secure BackWeb LAN Access"=3 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Bootvis.lnk - C:\Documents and Settings\uset\Bureau\BootVisfr\Bootvis_Sleep.exe C:\Documents and Settings\uset\Menu Démarrer\Programmes\Démarrage Secunia PSI (RC4).lnk - C:\Program Files\Secunia\PSI (RC4)\psi.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-03-22 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier] WRLogonNTF.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 240128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "HonorAutoRunSetting"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Disabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] shell\AutoRun\command - D:\setup.exe /autorun shell\directx\command - D:\DirectX\dxsetup.exe shell\setup\command - D:\setup.exe ======List of files/folders created in the last 1 months====== 2010-01-13 22:51:54 ----SHD---- C:\RECYCLER 2010-01-13 19:53:11 ----D---- C:\Program Files\Microsoft 2010-01-13 19:52:53 ----D---- C:\Program Files\Windows Live SkyDrive 2010-01-13 00:30:38 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-01-13 00:29:59 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-01-13 00:19:27 ----D---- C:\WINDOWS\temp 2010-01-13 00:19:25 ----A---- C:\ComboFix.txt 2010-01-12 23:00:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP 2010-01-12 22:58:10 ----A---- C:\Boot.bak 2010-01-12 22:57:57 ----RASHD---- C:\cmdcons 2010-01-12 22:56:22 ----A---- C:\WINDOWS\MBR.exe 2010-01-12 22:56:21 ----A---- C:\WINDOWS\PEV.exe 2010-01-12 18:44:47 ----D---- C:\_OTM 2010-01-12 13:53:39 ----D---- C:\Program Files\Java 2010-01-12 13:51:56 ----HD---- C:\WINDOWS\ie8 2010-01-12 13:35:10 ----HD---- C:\WINDOWS\$NtUninstallKB929399$ 2010-01-12 13:35:10 ----D---- C:\Documents and Settings\uset\Application Data\vlc 2010-01-12 13:35:09 ----HD---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2010-01-12 13:35:09 ----HD---- C:\WINDOWS\$NtUninstallKB939683$ 2010-01-12 13:35:09 ----HD---- C:\WINDOWS\$NtUninstallKB936782_WMP11$ 2010-01-12 13:35:05 ----D---- C:\Program Files\ATI Technologies 2010-01-07 22:02:39 ----D---- C:\rsit 2010-01-05 00:03:03 ----D---- C:\Program Files\Java(3) 2010-01-04 23:07:38 ----A---- C:\WINDOWS\imsins.BAK 2010-01-03 20:21:29 ----D---- C:\Documents and Settings\uset\Application Data\HouseCall 6.6 2010-01-03 18:21:35 ----D---- C:\spoolerlogs 2009-12-29 20:02:02 ----DC---- C:\WINDOWS\$NtUninstallKB971961$ 2009-12-28 21:03:31 ----D---- C:\Program Files\Microsoft Games(2) 2009-12-23 17:56:21 ----D---- C:\Program Files\Eidos 2009-12-20 20:49:15 ----D---- C:\Program Files\Java(2) ======List of files/folders modified in the last 1 months====== 2010-01-13 20:11:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-01-13 20:11:31 ----D---- C:\WINDOWS\system32\drivers 2010-01-13 20:02:15 ----SD---- C:\WINDOWS\Tasks 2010-01-13 20:02:07 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater 2010-01-13 20:01:51 ----D---- C:\WINDOWS 2010-01-13 20:01:51 ----D---- C:\Program Files\Lx_cats 2010-01-13 20:01:35 ----D---- C:\WINDOWS\Registration 2010-01-13 20:01:04 ----D---- C:\WINDOWS\system32 2010-01-13 19:57:25 ----HD---- C:\WINDOWS\inf 2010-01-13 19:57:21 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-01-13 19:57:19 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$ 2010-01-13 19:53:57 ----SHD---- C:\WINDOWS\Installer 2010-01-13 19:53:57 ----D---- C:\WINDOWS\WinSxS 2010-01-13 19:53:57 ----D---- C:\Config.Msi 2010-01-13 19:53:11 ----RD---- C:\Program Files 2010-01-13 19:53:03 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-13 19:52:30 ----RSD---- C:\WINDOWS\Fonts 2010-01-13 19:52:21 ----D---- C:\Program Files\Windows Live 2010-01-13 00:33:41 ----D---- C:\WINDOWS\AppPatch 2010-01-13 00:30:36 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-13 00:19:12 ----D---- C:\QooBox 2010-01-13 00:17:35 ----D---- C:\WINDOWS\erdnt 2010-01-13 00:16:52 ----A---- C:\WINDOWS\system.ini 2010-01-13 00:14:36 ----D---- C:\Program Files\Fichiers communs 2010-01-13 00:10:05 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2010-01-13 00:05:45 ----D---- C:\Documents and Settings\All Users\Application Data\Avira(2) 2010-01-13 00:05:20 ----D---- C:\WINDOWS\system32\config 2010-01-12 22:58:11 ----RASH---- C:\boot.ini 2010-01-12 20:43:16 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-01-12 20:40:07 ----D---- C:\WINDOWS\system32\CatRoot 2010-01-12 19:57:22 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2010-01-12 19:56:47 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$ 2010-01-12 19:56:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2010-01-12 19:56:32 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2010-01-12 19:55:14 ----A---- C:\WINDOWS\win.ini 2010-01-12 19:54:25 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2010-01-12 19:54:13 ----D---- C:\Program Files\Internet Explorer 2010-01-12 19:53:13 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-01-12 19:53:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2010-01-12 19:52:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2010-01-12 19:52:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2010-01-12 19:51:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2010-01-12 19:50:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$ 2010-01-12 19:50:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$ 2010-01-12 19:36:23 ----D---- C:\Program Files\Google 2010-01-12 19:36:23 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2010-01-12 19:31:30 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2010-01-12 19:31:19 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ 2010-01-12 13:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2010-01-12 13:56:03 ----D---- C:\Installation_Galaad_V4.0 2010-01-12 13:56:00 ----D---- C:\Program Files\GalaadV4.0 2010-01-12 13:54:31 ----DC---- C:\WINDOWS\$NtUninstallWMFDist11$ 2010-01-12 13:54:27 ----D---- C:\Program Files\Windows Media Player 2010-01-12 13:54:25 ----DC---- C:\WINDOWS\$NtUninstallwmp11$ 2010-01-12 13:53:29 ----D---- C:\WINDOWS\system32\DirectX 2010-01-12 13:46:02 ----D---- C:\Program Files\Windows Media Connect 2 2010-01-12 13:44:00 ----D---- C:\WINDOWS\ie8updates 2010-01-12 13:35:06 ----HD---- C:\Program Files\InstallShield Installation Information 2010-01-12 13:34:58 ----D---- C:\Program Files\Avira 2010-01-12 13:34:53 ----DC---- C:\WINDOWS\$NtUninstallKB954154_WM11$(3) 2010-01-12 13:34:53 ----DC---- C:\WINDOWS\$NtUninstallKB939683$(3) 2010-01-12 13:34:53 ----D---- C:\Documents and Settings\uset\Application Data\vlc(3) 2010-01-12 13:33:20 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$ 2010-01-12 13:33:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2010-01-12 13:32:06 ----D---- C:\Program Files\Call of Duty Game of the Year Edition 2010-01-12 13:31:57 ----D---- C:\WINDOWS\system32\ShellExt 2010-01-08 19:32:48 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe 2010-01-05 00:25:56 ----D---- C:\WINDOWS\Debug 2010-01-04 23:04:50 ----D---- C:\Program Files\MSN 2009-12-29 20:04:00 ----D---- C:\WINDOWS\system32\fr-fr 2009-12-29 16:45:12 ----D---- C:\WINDOWS\Media 2009-12-29 16:45:12 ----D---- C:\WINDOWS\Help ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2008-09-08 82380] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-07-18 75072] R1 cpuidlep;CpuIdle Pro System Driver; C:\WINDOWS\system32\drivers\cpuidlep.sys [2008-08-31 4484] R1 Dev_UNIDRV;Dev_UNIDRV; \??\C:\WINDOWS\system32\Drivers\UNIDRV.SYS [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] R1 SerTVOutCtlr;TOSHIBA Controls Driver -EPIOMngr; C:\WINDOWS\system32\drivers\EPIOMngr.sys [2004-07-30 6400] R1 SrvcEKIOMngr;SrvcEKIOMngr; C:\WINDOWS\System32\Drivers\EKIoMngr.sys [2004-07-30 6400] R1 SrvcSSIOMngr;SrvcSSIOMngr; C:\WINDOWS\System32\Drivers\SSIoMngr.sys [2004-07-30 6400] R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-12-02 5627] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-12-02 23545] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-11-02 5632] R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856] R1 TPwSav;Common Driver; C:\WINDOWS\System32\Drivers\TPwSav.sys [2005-03-09 8704] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-12-23 40544] R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032] R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-01-14 25883] R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-01-14 34843] R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-01-14 4123] R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-01-14 2271] R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-01-14 87706] R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-01-14 15227] R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-01-14 6363] R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-01-14 99098] R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-01-14 100603] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-04-12 1066278] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-03-22 1034752] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2005-01-13 57984] R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2005-04-28 37248] R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2005-04-27 74112] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys [] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-09-01 22528] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-10-27 7808] R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288] R3 Tvs;Toshiba Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2005-04-15 29056] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944] S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [] S1 StickyMesger;StickyMesger; \??\C:\Program Files\TOSHIBA\Accessibility\StickyMesger.sys [] S1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-04 62799] S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-05-08 101833] S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] S3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] S3 catchme;catchme; \??\C:\DOCUME~1\uset\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2005-09-01 14080] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456] S3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys [] S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys [] S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2005-09-01 2010112] S3 LVUVC;Logitech QuickCam Fusion(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2005-09-01 1081856] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-08-14 47360] S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2004-06-03 20352] S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SQTECH905C;DaulCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2004-12-08 32123] S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320] S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336] S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-03-30 47230] S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-03-08 98560] S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-08 36531] S3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-03-24 8192] S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2004-11-15 50048] S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612] S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-21 34816] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys [] S3 w29n51;Pilote de carte de connexion réseau Intel® PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-30 3222784] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZDCndis5;ZDCndis5 Protocol Driver; \??\C:\WINDOWS\system32\ZDCndis5.SYS [] S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-03-22 360448] R2 Bjmcmng;Canon BJ Memory Card Manager; C:\Program Files\Canon\BJCard\Bjmcmng.exe [2002-03-14 49152] R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-17 40960] R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960] R2 LPDSVC;Serveur d'impression TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456] R2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2005-09-01 81920] R2 lxct_device;lxct_device; C:\WINDOWS\system32\lxctcoms.exe [2006-11-22 537520] S2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-07-18 68865] S2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-15 149761] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 268800] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-05 183280] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 p2pgasvc;Authentification de groupe réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S3 p2pimsvc;Gestionnaire d'identité réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S3 p2psvc;Réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795] S3 PNRPSvc;Protocole de résolution de noms d'homologues; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 BackWeb Client - 7681197;F-Secure BackWeb; C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE [] S4 F-Secure BackWeb LAN Access;F-Secure BackWeb LAN Access; C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe [] S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-07-23 66872] S4 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456] S4 SNMP;Service SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-13 33280] S4 SNMPTRAP;Service d'interruption SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-13 8704] S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] -----------------EOF----------------- .

re a titre d infos

RE OUPS!! Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3556 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 2010-01-13 22:44:20 0 mbam-log-2010-01-13 (22-44-12).txt Type de recherche: Examen complet (C:\|D:\|E:\|) Eléments examinés: 225508 Temps écoulé: 1 hour(s), 4 minute(s), 1 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\System Volume Information\_restore{58F2378A-346C-49C9-9919-D1D804F5FDA0}\RP296\A0158413.sys (Malware.Trace) -> No action taken. C:\System Volume Information\_restore{58F2378A-346C-49C9-9919-D1D804F5FDA0}\RP296\A0158555.sys (Malware.Trace) -> No action taken.

LA JE FAIS UN RAPPORT GRACE A UN DEUXIEME PC CAR TOUJOURS IMPOSSIBLE LE COPIER SUR LES PAGES D INTERNET DE PLUS J ENTENDS DE NOUVEAU LE PETIT BRUIT DE L ACTIVE X MAIS JE NE LE VOIS PAS Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:49 0, on 2010-01-13 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Canon\BJCard\Bjmcmng.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\lxctcoms.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Secunia\PSI (RC4)\psi.exe C:\WINDOWS\explorer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Secunia PSI (RC4).lnk = C:\Program Files\Secunia\PSI (RC4)\psi.exe O4 - Global Startup: Bootvis.lnk = C:\Documents and Settings\uset\Bureau\BootVisfr\Bootvis_Sleep.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://.spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} - http://www.nanoscan.com/as/cabs/ascstubie.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1155119580000 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{87E4CE68-A48D-47DC-8E97-9FE6ED01D490}: NameServer = 80.10.246.2,80.10.246.129 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Canon BJ Memory Card Manager (Bjmcmng) - CANON INC. - C:\Program Files\Canon\BJCard\Bjmcmng.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 6899 bytes

ok je fais sa

c est deja un debut

BON DEJA UN BON POINT :JE PEUX OUVRIR MON PARE FEU WINDOWS LE RESTE TOUJOURS RIEN VOICI LE RAPPORT DE COMBO ComboFix 10-01-12.02 - uset 2010-01-13 0:11.7.1 - x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1022.734 [GMT 1:00] Lancé depuis: c:\documents and settings\uset\Bureau\ComboFix.exe AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) .A PLUS . ---- Exécution préalable ------- . c:\windows\system32\qugrwbeu.ini c:\windows\system32\rqtwa.ini c:\windows\system32\rqtwa.ini2 c:\windows\system32\tmp.reg . ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-12 au 2010-01-12 )))))))))))))))))))))))))))))))))))) . 2010-01-12 18:35 . 2010-01-12 18:35 152576 ----a-w- c:\documents and settings\uset\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2010-01-12 18:35 . 2010-01-12 18:35 79488 ----a-w- c:\documents and settings\uset\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2010-01-12 17:44 . 2010-01-12 17:44 -------- d-----w- C:\_OTM 2010-01-12 13:03 . 2008-04-13 18:05 14720 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2010-01-12 13:03 . 2008-04-13 18:05 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2010-01-12 12:53 . 2010-01-12 18:35 -------- d-----w- c:\program files\Java 2010-01-12 12:51 . 2010-01-12 12:52 -------- d--h--w- c:\windows\ie8 2010-01-12 12:35 . 2010-01-12 12:35 -------- d-----w- c:\documents and settings\uset\Application Data\vlc 2010-01-12 12:35 . 2010-01-12 12:35 -------- d-----w- c:\program files\ATI Technologies 2010-01-07 21:02 . 2010-01-07 21:07 -------- d-----w- C:\rsit 2010-01-05 17:34 . 2009-10-21 05:39 75776 -c----w- c:\windows\system32\dllcache\strmfilt.dll 2010-01-05 17:34 . 2009-10-21 05:39 25088 -c----w- c:\windows\system32\dllcache\httpapi.dll 2010-01-05 17:34 . 2009-10-20 16:20 265728 -c----w- c:\windows\system32\dllcache\http.sys 2010-01-05 17:34 . 2009-10-12 13:39 79872 -c----w- c:\windows\system32\dllcache\raschap.dll 2010-01-05 17:34 . 2009-10-12 13:39 150528 -c----w- c:\windows\system32\dllcache\rastls.dll 2010-01-05 17:34 . 2009-10-13 10:33 271360 -c----w- c:\windows\system32\dllcache\oakley.dll 2010-01-04 23:03 . 2010-01-12 12:46 -------- d-----w- c:\program files\Java(3) 2010-01-03 19:21 . 2010-01-03 19:21 -------- d-----w- c:\documents and settings\uset\Application Data\HouseCall 6.6 2010-01-03 17:21 . 2010-01-03 17:21 -------- d-----w- C:\spoolerlogs 2009-12-28 20:03 . 2010-01-12 12:52 -------- d-----w- c:\program files\Microsoft Games(2) 2009-12-23 16:56 . 2009-12-23 16:56 -------- d-----w- c:\program files\Eidos 2009-12-20 19:49 . 2010-01-12 12:53 -------- d-----w- c:\program files\Java(2) . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-12 23:10 . 2009-05-05 19:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-01-12 23:05 . 2009-03-22 20:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira(2) 2010-01-12 22:09 . 2007-07-23 20:25 -------- d-----w- c:\program files\Lx_cats 2010-01-12 22:00 . 2010-01-12 22:00 2748 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2010-01-12 22:00 . 2005-05-23 11:03 80088 ----a-w- c:\windows\system32\perfc00C.dat 2010-01-12 22:00 . 2005-05-23 11:03 478892 ----a-w- c:\windows\system32\perfh00C.dat 2010-01-12 18:36 . 2006-10-04 17:26 -------- d-----w- c:\program files\Google 2010-01-12 12:56 . 2009-03-07 09:55 -------- d-----w- c:\program files\GalaadV4.0 2010-01-12 12:53 . 2008-09-10 20:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-12 12:46 . 2007-06-16 16:34 -------- d-----w- c:\program files\Windows Media Connect 2 2010-01-12 12:36 . 2007-06-21 14:13 -------- d-----w- c:\program files\Windows Live 2010-01-12 12:35 . 2005-05-23 12:45 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-12 12:34 . 2009-05-05 19:14 -------- d-----w- c:\program files\Avira 2010-01-12 12:34 . 2009-10-18 08:08 -------- d-----w- c:\documents and settings\uset\Application Data\vlc(3) 2010-01-12 12:32 . 2008-09-05 19:47 -------- d-----w- c:\program files\Call of Duty Game of the Year Edition 2010-01-10 13:09 . 2009-05-05 19:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2010-01-08 20:36 . 2006-06-07 15:40 53608 -c--a-w- c:\documents and settings\uset\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-03 16:10 . 2010-01-03 16:10 1179867 ----a-w- c:\documents and settings\All Users\SPL136.tmp 2009-10-26 17:46 . 2009-10-26 17:46 0 ----a-w- c:\windows\system32\atiicdxx.dat 2009-10-26 09:01 . 2009-10-18 08:56 664 ----a-w- c:\windows\system32\d3d9caps.dat 2009-10-21 05:39 . 2005-05-23 11:02 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:39 . 2005-05-23 11:02 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-03 23:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-18 08:43 . 2009-10-18 08:35 108059 ----a-w- c:\windows\system32\drivers\klin.dat 2009-10-18 08:43 . 2009-10-18 08:35 95259 ----a-w- c:\windows\system32\drivers\klick.dat 2009-10-18 08:36 . 2009-10-18 08:36 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat . ------- Sigcheck ------- [-] 2004-08-11 00:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\system32\mspmsnsv.dll [-] 2004-08-11 00:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\system32\dllcache\mspmsnsv.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "LXCTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [2006-11-21 106496] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264] c:\documents and settings\uset\Menu D‚marrer\Programmes\D‚marrage\ Secunia PSI (RC4).lnk - c:\program files\Secunia\PSI (RC4)\psi.exe [2008-10-29 695656] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Manager.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Bluetooth Manager.lnk backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk backup=c:\windows\pss\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^uset^Menu Démarrer^Programmes^Démarrage^Lancement rapide de Microsoft Office OneNote 2003.lnk] path=c:\documents and settings\uset\Menu Démarrer\Programmes\Démarrage\Lancement rapide de Microsoft Office OneNote 2003.lnk backup=c:\windows\pss\Lancement rapide de Microsoft Office OneNote 2003.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^uset^Menu Démarrer^Programmes^Démarrage^Ubisoft register.lnk] path=c:\documents and settings\uset\Menu Démarrer\Programmes\Démarrage\Ubisoft register.lnk backup=c:\windows\pss\Ubisoft register.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CFSServ.exe] CFSServ.exe -NoClient [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-02-27 15:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] 2005-04-12 13:23 88358 ----a-w- c:\windows\agrsmmsg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] 2003-10-30 14:46 192512 ----a-w- c:\program files\Apoint2K\Apoint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] 2005-03-22 19:05 339968 ----a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] 2008-07-18 18:58 266497 ----a-w- c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJLaunchEXE] 2002-03-14 07:42 630784 ----a-w- c:\program files\Canon\BJCard\BJLaunch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CeEKEY] 2005-04-28 18:08 675840 ----a-w- c:\program files\TOSHIBA\E-KEY\CeEKey.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cselect] 2005-04-12 15:33 110592 ----a-w- c:\windows\system32\cselect.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-13 17:34 15360 ------w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla] 2005-01-13 23:05 122939 ----a-w- c:\windows\system32\dla\tfswctrl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint] 2006-11-22 09:11 82864 ----a-w- c:\program files\Lexmark 5400 Series\ezprint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HWSetup] 2004-12-24 08:07 28672 ----a-w- c:\program files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 5400 Series Fax Server] 2006-11-22 09:12 304048 ----a-w- c:\program files\Lexmark 5400 Series\fm3032.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh] 2005-04-12 13:24 184320 ----a-w- c:\program files\ltmoh\ltmoh.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX] 2005-09-01 12:04 221184 ----a-w- c:\windows\system32\LVCOMSX.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxctmon.exe] 2006-11-22 09:11 291760 ----a-w- c:\program files\Lexmark 5400 Series\lxctmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)] 2009-01-14 15:11 1273488 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-13 17:34 1695232 ------w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2007-10-18 10:34 5724184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PadTouch] 2004-11-17 08:56 1077327 ----a-w- c:\program files\TOSHIBA\Touch and Launch\PadExe.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView] 2005-05-17 07:24 118784 ----a-w- c:\program files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SVPWUTIL] 2005-02-26 05:59 65536 ----a-w- c:\program files\TOSHIBA\Windows Utilities\SVPWUTIL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TCtryIOHook] 2005-04-20 13:56 28672 ----a-w- c:\windows\system32\TCtrlIOHook.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD] 2005-04-11 14:08 65536 ----a-w- c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSHIBA Accessibility] 2005-03-08 13:27 24576 ----a-w- c:\program files\TOSHIBA\Accessibility\FnKeyHook.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPNF] 2004-11-30 11:06 53248 ----a-w- c:\program files\TOSHIBA\TouchPad\TPTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPSMain] 2005-01-21 08:28 266240 ----a-w- c:\windows\system32\TPSMain.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tvs] 2005-04-05 14:25 73728 ----a-w- c:\program files\TOSHIBA\Tvs\TvsTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zooming] 2004-07-14 14:07 24576 ----a-w- c:\windows\system32\ZoomingHook.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "BackWeb Client - 7681197"=2 (0x2) "F-Secure BackWeb LAN Access"=3 (0x3) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\TOSHIBA\\ConfigFree\\CFXFER.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\mcoinstall.exe"= "c:\\WINDOWS\\system32\\lxctcoms.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "3587:TCP"= 3587:TCP:Groupement homologue Windows "3540:UDP"= 3540:UDP:Protocole PNRP (Peer Name Resolution Protocol) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R1 Dev_UNIDRV;Dev_UNIDRV;c:\windows\system32\drivers\UNIDRV.SYS [2009-05-12 6080] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2006-09-03 639224] S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys --> c:\program files\SUPERAntiSpyware\SASKUTIL.sys [?] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2008-09-10 38496] S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2008-10-27 7808] S3 vaxscsi;vaxscsi;c:\windows\system32\Drivers\vaxscsi.sys --> c:\windows\system32\Drivers\vaxscsi.sys [?] S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\c:\windows\system32\ZDCndis5.SYS --> c:\windows\system32\ZDCndis5.SYS [?] S4 BackWeb Client - 7681197;F-Secure BackWeb;c:\progra~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE --> c:\progra~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE [?] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc . Contenu du dossier 'Tâches planifiées' 2008-12-08 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8220877576.job - c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52] 2010-01-12 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-23 19:23] . . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uStart Page = hxxp://www.google.fr/ mWindow Title = uInternet Connection Wizard,ShellNext = iexplore Trusted Zone: ebay.fr\cgi TCP: {87E4CE68-A48D-47DC-8E97-9FE6ED01D490} = 80.10.246.2,80.10.246.129 DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab . - - - - ORPHELINS SUPPRIMES - - - - Toolbar-SITEguard - (no file) MSConfigStartUp-c42ded96 - c:\windows\system32\uebwrguq.dll MSConfigStartUp-ccApp - c:\program files\Fichiers communs\Symantec Shared\ccApp.exe MSConfigStartUp-CursorXP - c:\program files\CursorXP\CursorXP.exe MSConfigStartUp-F-Secure Manager - c:\program files\F-Secure\Common\FSM32.EXE MSConfigStartUp-FreeRAM XP - c:\program files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe MSConfigStartUp-IntelliPoint - c:\program files\Microsoft IntelliPoint\point32.exe MSConfigStartUp-LDM - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe MSConfigStartUp-LogitechCameraAssistant - c:\program files\Logitech\Video\CameraAssistant.exe MSConfigStartUp-LogitechCameraService(E) - c:\windows\system32\ElkCtrl.exe MSConfigStartUp-LogitechSoftwareUpdate - c:\program files\Logitech\Video\ManifestEngine.exe MSConfigStartUp-LogitechVideo[inspector] - c:\program files\Logitech\Video\InstallHelper.exe MSConfigStartUp-meowplatformflawsize - c:\documents and settings\All Users\Application Data\internet slow meow platform\DASHWMA.exe MSConfigStartUp-MessengerPlus3 - c:\program files\MessengerPlus! 3\MsgPlus.exe MSConfigStartUp-NDSTray - NDSTray.exe MSConfigStartUp-PopUpStopperFreeEdition - c:\progra~1\PANICW~1\POP-UP~1\PSFree.exe MSConfigStartUp-SpySweeper - c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe MSConfigStartUp-SSC_UserPrompt - c:\program files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe MSConfigStartUp-SweetIM - c:\program files\Macrogaming\SweetIM\SweetIM.exe MSConfigStartUp-TFncKy - TFncKy.exe MSConfigStartUp-WOOKIT - c:\progra~1\Wanadoo\Shell.exe MSConfigStartUp-WOOTASKBARICON - c:\progra~1\Wanadoo\GestMaj.exe MSConfigStartUp-WOOWATCH - c:\progra~1\Wanadoo\Watch.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-13 00:16 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run LXCTCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(564) c:\windows\system32\Ati2evxx.dll . Heure de fin: 2010-01-13 00:19:25 ComboFix-quarantined-files.txt 2010-01-12 23:19 Avant-CF: 26,011,156,480 octets libres Après-CF: 25,879,801,856 octets libres - - End Of File - - 9A96759CFE9EAA737387A20CD6CA6145

re , non il n est pas la ?

LE FICHIER TOUS C EST BIEN DEROULER MAIS RIEN°°° VOILA LE RAPPORT All processes killed Error: Unable to interpret <Instructions:> in the current context! ========== FILES ========== File/Folder C:\WINDOWS\system32\awtqr.dll not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: uset ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 449930 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 255 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 0.00 mb OTM by OldTimer - Version 3.1.5.0 log created on 01122010_191737 Files moved on Reboot... Registry entries deleted on Reboot... ET SI SA PEUT AIDEZ VOILA UN HIJACKLogfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:12 0, on 2010-01-12 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Canon\BJCard\Bjmcmng.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\lxctcoms.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Secunia\PSI (RC4)\psi.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-3834033692-622310950-466277136-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-21-3834033692-622310950-466277136-1006 Startup: Secunia PSI (RC4).lnk = C:\Program Files\Secunia\PSI (RC4)\psi.exe (User '?') O4 - Startup: Secunia PSI (RC4).lnk = C:\Program Files\Secunia\PSI (RC4)\psi.exe O4 - Global Startup: Bootvis.lnk = C:\Documents and Settings\uset\Bureau\BootVisfr\Bootvis_Sleep.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://olivierolivierconroux.spaces.msn.co...ad/MsnPUpld.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} - http://www.nanoscan.com/as/cabs/ascstubie.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1155119580000 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{87E4CE68-A48D-47DC-8E97-9FE6ED01D490}: NameServer = 80.10.246.2,80.10.246.129 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Canon BJ Memory Card Manager (Bjmcmng) - CANON INC. - C:\Program Files\Canon\BJCard\Bjmcmng.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 7248 bytes MERCI POUR TOUT!!!