lolo1411

Bonjour, OK merci pour tout Laurent

Salut La machine va bien - Merci pour elle Ci-dessous le lien du rapport ZHPDIAG http://cjoint.com/?CLgwFC9ACjZ Merci de ton aide Laurent

Bonsoir, J'ai effectivement eu un doute quand j'ai vu le résultat et je n'ai pas eu le réflexe de cocher toutes les cases Du coup, pour me faire pardonner j'ai relancé MBAM Le rapport est ci-dessous Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Version de la base de données: v2013.12.04.09 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Laurent :: MAISONXP [administrateur] 05/12/2013 20:05:25 mbam-log-2013-12-05 (20-05-25).txt Type d'examen: Examen complet (C:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 502129 Temps écoulé: 2 heure(s), 26 minute(s), 38 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 18 C:\Documents and Settings\Laurent\Local Settings\Temp\SPWrap.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès. C:\Documents and Settings\Laurent\Local Settings\Temp\UpdateTask.exe.9123046 (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès. C:\Documents and Settings\Laurent\Mes documents\Téléchargements\Setup_brff.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès. C:\Documents and Settings\Laurent\Mes documents\Téléchargements\SoftonicDownloader_pour_geogebra.exe (PUP.Optional.Softonic.A) -> Mis en quarantaine et supprimé avec succès. C:\Documents and Settings\Laurent\Mes documents\Téléchargements\SoftonicDownloader_pour_nokia-suite.exe (PUP.Optional.Softonic) -> Mis en quarantaine et supprimé avec succès. C:\Documents and Settings\Patricia\Local Settings\Temp\xxP+yDtf.exe.part (PUP.Optional.Vid) -> Mis en quarantaine et supprimé avec succès. C:\Documents and Settings\Patricia\Mes documents\Téléchargements\FLVPlayerSetup(1).exe (PUP.Optional.InstallCore.A) -> Mis en quarantaine et supprimé avec succès. C:\Documents and Settings\Patricia\Mes documents\Téléchargements\FLVPlayerSetup(2).exe (PUP.Optional.InstallCore.A) -> Mis en quarantaine et supprimé avec succès. C:\Documents and Settings\Patricia\Mes documents\Téléchargements\FLVPlayerSetup(3).exe.part (PUP.Optional.InstallCore.A) -> Mis en quarantaine et supprimé avec succès. C:\Documents and Settings\Patricia\Mes documents\Téléchargements\FLVPlayerSetup.exe (PUP.Optional.InstallCore.A) -> Mis en quarantaine et supprimé avec succès. C:\Documents and Settings\Patricia\Mes documents\Téléchargements\iLividSetup-r427-n-bf.exe (PUP.Optional.Vid) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{609E6BF4-344A-4266-AA81-03AFDB56B7A1}\RP768\A0120686.dll (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{609E6BF4-344A-4266-AA81-03AFDB56B7A1}\RP768\A0120688.dll (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{609E6BF4-344A-4266-AA81-03AFDB56B7A1}\RP768\A0120689.dll (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{609E6BF4-344A-4266-AA81-03AFDB56B7A1}\RP768\A0120690.exe (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{609E6BF4-344A-4266-AA81-03AFDB56B7A1}\RP768\A0120691.dll (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{609E6BF4-344A-4266-AA81-03AFDB56B7A1}\RP768\A0120693.exe (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{609E6BF4-344A-4266-AA81-03AFDB56B7A1}\RP772\A0121293.exe (PUP.Optional.InstallCore) -> Mis en quarantaine et supprimé avec succès. (fin) A+ Laurent

Bonjour, Et voila le résultat de MBAM Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Version de la base de données: v2013.12.04.09 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Laurent :: MAISONXP [administrateur] 04/12/2013 23:04:55 mbam-log-2013-12-04 (23-04-55).txt Type d'examen: Examen complet (C:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 500129 Temps écoulé: 2 heure(s), 6 minute(s), 59 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 20 C:\Documents and Settings\Laurent\Local Settings\Temp\SPWrap.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée. C:\Documents and Settings\Laurent\Local Settings\Temp\UpdateTask.exe.9123046 (PUP.Optional.MySearchDial.A) -> Aucune action effectuée. C:\Documents and Settings\Laurent\Mes documents\Téléchargements\Setup_brff.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée. C:\Documents and Settings\Laurent\Mes documents\Téléchargements\SoftonicDownloader_pour_geogebra.exe (PUP.Optional.Softonic.A) -> Aucune action effectuée. C:\Documents and Settings\Laurent\Mes documents\Téléchargements\SoftonicDownloader_pour_nokia-suite.exe (PUP.Optional.Softonic) -> Aucune action effectuée. C:\Documents and Settings\Patricia\Local Settings\Temp\xxP+yDtf.exe.part (PUP.Optional.Vid) -> Aucune action effectuée. C:\Documents and Settings\Patricia\Mes documents\Téléchargements\FLVPlayerSetup(1).exe (PUP.Optional.InstallCore.A) -> Aucune action effectuée. C:\Documents and Settings\Patricia\Mes documents\Téléchargements\FLVPlayerSetup(2).exe (PUP.Optional.InstallCore.A) -> Aucune action effectuée. C:\Documents and Settings\Patricia\Mes documents\Téléchargements\FLVPlayerSetup(3).exe.part (PUP.Optional.InstallCore.A) -> Aucune action effectuée. C:\Documents and Settings\Patricia\Mes documents\Téléchargements\FLVPlayerSetup.exe (PUP.Optional.InstallCore.A) -> Aucune action effectuée. C:\Documents and Settings\Patricia\Mes documents\Téléchargements\iLividSetup-r427-n-bf.exe (PUP.Optional.Vid) -> Aucune action effectuée. C:\System Volume Information\_restore{609E6BF4-344A-4266-AA81-03AFDB56B7A1}\RP768\A0120686.dll (PUP.Optional.MySearchDial.A) -> Aucune action effectuée. C:\System Volume Information\_restore{609E6BF4-344A-4266-AA81-03AFDB56B7A1}\RP768\A0120688.dll (PUP.Optional.MySearchDial.A) -> Aucune action effectuée. C:\System Volume Information\_restore{609E6BF4-344A-4266-AA81-03AFDB56B7A1}\RP768\A0120689.dll (PUP.Optional.MySearchDial.A) -> Aucune action effectuée. C:\System Volume Information\_restore{609E6BF4-344A-4266-AA81-03AFDB56B7A1}\RP768\A0120690.exe (PUP.Optional.MySearchDial.A) -> Aucune action effectuée. C:\System Volume Information\_restore{609E6BF4-344A-4266-AA81-03AFDB56B7A1}\RP768\A0120691.dll (PUP.Optional.MySearchDial.A) -> Aucune action effectuée. C:\System Volume Information\_restore{609E6BF4-344A-4266-AA81-03AFDB56B7A1}\RP768\A0120693.exe (PUP.Optional.MySearchDial.A) -> Aucune action effectuée. C:\System Volume Information\_restore{609E6BF4-344A-4266-AA81-03AFDB56B7A1}\RP772\A0121293.exe (PUP.Optional.InstallCore) -> Aucune action effectuée. C:\Documents and Settings\Alice\Mes documents\Téléchargements\PlayerPlusX(1).exe (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès. C:\Documents and Settings\Alice\Mes documents\Téléchargements\PlayerPlusX.exe (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès. (fin) A+, Laurent

Bonsoir, SFTGC reste bloqué sur la fenêtre "Initialisation en cours - Patienter ..." Du coup, je n'ai pas fait la suite Est-ce que j'ai eu raison? A+, Laurent

Salut, Lors du passage JRT, il m'a demandé de rebooter Par contre, je n'ai pas sauvé le fichier JRT.txt avant de passer AdwCleaner et du coup je ne le retrouve plus (est-ce qu'il l'a sauvé - si oui, ou est-ce que je le retrouve?) Sinon, voici le rapport AdfwCleaner # AdwCleaner v3.014 - Rapport créé le 02/12/2013 à 21:42:28 # Mis à jour le 01/12/2013 par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : Laurent - MAISONXP # Exécuté depuis : C:\Documents and Settings\Laurent\Bureau\adwcleaner.exe # Option : Nettoyer ***** [ Services ] ***** ***** [ Fichiers / Dossiers ] ***** Dossier Supprimé : C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\ltvnwc5h.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8} Dossier Supprimé : C:\Documents and Settings\Alice\Application Data\Mozilla\Firefox\Profiles\dmhsamck.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8} Dossier Supprimé : C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\ltvnwc5h.default\Extensions\ffxtlbr@mysearchdial.com Dossier Supprimé : C:\Documents and Settings\Alice\Application Data\Mozilla\Firefox\Profiles\dmhsamck.default\Extensions\ffxtlbr@mysearchdial.com [!] Dossier Supprimé : C:\Documents and Settings\Patricia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [!] Dossier Supprimé : C:\Documents and Settings\Loïc\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff Fichier Supprimé : C:\Documents and Settings\Laurent\Local Settings\Application Data\mysearchdial-speeddial.crx Fichier Supprimé : C:\Documents and Settings\Laurent\Bureau\MySearchDial.url Fichier Supprimé : C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\ltvnwc5h.default\searchplugins\bingp.xml Fichier Supprimé : C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\ltvnwc5h.default\searchplugins\Mysearchdial.xml Fichier Supprimé : C:\Documents and Settings\Claire\Application Data\Mozilla\Firefox\Profiles\625wp51b.default\searchplugins\Mysearchdial.xml Fichier Supprimé : C:\Documents and Settings\Alice\Application Data\Mozilla\Firefox\Profiles\dmhsamck.default\searchplugins\Mysearchdial.xml Fichier Supprimé : C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\ltvnwc5h.default\user.js Fichier Supprimé : C:\Documents and Settings\Claire\Application Data\Mozilla\Firefox\Profiles\625wp51b.default\user.js Fichier Supprimé : C:\Documents and Settings\Alice\Application Data\Mozilla\Firefox\Profiles\dmhsamck.default\user.js Fichier Supprimé : C:\Documents and Settings\Laurent\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage Fichier Supprimé : C:\Documents and Settings\Patricia\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage ***** [ Raccourcis ] ***** ***** [ Registre ] ***** Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A26ABCF0-1C8F-46E7-A67C-0489DC21B9CC} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6} Clé Supprimée : HKCU\Software\mysearchdial.com ***** [ Navigateurs ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Mozilla Firefox v25.0.1 (fr) [ Fichier : C:\Documents and Settings\Laurent\Application Data\Mozilla\Firefox\Profiles\4aud2sv6.default\prefs.js ] [ Fichier : C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\ltvnwc5h.default\prefs.js ] Ligne Supprimée : user_pref("browser.search.defaultenginename", "Mysearchdial"); Ligne Supprimée : user_pref("browser.search.order.1", "Mysearchdial"); Ligne Supprimée : user_pref("browser.search.selectedEngine", "Mysearchdial"); Ligne Supprimée : user_pref("extensions.enabledAddons", "wrc%40avast.com:8.0.1497,%7Bad9a41d2-9a49-4fa6-a79e-71a0785364c8%7D:9.5.3,ffxtlbr%40mysearchdial.com:1.6.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1"); Ligne Supprimée : user_pref("extensions.mysearchdial.aflt", "telemsd"); Ligne Supprimée : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}"); Ligne Supprimée : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtCtAyBtBtAtCtA0B0CyDzy0F0EyDtN0D0Tzu0CyCyBzztN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu2Z1P1I1P1H1B1Q"); Ligne Supprimée : user_pref("extensions.mysearchdial.cntry", "FR"); Ligne Supprimée : user_pref("extensions.mysearchdial.cr", "1290906378"); Ligne Supprimée : user_pref("extensions.mysearchdial.dfltLng", ""); Ligne Supprimée : user_pref("extensions.mysearchdial.dfltSrch", true); Ligne Supprimée : user_pref("extensions.mysearchdial.dnsErr", true); Ligne Supprimée : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...] Ligne Supprimée : user_pref("extensions.mysearchdial.excTlbr", false); Ligne Supprimée : user_pref("extensions.mysearchdial.hdrMd5", "C07065C145833F05D26641AE9E912020"); Ligne Supprimée : user_pref("extensions.mysearchdial.hmpg", true); Ligne Supprimée : user_pref("extensions.mysearchdial.id", "001372313BC59FE5"); Ligne Supprimée : user_pref("extensions.mysearchdial.instlDay", "16018"); Ligne Supprimée : user_pref("extensions.mysearchdial.instlRef", ""); Ligne Supprimée : user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.21.09:5:44"); Ligne Supprimée : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"89\",\"lastVrsn\":\"89\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true\",\"msgTs\":0,\"lstMsgTs\":\"0\"}"); Ligne Supprimée : user_pref("extensions.mysearchdial.prdct", "mysearchdial"); Ligne Supprimée : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial"); Ligne Supprimée : user_pref("extensions.mysearchdial.sg", "none"); Ligne Supprimée : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial"); Ligne Supprimée : user_pref("extensions.mysearchdial.tlbrId", "base"); Ligne Supprimée : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0"); Ligne Supprimée : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0"); Ligne Supprimée : user_pref("extensions.mysearchdial_i.hmpg", true); Ligne Supprimée : user_pref("extensions.mysearchdial_i.newTab", false); Ligne Supprimée : user_pref("extensions.mysearchdial_i.smplGrp", "none"); Ligne Supprimée : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.09:5:44"); Ligne Supprimée : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...] Ligne Supprimée : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*"); [ Fichier : C:\Documents and Settings\Claire\Application Data\Mozilla\Firefox\Profiles\625wp51b.default\prefs.js ] Ligne Supprimée : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...] Ligne Supprimée : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*"); Ligne Supprimée : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}"); Ligne Supprimée : user_pref("browser.search.selectedEngine", "Mysearchdial"); Ligne Supprimée : user_pref("browser.search.defaultenginename", "Mysearchdial"); [ Fichier : C:\Documents and Settings\Alice\Application Data\Mozilla\Firefox\Profiles\dmhsamck.default\prefs.js ] Ligne Supprimée : user_pref("browser.search.defaultenginename", "Mysearchdial"); Ligne Supprimée : user_pref("browser.search.order.1", "Mysearchdial"); Ligne Supprimée : user_pref("browser.search.selectedEngine", "Mysearchdial"); Ligne Supprimée : user_pref("extensions.enabledAddons", "%7Bad9a41d2-9a49-4fa6-a79e-71a0785364c8%7D:9.5.3,ffxtlbr%40mysearchdial.com:1.6.0,wrc%40avast.com:8.0.1497,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1"); Ligne Supprimée : user_pref("extensions.mysearchdial.aflt", "telemsd"); Ligne Supprimée : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}"); Ligne Supprimée : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtCtAyBtBtAtCtA0B0CyDzy0F0EyDtN0D0Tzu0CyCyBzztN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu2Z1P1I1P1H1B1Q"); Ligne Supprimée : user_pref("extensions.mysearchdial.cntry", "FR"); Ligne Supprimée : user_pref("extensions.mysearchdial.cr", "1290906378"); Ligne Supprimée : user_pref("extensions.mysearchdial.dfltLng", ""); Ligne Supprimée : user_pref("extensions.mysearchdial.dfltSrch", true); Ligne Supprimée : user_pref("extensions.mysearchdial.dnsErr", true); Ligne Supprimée : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...] Ligne Supprimée : user_pref("extensions.mysearchdial.excTlbr", false); Ligne Supprimée : user_pref("extensions.mysearchdial.hdrMd5", "C07065C145833F05D26641AE9E912020"); Ligne Supprimée : user_pref("extensions.mysearchdial.hmpg", true); Ligne Supprimée : user_pref("extensions.mysearchdial.id", "001372313BC59FE5"); Ligne Supprimée : user_pref("extensions.mysearchdial.instlDay", "16018"); Ligne Supprimée : user_pref("extensions.mysearchdial.instlRef", ""); Ligne Supprimée : user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.21.09:5:44"); Ligne Supprimée : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"85\",\"lastVrsn\":\"85\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}"); Ligne Supprimée : user_pref("extensions.mysearchdial.prdct", "mysearchdial"); Ligne Supprimée : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial"); Ligne Supprimée : user_pref("extensions.mysearchdial.sg", "none"); Ligne Supprimée : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial"); Ligne Supprimée : user_pref("extensions.mysearchdial.tlbrId", "base"); Ligne Supprimée : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0"); Ligne Supprimée : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0"); Ligne Supprimée : user_pref("extensions.mysearchdial_i.hmpg", true); Ligne Supprimée : user_pref("extensions.mysearchdial_i.newTab", false); Ligne Supprimée : user_pref("extensions.mysearchdial_i.smplGrp", "none"); Ligne Supprimée : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.09:5:44"); Ligne Supprimée : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...] Ligne Supprimée : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*"); [ Fichier : C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\ex2dmkw5.default\prefs.js ] Ligne Supprimée : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...] Ligne Supprimée : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*"); -\\ Google Chrome v31.0.1650.57 [ Fichier : C:\Documents and Settings\Laurent\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ] Supprimée : homepage Supprimée : search_url Supprimée : urls_to_restore_on_startup [ Fichier : C:\Documents and Settings\Patricia\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ] Supprimée : homepage Supprimée : icon_url Supprimée : search_url Supprimée : keyword Supprimée : urls_to_restore_on_startup [ Fichier : C:\Documents and Settings\Claire\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ] Supprimée : homepage Supprimée : search_url Supprimée : urls_to_restore_on_startup [ Fichier : C:\Documents and Settings\Loïc\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [15110 octets] - [02/12/2013 21:40:18] AdwCleaner[s0].txt - [15255 octets] - [02/12/2013 21:42:28] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [15316 octets] ########## Laurent

Salut Ci-dessous le lien du rapport ZHPDIAG http://cjoint.com/?CKEpQRqOnyE Merci de ton aide Laurent

Bonjour, Mon PC est très lent à démarrer Config matérielle: AMD Athlon 64x2 Daul Core 4200+ 2.20 GHz - 2 Go RAM Système: Windows XP SP3 Que me conseillez-vous? Merci, Laurent

Bonjour, Lorsque je ferme une des sessions de mon ordinateur, j'ai une fenêtre bizarre (avec un nom du style 3e7) qui refuse de se fermer et du coup bloque la fermeture de Windows. La combinaison Ctrl-Alt-Del reste sans effet et ne me donne plus accès au Gestionnaire des tâches. J'ai fait un post dans le forum Sécurité et à priori tout est nettoyé, mais le phénomène continue. Qui a une idée? Merci

Salut, J'ai viré la mule comme suggéré (en fait, il n'était pas installé). Par contre, j'ai toujours des fenêtres bizarres (avec un nom style 3e5) qui ne se ferment pas à la sortie de session et empêche celle-ci de se terminer correctement. As-tu une idée? A+

Salut, Ci-dessous le rapport Kaspersky -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Thursday, January 15, 2009 Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Thursday, January 15, 2009 19:43:05 Records in database: 1627282 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ E:\ F:\ G:\ H:\ Scan statistics: Files scanned: 172957 Threat name: 1 Infected objects: 1 Suspicious objects: 0 Duration of the scan: 01:42:25 File name / Threat name / Threats count C:\Documents and Settings\Patricia\Bureau\instala-emule.exe Infected: not-a-virus:FraudTool.Win32.Takedawnload.a 1 The selected area was scanned. A+

Bonsoir, Avant de tout désinstaller les outils, j'ai l'impression que tout n'est pas résolu (Antivir m'a signalé une infection) et j'ai eu une fenêtre bizarre qui s'est fermé lors la fermeture d'une session. Qu'en penses-tu? A+

Salut, J'ai procédé aux mises à jour comme conseillé et voci le log après passage de JavaRa JavaRa 1.13 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Wed Jan 14 10:21:07 2009 Found and removed: C:\Program Files\Java\jre1.5.0_06 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510006 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510006 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510006 Found and removed: SOFTWARE\Classes\JavaPlugin.150_06 Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_06 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_06 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510006 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_06 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_06\ ------------------------------------ Finished reporting. Je joue avec mon PC pendant un jour et je te dis confirme s'il reste ou pas de problèmes A+

Bonsoir, Non, je ne suis pas allé sur un autre forum (je comprends que sinon tu sois agacé). Voici le rapport MBAM Malwarebytes' Anti-Malware 1.32 Version de la base de données: 1646 Windows 5.1.2600 Service Pack 2 12/01/2009 22:34:24 mbam-log-2009-01-12 (22-34-24).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|) Eléments examinés: 286995 Temps écoulé: 1 hour(s), 56 minute(s), 32 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 3 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Documents and Settings\All Users\Application Data\live 64 math does (Trojan.Agent) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Program Files\Zylom Games\Ranch Rush Deluxe\ijl15.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\live 64 math does\live gram.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\BM5fe5bf07.txt (Trojan.Vundo) -> Quarantined and deleted successfully. ainsi que le nouveau log hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:38:30, on 12/01/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\stsystra.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Laurent\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=3061204 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=3061204 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [QUAD Scheduler] C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe O4 - HKCU\..\Run: [QUAD Windows service] C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe -h O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 13377 bytes @+

Bonsoir, Non, je ne pense pas qu'on m'ait laissé partir avec des applications à risque en Mars. Lors de la première passe de SDFix, j'ai eu droit à un placard avec le message suivant : "Le fichier ou le répertoire \found.000\file0000.chk est endommagé et illisible. Exécutes l'uitlitaire CHKDSK" Au redémarrage, CHKDSK s'est lancé tout seul. Voici le rapport SDFix SDFix: Version 1.240 Run by Administrateur on 11/01/2009 at 22:05 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-11 22:43:14 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" "DeviceNotSelectedTimeout"="15" "GDIProcessHandleQuota"=dword:00002710 "Spooler"="yes" "swapdisk"="" "TransmissionRetryTimeout"="90" "USERProcessHandleQuota"=dword:00002710 scanning hidden files ... C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 1087 bytes hidden from API scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 1 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe"="C:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe:*:Enabled:Dell Network Assistant" "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\PROGRA~1\\Livecom\\APPLIC~1\\Exe\\Livecom.exe"="C:\\PROGRA~1\\Livecom\\APPLIC~1\\Exe\\Livecom.exe:*:Enabled:Livecom" "C:\\PROGRA~1\\Livecom\\APPLIC~1\\Exe\\..\\EconfV4\\ftplayer.exe"="C:\\PROGRA~1\\Livecom\\APPLIC~1\\Exe\\..\\EconfV4\\ftplayer.exe:*:Enabled:Livecom Media" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" Remaining Files : Files with Hidden Attributes : Tue 11 Mar 2008 209 ..SH. --- "C:\Boot.bak" Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe" Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" Tue 6 Jan 2009 4,560,384 A..H. --- "C:\RECYCLER\S-1-5-21-2010677075-4262462716-3190251777-1005\Dc6.tmp" Mon 21 Jan 2008 168 A.SHR --- "C:\WINDOWS\system32\551775A8D4.sys" Mon 21 Jan 2008 5,018 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys" Thu 4 Jan 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Sat 20 Jan 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Fri 31 Oct 2008 31,232 ...H. --- "C:\Documents and Settings\Laurent\Application Data\Microsoft\Word\~WRL0342.tmp" Fri 31 Oct 2008 31,232 ...H. --- "C:\Documents and Settings\Laurent\Application Data\Microsoft\Word\~WRL3834.tmp" Tue 9 Dec 2008 21,504 ...H. --- "C:\Documents and Settings\Patricia\Application Data\Microsoft\Word\~WRL3413.tmp" Finished! et le nouveau Hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:53:11, on 11/01/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\stsystra.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Laurent\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=3061204 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=3061204 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [QUAD Scheduler] C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe O4 - HKCU\..\Run: [QUAD Windows service] C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe -h O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O20 - Winlogon Notify: yayvvut - yayvvut.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 13280 bytes @+

Bonjour, Mon PC donne tous les signes d'une possible infection : - le démarrage de certaines sessions est très lent - le click de la souris fonctionne quand il en a envie - Windows essaye de fermer des fenêtres bizzares ("39d" ou autres) lorsqu'il ferme la session (sans toujours y arriver) J'ai déjà été assisté par vos équipes en Mars passé, ce qui fait que je dispose de la console de récupération, si cela peut être utile En dernier lieu, je joins le rapport Hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:48:16, on 11/01/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\stsystra.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Laurent\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=3061204 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy1.babygo.fr:8118 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O4 - HKLM\..\Run: [Disk Panel Configuration] dpcsvc.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O20 - Winlogon Notify: yayvvut - yayvvut.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 11618 bytes

Je l'ai passé en résolu. Une dernière question, j'ai jeté un coup d'oeil sur les sujets relatifs à la sécurité. J'ai trouvé un sujet "Optimiser la sécurité de son PC" datant de 2003. N'y a t'il rien de plus récent? Merci

Une dernière question avant de clore ce topic. Faut t'il passer le problème en status Résolu? Comment fait t'on? Merci encore

Je m'attendais un peu à cette réponse. En fait, j'avais un problème d'install d'IE. Je l'ai réinstallé et depuis cela fonctionne. J'ai quand même suivi ton conseil et installé Firefox Pour le scan Kaspersky, rien n'a été détecté. Un gros merci pour ton aide. J'ai 2 questions complémentaires : - peux-tu me donner les conseils de base pour ne plus être infecté? J'ai avast en tant qu'antivirus. Que dois-je utiliser d'autre? - j'ai vu que tu m'as fait installer la console de récupération. je suppose que ceci ne me dispense pas de créer un point de restauration du système.

Je veux bien, mais je ne peux toujours pas accéder à Internet. Quand je clique sur l'icone, l'application se plante

J'ai Media Center. Vu qu'il n'était pas dans les choix, j'ai pris Home Edition SP2. Voici le log WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

Voila les 2 rapports ComboFix 08-03-14.2 - Laurent 2008-03-14 22:39:41.1 - NTFSx86 MINIMAL Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1785 [GMT 1:00] Endroit: C:\Documents and Settings\Laurent\Bureau\ComboFix.exe AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\BM5fe5bf07.xml C:\WINDOWS\cookies.ini C:\WINDOWS\pskt.ini C:\WINDOWS\system32\apkqgsrm.dll C:\WINDOWS\system32\bmnececk.dll C:\WINDOWS\system32\ecwnqsrh.dll C:\WINDOWS\system32\efcaawx.dll C:\WINDOWS\system32\epeiydud.dll C:\WINDOWS\system32\estpkplv.dll C:\WINDOWS\system32\fccayxu.dll C:\WINDOWS\system32\fccyyaw.dll C:\WINDOWS\system32\fdhntomw.dll C:\WINDOWS\system32\fdjusyfq.dll C:\WINDOWS\system32\gainofdv.dll C:\WINDOWS\system32\gqiafivk.dll C:\WINDOWS\system32\grcbihgk.dll C:\WINDOWS\system32\hgggfdb.dll C:\WINDOWS\system32\hvhyemkb.dll C:\WINDOWS\system32\igylhxnc.ini C:\WINDOWS\system32\iifcywv.dll C:\WINDOWS\system32\iifedbb.dll C:\WINDOWS\system32\iifghhi.dll C:\WINDOWS\system32\jkkjk.dll C:\WINDOWS\system32\jkklijh.dll C:\WINDOWS\system32\juegynio.dll C:\WINDOWS\system32\khffggf.dll C:\WINDOWS\system32\kjkkj.ini C:\WINDOWS\system32\kjkkj.ini2 C:\WINDOWS\system32\kpeqkwlw.dll C:\WINDOWS\system32\krmdnggh.dll C:\WINDOWS\system32\ljjghge.dll C:\WINDOWS\system32\ljjkhee.dll C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\mljgecd.dll C:\WINDOWS\system32\mtllsbng.ini C:\WINDOWS\system32\nlhpdsmm.dll C:\WINDOWS\system32\nwnjohsf.dll C:\WINDOWS\system32\opnkheb.dll C:\WINDOWS\system32\opnoopq.dll C:\WINDOWS\system32\pdamnilr.dll C:\WINDOWS\system32\qommkii.dll C:\WINDOWS\system32\qommnno.dll C:\WINDOWS\system32\ssqnmll.dll C:\WINDOWS\system32\uxhgmqmd.dll C:\WINDOWS\system32\vturrss.dll C:\WINDOWS\system32\wmotnhdf.ini C:\WINDOWS\system32\xxywurq.dll C:\WINDOWS\system32\xxywuvt.dll C:\WINDOWS\system32\yayvvut.dll . ((((((((((((((((((((((((((((( Fichiers créés 2008-02-14 to 2008-03-14 )))))))))))))))))))))))))))))))))))) . 2008-03-13 22:24 . 2008-03-13 22:31 <REP> d-------- C:\VundoFix Backups 2008-03-13 21:37 . 2008-03-14 22:10 1,366,923 ---hs---- C:\WINDOWS\system32\gadatekr.ini 2008-03-12 19:38 . 2008-03-13 22:09 <REP> d-------- C:\Lop SD 2008-03-12 14:10 . 2008-03-12 14:10 90,688 --a------ C:\WINDOWS\system32\cnxhlygi.dll 2008-03-12 14:07 . 2008-03-12 14:07 89,152 --a------ C:\WINDOWS\system32\oiomavau.dll 2008-03-11 22:42 . 2004-08-10 13:00 10,096,640 --a--c--- C:\WINDOWS\system32\dllcache\hwxcht.dll 2008-03-11 22:41 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\fp4awel.dll 2008-03-11 22:38 . 2008-03-11 22:38 749 -rah----- C:\WINDOWS\WindowsShell.Manifest 2008-03-11 22:38 . 2008-03-11 22:38 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest 2008-03-11 22:38 . 2008-03-11 22:38 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest 2008-03-11 22:38 . 2008-03-11 22:38 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest 2008-03-11 22:38 . 2008-03-11 22:38 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest 2008-03-11 22:38 . 2008-03-11 22:38 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest 2008-03-11 22:25 . 2004-08-10 13:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2008-03-11 22:25 . 2004-08-10 13:00 24,661 --a--c--- C:\WINDOWS\system32\dllcache\spxcoins.dll 2008-03-11 22:25 . 2004-08-10 13:00 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2008-03-11 22:25 . 2004-08-10 13:00 13,312 --a--c--- C:\WINDOWS\system32\dllcache\irclass.dll 2008-03-11 21:49 . 2004-08-10 13:00 218,624 --a--c--- C:\WINDOWS\system32\dllcache\icwconn1.exe 2008-03-11 21:49 . 2004-08-10 13:00 86,016 --a--c--- C:\WINDOWS\system32\dllcache\icwconn2.exe 2008-03-11 21:49 . 2004-08-10 13:00 32,768 --a--c--- C:\WINDOWS\system32\dllcache\icwdl.dll 2008-03-11 21:49 . 2004-08-10 13:00 20,480 --a--c--- C:\WINDOWS\system32\dllcache\inetwiz.exe 2008-03-11 21:49 . 2004-08-10 13:00 16,384 --a--c--- C:\WINDOWS\system32\dllcache\isignup.exe 2008-03-11 21:33 . 2004-08-10 13:00 1,086,058 -ra------ C:\WINDOWS\SET54.tmp 2008-03-11 21:33 . 2004-08-10 13:00 106,147 -ra------ C:\WINDOWS\SET51.tmp 2008-03-11 21:33 . 2006-03-30 11:03 22,339 -ra------ C:\WINDOWS\SETA3.tmp 2008-03-11 21:33 . 2004-08-10 13:00 14,043 -ra------ C:\WINDOWS\SET60.tmp 2008-03-11 21:33 . 2005-03-30 18:54 10,559 -ra------ C:\WINDOWS\SETA4.tmp 2008-03-10 20:36 . 2008-03-12 13:11 1,562,517 ---hs---- C:\WINDOWS\system32\gimugbdb.ini 2008-03-10 19:59 . 2008-03-10 20:23 1,318,583 --ahs---- C:\WINDOWS\system32\pnxkituk.ini 2008-03-09 21:58 . 2008-03-10 19:52 1,318,463 --ahs---- C:\WINDOWS\system32\qgtrrkeq.ini 2008-03-09 19:28 . 2008-03-09 19:28 <REP> d-------- C:\WINDOWS\dell 2008-03-09 18:42 . 2008-03-11 21:58 4,382 --a------ C:\WINDOWS\imsins.BAK 2008-03-09 18:41 . 2004-08-10 13:00 1,086,058 -ra------ C:\WINDOWS\SETEB.tmp 2008-03-09 18:41 . 2004-08-10 13:00 106,147 -ra------ C:\WINDOWS\SETE8.tmp 2008-03-09 18:41 . 2006-03-30 11:03 22,339 -ra------ C:\WINDOWS\SET13A.tmp 2008-03-09 18:41 . 2004-08-10 13:00 14,043 -ra------ C:\WINDOWS\SETF7.tmp 2008-03-09 18:41 . 2005-03-30 18:54 10,559 -ra------ C:\WINDOWS\SET13B.tmp 2008-03-09 18:41 . 2004-08-10 13:00 7,334 --a--c--- C:\WINDOWS\system32\dllcache\wmerrenu.cat 2008-03-09 18:40 . 2008-03-11 21:55 330,272 --a------ C:\WINDOWS\setupapi.old 2008-03-08 23:38 . 2008-03-08 23:38 <REP> d-------- C:\Program Files\Lavasoft 2008-03-08 23:38 . 2008-03-08 23:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-03-08 23:00 . 2008-03-10 21:13 <REP> d-------- C:\Program Files\a-squared Anti-Malware 2008-03-08 22:56 . 2008-03-08 22:56 936,621 --a------ C:\upload_moi_MAISON.tar.RB0 2008-03-08 21:49 . 2008-03-09 21:52 1,307,981 --ahs---- C:\WINDOWS\system32\rdfftebf.ini 2008-03-08 21:44 . 2008-03-08 21:44 <REP> d-------- C:\WINDOWS\report 2008-03-08 21:44 . 2008-03-08 21:44 <REP> d-------- C:\WINDOWS\AU_Backup 2008-03-08 21:44 . 2008-03-08 21:44 35,479,541 --a------ C:\WINDOWS\VPTNFILE.145 2008-03-08 21:44 . 2008-03-08 21:44 35,479,541 --a------ C:\WINDOWS\LPT$VPN.145 2008-03-08 21:44 . 2008-03-08 21:44 1,926,288 --a------ C:\WINDOWS\tsc.ptn 2008-03-08 21:44 . 2008-03-08 21:44 1,163,344 --a------ C:\WINDOWS\vsapi32.dll 2008-03-08 21:44 . 2008-03-08 21:44 267,845 --a------ C:\WINDOWS\tsc.exe 2008-03-08 21:44 . 2008-03-08 21:44 86,094 --a------ C:\WINDOWS\BPMNT.dll 2008-03-08 21:44 . 2008-03-08 21:44 71,749 --a------ C:\WINDOWS\hcextoutput.dll 2008-03-08 21:44 . 2008-03-08 22:57 823 --a------ C:\WINDOWS\tsc.ini 2008-03-08 21:43 . 2008-03-08 21:44 <REP> d-------- C:\WINDOWS\AU_Temp 2008-03-08 21:43 . 2008-03-08 21:43 <REP> d-------- C:\WINDOWS\AU_Log 2008-03-08 21:43 . 2008-03-08 21:43 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL 2008-03-08 21:43 . 2008-03-08 21:43 286,720 --a------ C:\WINDOWS\PATCH.EXE 2008-03-08 21:43 . 2008-03-08 21:43 69,689 --a------ C:\WINDOWS\UNZIP.DLL 2008-03-08 21:43 . 2008-03-08 21:43 170 --a------ C:\WINDOWS\GetServer.ini 2008-03-08 21:21 . 2008-03-08 21:21 <REP> d-------- C:\Program Files\ToniArts 2008-03-07 22:40 . 2008-03-11 21:18 1,824 --a------ C:\WINDOWS\system32\tmp.reg 2008-03-07 22:30 . 2008-03-07 22:30 <REP> d-------- C:\Documents and Settings\Laurent\Application Data\Malwarebytes 2008-03-07 22:30 . 2008-03-07 22:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-03-07 21:58 . 2008-03-07 21:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-03-07 21:52 . 2008-03-07 21:52 <REP> d-------- C:\Program Files\Yahoo! 2008-03-07 21:52 . 2008-03-07 21:52 <REP> d-------- C:\Program Files\CCleaner 2008-03-07 21:10 . 2008-03-07 21:10 <REP> d-------- C:\Program Files\Trend Micro 2008-03-06 20:44 . 2008-03-07 17:59 1,308,448 --ahs---- C:\WINDOWS\system32\ajidufsk.ini 2008-03-06 20:44 . 2008-03-09 21:28 268 --ah----- C:\sqmdata19.sqm 2008-03-06 20:44 . 2008-03-09 21:28 244 --ah----- C:\sqmnoopt19.sqm 2008-03-06 19:50 . 2008-03-06 19:50 <REP> d-------- C:\Documents and Settings\Patricia\Application Data\gemsweeperextractedgfx 2008-03-06 19:50 . 2008-03-06 19:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\My Games 2008-03-06 12:19 . 2008-03-09 20:39 244 --ah----- C:\sqmnoopt18.sqm 2008-03-06 12:19 . 2008-03-09 20:39 232 --ah----- C:\sqmdata18.sqm 2008-03-05 22:14 . 2008-03-09 19:59 244 --ah----- C:\sqmnoopt17.sqm 2008-03-05 22:14 . 2008-03-09 19:59 232 --ah----- C:\sqmdata17.sqm 2008-03-05 22:12 . 2008-03-09 19:19 244 --ah----- C:\sqmnoopt16.sqm 2008-03-05 22:12 . 2008-03-09 19:19 232 --ah----- C:\sqmdata16.sqm 2008-03-05 22:10 . 2008-03-09 19:16 244 --ah----- C:\sqmnoopt15.sqm 2008-03-05 22:10 . 2008-03-09 19:16 232 --ah----- C:\sqmdata15.sqm 2008-03-05 20:03 . 2008-03-09 08:29 244 --ah----- C:\sqmnoopt14.sqm 2008-03-05 20:03 . 2008-03-09 08:29 232 --ah----- C:\sqmdata14.sqm 2008-03-05 16:16 . 2008-03-09 00:02 268 --ah----- C:\sqmdata13.sqm 2008-03-05 16:16 . 2008-03-09 00:02 244 --ah----- C:\sqmnoopt13.sqm 2008-03-05 14:23 . 2008-03-08 18:49 268 --ah----- C:\sqmdata12.sqm 2008-03-05 14:23 . 2008-03-08 18:49 244 --ah----- C:\sqmnoopt12.sqm 2008-03-05 12:56 . 2008-03-08 12:04 268 --ah----- C:\sqmdata11.sqm 2008-03-05 12:56 . 2008-03-08 12:04 244 --ah----- C:\sqmnoopt11.sqm 2008-03-05 10:56 . 2008-03-05 16:53 1,303,277 --ahs---- C:\WINDOWS\system32\maernbgf.ini 2008-03-05 10:51 . 2008-03-07 23:05 172 --ah----- C:\sqmnoopt10.sqm 2008-03-05 10:51 . 2008-03-07 23:05 172 --ah----- C:\sqmdata10.sqm 2008-03-05 10:48 . 2008-03-07 23:03 268 --ah----- C:\sqmdata09.sqm 2008-03-05 10:48 . 2008-03-07 23:03 244 --ah----- C:\sqmnoopt09.sqm 2008-03-04 20:53 . 2008-03-07 18:16 172 --ah----- C:\sqmnoopt08.sqm 2008-03-04 20:53 . 2008-03-07 18:16 172 --ah----- C:\sqmdata08.sqm 2008-03-04 20:51 . 2008-03-07 18:14 268 --ah----- C:\sqmdata07.sqm 2008-03-04 20:51 . 2008-03-07 18:14 244 --ah----- C:\sqmnoopt07.sqm 2008-03-04 20:20 . 2008-03-07 18:07 268 --ah----- C:\sqmdata06.sqm 2008-03-04 20:20 . 2008-03-07 18:07 244 --ah----- C:\sqmnoopt06.sqm . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-09 21:07 --------- d-----w C:\Program Files\Zylom Games 2008-03-09 21:06 --------- d-----w C:\Program Files\Wanadoo 2008-03-09 20:38 --------- d-----w C:\Program Files\MSN Games 2008-03-09 20:22 --------- d-----w C:\Program Files\IncrediMail 2008-03-09 20:16 --------- d-----w C:\Program Files\Microsoft Référence 2008-03-09 19:44 --------- d-----w C:\Program Files\Mindscape 2008-03-09 19:33 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-09 19:23 --------- d-----w C:\Program Files\MaCuisineLapeyre 2008-03-09 19:19 --------- d-----w C:\Program Files\IKEA HomePlanner 2008-03-09 19:19 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-03-09 19:14 --------- d-----w C:\Program Files\FreeAngel 2008-03-03 18:19 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-22 14:00 --------- d-----w C:\Program Files\Norton Security Scan 2008-02-18 07:38 --------- d-----w C:\Documents and Settings\Patricia\Application Data\Zylom 2008-02-15 18:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\JollyBear 2008-02-07 10:18 --------- d-----w C:\Documents and Settings\Patricia\Application Data\Super-Cow 2008-02-04 17:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Oberon Games 2008-02-04 16:25 230,432 ----a-w C:\StiImg.dat 2008-01-19 12:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\HipSoft 2008-01-16 19:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Aliasworlds 2006-02-19 01:28 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 13:00 15360] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-19 08:45 68856] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Disk Panel Configuration"="dpcsvc.exe" [] "a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-01-07 17:56 1816208] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 13:00 208952] "IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-10 13:00 44032] "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2004-08-10 04:04 59392] "SigmatelSysTrayApp"="stsystra.exe" [2006-08-15 11:00 282624 C:\WINDOWS\stsystra.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 13:00 15360] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17 1241088] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yayvvut] yayvvut.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Corel Family & Friends Reminders.LNK] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Corel Family & Friends Reminders.LNK backup=C:\WINDOWS\pss\Corel Family & Friends Reminders.LNKCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Dell Network Assistant.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Dell Network Assistant.lnk backup=C:\WINDOWS\pss\Dell Network Assistant.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^DSLMON.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk backup=C:\WINDOWS\pss\DSLMON.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide de HP Photosmart Premier.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk backup=C:\WINDOWS\pss\Démarrage rapide de HP Photosmart Premier.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Laurent^Menu Démarrer^Programmes^Démarrage^Memo.lnk] path=C:\Documents and Settings\Laurent\Menu Démarrer\Programmes\Démarrage\Memo.lnk backup=C:\WINDOWS\pss\Memo.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Laurent^Menu Démarrer^Programmes^Démarrage^PrintKey 2000 Fr.lnk] path=C:\Documents and Settings\Laurent\Menu Démarrer\Programmes\Démarrage\PrintKey 2000 Fr.lnk backup=C:\WINDOWS\pss\PrintKey 2000 Fr.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Laurent^Menu Démarrer^Programmes^Démarrage^raccourcis_kplan.exe.lnk] path=C:\Documents and Settings\Laurent\Menu Démarrer\Programmes\Démarrage\raccourcis_kplan.exe.lnk backup=C:\WINDOWS\pss\raccourcis_kplan.exe.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC] --a--c--- 2006-01-02 18:41 45056 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!] --a------ 2007-12-04 14:00 79224 C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cld2000.exe] --a--c--- 2006-09-18 18:35 3022336 C:\Program Files\Calendrier\Cld2000.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader] --a--c--- 2006-08-14 15:20 462336 C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2004-08-10 13:00 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA] --a--c--- 2005-09-08 06:20 122940 C:\WINDOWS\System32\DLA\DLACTRLW.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher] --a--c--- 2005-10-05 04:12 94208 C:\Program Files\Dell\Media Experience\DMXLauncher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray] --a------ 2004-08-10 04:04 59392 C:\WINDOWS\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlyAway] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] --a------ 2007-09-04 20:03 1838592 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent] --a------ 2006-06-26 21:45 1211176 C:\Program Files\Microsoft ActiveSync\wcescomm.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a------ 2006-02-19 01:41 49152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] --a------ 2004-07-27 17:50 221184 C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] --a------ 2004-07-27 17:50 81920 C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MATH DOES FIRST MODE] C:\Documents and Settings\All Users\Application Data\live 64 math does\bias jugs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent] --a------ 1999-08-04 00:00 127040 C:\Program Files\Microsoft Money\System\Money Express.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKAGENTEXE] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe] --a------ 2006-11-07 14:49 1121280 C:\Program Files\McAfee\SpamKiller\MSKDetct.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --------- 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] --a------ 2007-06-18 14:10 271360 C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp] --a------ 2006-08-15 11:00 282624 C:\WINDOWS\stsystra.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2005-11-10 14:03 36975 C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] --a------ 2007-05-19 08:45 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask] C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WooCnxMon] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zzz_ImInstaller_Magentic] C:\DOCUME~1\Claire\LOCALS~1\Temp\ImInstaller\Magentic\magentic_install [1].exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableNotifications"= 1 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe"= "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Program Files\\Messenger\\msmsgs.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "10421:UDP"= 10421:UDP:SingleClick Discovery Protocol "10426:UDP"= 10426:UDP:SingleClick ICC "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R2 hnmwrlspkt;HomeNet Manager Wireless Protocol;C:\WINDOWS\system32\DRIVERS\hnm_wrls_pkt.sys [2006-01-12 23:27] R2 wsppkt;Wireless Security Protocol;C:\WINDOWS\system32\DRIVERS\wsp_pkt.sys [2006-01-12 23:29] R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-10 13:00] S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [] S3 PAC207;Trust WB-1400T Webcam;C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 11:29] S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] \Shell\AutoRun\command - D:\Install.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1992ba5a-5923-11dc-9615-001372313bc5}] \Shell\AutoRun\command - I:\LaunchU3.exe -a . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-02-22 14:05:18 C:\WINDOWS\Tasks\Norton Security Scan.job" - C:\Program Files\Norton Security Scan\Nss.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-14 22:50:29 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe . ************************************************************************** . Temps d'accomplissement: 2008-03-14 22:53:30 - machine was rebooted ComboFix-quarantined-files.txt 2008-03-14 21:53:26 . 2008-03-14 21:10:48 --- E O F --- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:55:00, on 14/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\a-squared Anti-Malware\a2guard.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\stsystra.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=3061204 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy1.babygo.fr:8118 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Disk Panel Configuration] dpcsvc.exe O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60 O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Corel Family & Friends Reminders.LNK = C:\Program Files\Corel\Print House Magic\cffrem.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: yayvvut - yayvvut.dll (file missing) O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 8876 bytes

Voila le fichier Vundofix.txt VundoFix V7.0.3 Scan started at 22:24:49 13/03/2008 Listing files found while scanning.... C:\WINDOWS\system32\cjviwayv.dll C:\WINDOWS\system32\ghuqpqqt.dll Beginning removal... Attempting to delete C:\WINDOWS\system32\cjviwayv.dll C:\WINDOWS\system32\cjviwayv.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ghuqpqqt.dll C:\WINDOWS\system32\ghuqpqqt.dll Has been deleted! Performing Repairs to the registry. Done! et le nouveau log hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:36:07, on 13/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\a-squared Anti-Malware\a2guard.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\stsystra.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=3061204 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy1.babygo.fr:8118 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Disk Panel Configuration] dpcsvc.exe O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60 O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [5cd68c9b] rundll32.exe "C:\WINDOWS\system32\rketadag.dll",b O4 - HKLM\..\Run: [bM5fe5bf07] Rundll32.exe "C:\WINDOWS\system32\estpkplv.dll",s O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Corel Family & Friends Reminders.LNK = C:\Program Files\Corel\Print House Magic\cffrem.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 7565 bytes

Voila -----------------------[ Lop S&D 4.0.6 XP/Vista ]---------------------- [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : Laurent ] [ "C:\Lop SD" ] [ 13/03/2008 | 22:06:57,78 ] [ PC : MAISON ] [ MAJ : 11-03-2008 | 01:12 ] //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ -------------[ Listing des dossiers dans Application Data ]------------ [11/03/2008|07:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\$_hpcst$.hpc [01/09/2005|07:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\. [01/09/2005|07:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\.. [04/12/2006|23:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI [01/09/2005|07:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini [01/09/2005|07:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [01/09/2005|07:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [13/03/2008|21:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\. [13/03/2008|21:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.. [04/12/2006|23:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [16/01/2008|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Aliasworlds [04/12/2006|23:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel [11/03/2008|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [09/12/2006|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [15/07/2007|08:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Help Test Bias File [19/01/2008|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft [06/01/2007|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [09/03/2008|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log [14/07/2007|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations [04/12/2006|23:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [15/02/2008|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear [08/03/2008|23:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [07/03/2008|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [04/12/2006|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee [16/01/2007|22:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com [07/12/2006|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall [28/01/2008|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [06/11/2007|08:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo [06/03/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\My Games [21/02/2008|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MythPeople [31/10/2007|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania [04/02/2008|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games [14/07/2007|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite [05/01/2008|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [06/11/2007|18:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Runic [12/12/2007|11:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games [11/01/2008|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecretsOfOlympus [06/01/2007|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic [14/02/2008|12:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games [03/03/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [01/12/2007|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TERMINAL Studio [03/01/2008|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ViaMichelin [22/12/2006|07:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [07/03/2008|21:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [31/10/2007|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [09/03/2008|19:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\$_hpcst$.hpc [01/09/2005|07:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\. [01/09/2005|07:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.. [04/12/2006|23:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI [11/03/2008|22:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [01/09/2005|07:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [01/09/2005|07:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [08/01/2008|16:45] C:\DOCUME~1\INVIT~1\APPLIC~1\. [08/01/2008|16:45] C:\DOCUME~1\INVIT~1\APPLIC~1\.. [04/12/2006|23:54] C:\DOCUME~1\INVIT~1\APPLIC~1\ATI [01/09/2005|07:08] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini [24/12/2007|15:20] C:\DOCUME~1\INVIT~1\APPLIC~1\Google [17/01/2008|18:28] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities [08/01/2008|16:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia [03/01/2008|19:58] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft [08/01/2008|16:45] C:\DOCUME~1\INVIT~1\APPLIC~1\PlayFirst [08/01/2008|16:43] C:\DOCUME~1\INVIT~1\APPLIC~1\Sandlot Games [17/01/2008|18:28] C:\DOCUME~1\INVIT~1\APPLIC~1\Zylom [18/01/2008|12:58] C:\DOCUME~1\INVIT~1\APPLIC~1\Zylom Games [03/01/2008|21:23] C:\DOCUME~1\Laurent\APPLIC~1\$_hpcst$.hpc [09/03/2008|19:15] C:\DOCUME~1\Laurent\APPLIC~1\. [09/03/2008|19:15] C:\DOCUME~1\Laurent\APPLIC~1\.. [09/03/2008|21:58] C:\DOCUME~1\Laurent\APPLIC~1\Adobe [22/05/2007|11:38] C:\DOCUME~1\Laurent\APPLIC~1\AdobeUM [05/11/2007|12:10] C:\DOCUME~1\Laurent\APPLIC~1\Ahead [04/12/2006|23:54] C:\DOCUME~1\Laurent\APPLIC~1\ATI [12/02/2007|22:05] C:\DOCUME~1\Laurent\APPLIC~1\Corel [01/09/2005|07:08] C:\DOCUME~1\Laurent\APPLIC~1\desktop.ini [07/12/2006|22:53] C:\DOCUME~1\Laurent\APPLIC~1\eConf [09/12/2006|20:30] C:\DOCUME~1\Laurent\APPLIC~1\Google [07/12/2006|22:29] C:\DOCUME~1\Laurent\APPLIC~1\Help [04/03/2007|13:02] C:\DOCUME~1\Laurent\APPLIC~1\HP [01/01/2008|16:09] C:\DOCUME~1\Laurent\APPLIC~1\Identities [21/12/2006|22:39] C:\DOCUME~1\Laurent\APPLIC~1\Leadertech [03/10/2007|10:20] C:\DOCUME~1\Laurent\APPLIC~1\Macromedia [07/03/2008|22:30] C:\DOCUME~1\Laurent\APPLIC~1\Malwarebytes [07/12/2006|22:06] C:\DOCUME~1\Laurent\APPLIC~1\McAfee.com Personal Firewall [09/03/2008|19:15] C:\DOCUME~1\Laurent\APPLIC~1\Microsoft [10/12/2006|20:27] C:\DOCUME~1\Laurent\APPLIC~1\Microsoft Web Folders [19/12/2006|21:41] C:\DOCUME~1\Laurent\APPLIC~1\MSNInstaller [14/07/2007|21:14] C:\DOCUME~1\Laurent\APPLIC~1\Nokia [14/07/2007|21:14] C:\DOCUME~1\Laurent\APPLIC~1\PC Suite [05/11/2007|13:22] C:\DOCUME~1\Laurent\APPLIC~1\Pegasys Inc [10/11/2007|20:39] C:\DOCUME~1\Laurent\APPLIC~1\PlayFirst [21/12/2006|22:39] C:\DOCUME~1\Laurent\APPLIC~1\Sonic [05/11/2007|13:42] C:\DOCUME~1\Laurent\APPLIC~1\STOIK [03/01/2007|20:22] C:\DOCUME~1\Laurent\APPLIC~1\Sun [02/09/2007|18:57] C:\DOCUME~1\Laurent\APPLIC~1\U3 [16/12/2007|15:04] C:\DOCUME~1\Laurent\APPLIC~1\Zylom [07/12/2006|22:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\. [07/12/2006|22:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\.. [07/12/2006|22:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall [01/09/2005|07:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [01/09/2005|07:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\. [01/09/2005|07:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\.. [01/09/2005|07:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [07/01/2008|13:13] C:\DOCUME~1\Patricia\APPLIC~1\$_hpcst$.hpc [10/03/2008|19:51] C:\DOCUME~1\Patricia\APPLIC~1\. [10/03/2008|19:51] C:\DOCUME~1\Patricia\APPLIC~1\.. [12/12/2006|17:30] C:\DOCUME~1\Patricia\APPLIC~1\Adobe [12/12/2006|17:30] C:\DOCUME~1\Patricia\APPLIC~1\AdobeUM [04/12/2006|23:54] C:\DOCUME~1\Patricia\APPLIC~1\ATI [30/12/2006|21:56] C:\DOCUME~1\Patricia\APPLIC~1\Corel [01/09/2005|07:08] C:\DOCUME~1\Patricia\APPLIC~1\desktop.ini [18/02/2008|08:38] C:\DOCUME~1\Patricia\APPLIC~1\Fuzzy Games [18/11/2007|16:20] C:\DOCUME~1\Patricia\APPLIC~1\Gaijin Ent [06/03/2008|19:50] C:\DOCUME~1\Patricia\APPLIC~1\gemsweeperextractedgfx [11/12/2006|09:54] C:\DOCUME~1\Patricia\APPLIC~1\Google [11/12/2006|08:58] C:\DOCUME~1\Patricia\APPLIC~1\Help [08/01/2007|20:45] C:\DOCUME~1\Patricia\APPLIC~1\HP [21/02/2008|19:28] C:\DOCUME~1\Patricia\APPLIC~1\Identities [07/01/2008|10:06] C:\DOCUME~1\Patricia\APPLIC~1\iWin [25/11/2007|16:06] C:\DOCUME~1\Patricia\APPLIC~1\Jane s Hotel [24/10/2007|10:21] C:\DOCUME~1\Patricia\APPLIC~1\Macromedia [27/12/2007|17:38] C:\DOCUME~1\Patricia\APPLIC~1\Magic Academy [08/12/2006|07:10] C:\DOCUME~1\Patricia\APPLIC~1\McAfee.com Personal Firewall [10/03/2008|19:52] C:\DOCUME~1\Patricia\APPLIC~1\Microsoft [07/11/2007|18:08] C:\DOCUME~1\Patricia\APPLIC~1\My Games [15/07/2007|08:21] C:\DOCUME~1\Patricia\APPLIC~1\PC Suite [07/01/2008|20:43] C:\DOCUME~1\Patricia\APPLIC~1\PlayFirst [31/10/2007|18:46] C:\DOCUME~1\Patricia\APPLIC~1\Sandlot Games [06/11/2007|08:29] C:\DOCUME~1\Patricia\APPLIC~1\STOIK [09/01/2007|19:48] C:\DOCUME~1\Patricia\APPLIC~1\Sun [07/02/2008|11:18] C:\DOCUME~1\Patricia\APPLIC~1\Super-Cow [05/12/2007|12:34] C:\DOCUME~1\Patricia\APPLIC~1\Wildfire [18/02/2008|08:38] C:\DOCUME~1\Patricia\APPLIC~1\Zylom ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]--------------- [22/02/2008 15:05][--a------] C:\WINDOWS\tasks\Norton Security Scan.job [13/03/2008 21:33][--ah-----] C:\WINDOWS\tasks\SA.DAT [10/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini ---------------[ Listing des dossiers dans C:\Program Files ]-------------- [12/03/2008|15:13] C:\Program Files\. [12/03/2008|15:13] C:\Program Files\.. [04/12/2006|23:45] C:\Program Files\Adobe [02/01/2007|21:26] C:\Program Files\Alwil Software [14/05/2007|19:11] C:\Program Files\Anniversaire [10/03/2008|21:13] C:\Program Files\a-squared Anti-Malware [04/12/2006|23:44] C:\Program Files\ATI Technologies [04/12/2006|23:51] C:\Program Files\BAE [15/06/2007|16:22] C:\Program Files\Black Sheep Studio [04/12/2006|23:45] C:\Program Files\Broadcom [16/01/2007|20:53] C:\Program Files\Calendrier [19/05/2007|15:29] C:\Program Files\Canon [07/03/2008|21:52] C:\Program Files\CCleaner [10/06/2007|09:28] C:\Program Files\ChatAndPlay [01/09/2005|07:13] C:\Program Files\ComPlus Applications [16/05/2007|09:56] C:\Program Files\Corel [04/12/2006|23:45] C:\Program Files\Dell [04/12/2006|23:51] C:\Program Files\Dell Network Assistant [14/07/2007|21:14] C:\Program Files\DIFX [16/02/2007|12:54] C:\Program Files\directx [16/02/2007|14:25] C:\Program Files\EA GAMES [16/02/2007|14:25] C:\Program Files\Electronic Arts [09/03/2008|21:38] C:\Program Files\Fichiers communs [11/05/2007|20:33] C:\Program Files\Free [09/03/2008|20:14] C:\Program Files\FreeAngel [01/09/2005|07:27] C:\Program Files\GemMasterFrench [01/02/2007|08:07] C:\Program Files\Google [28/06/2007|17:27] C:\Program Files\Hasbro Interactive [25/07/2007|19:25] C:\Program Files\Hewlett-Packard [25/07/2007|19:26] C:\Program Files\HP [09/03/2008|20:19] C:\Program Files\IKEA HomePlanner [09/03/2008|21:22] C:\Program Files\IncrediMail [09/03/2008|20:33] C:\Program Files\InstallShield Installation Information [04/12/2006|23:45] C:\Program Files\InterActual [11/03/2008|22:13] C:\Program Files\Internet Explorer [04/12/2006|23:40] C:\Program Files\Java [08/03/2008|23:38] C:\Program Files\Lavasoft [02/07/2007|12:12] C:\Program Files\LEGO Media [19/02/2008|13:46] C:\Program Files\Macrogaming [09/03/2008|20:23] C:\Program Files\MaCuisineLapeyre [04/12/2006|23:50] C:\Program Files\McAfee [04/12/2006|23:40] C:\Program Files\Messenger [16/01/2007|21:47] C:\Program Files\metagenia [03/01/2008|21:22] C:\Program Files\Microsoft ActiveSync [10/12/2006|20:27] C:\Program Files\microsoft frontpage [09/12/2006|20:41] C:\Program Files\Microsoft Money [10/12/2006|20:27] C:\Program Files\Microsoft Office [09/03/2008|21:16] C:\Program Files\Microsoft R‚f‚rence [04/12/2006|23:45] C:\Program Files\Microsoft Works [09/03/2008|20:44] C:\Program Files\Mindscape [09/03/2008|19:01] C:\Program Files\Movie Maker [09/03/2008|20:30] C:\Program Files\Mozilla Firefox [09/03/2008|20:30] C:\Program Files\MSN [04/02/2007|18:11] C:\Program Files\MSN Apps [09/03/2008|21:38] C:\Program Files\MSN Games [01/09/2005|07:12] C:\Program Files\MSN Gaming Zone [09/12/2006|22:09] C:\Program Files\MSXML 4.0 [01/09/2005|07:15] C:\Program Files\NetMeeting [14/07/2007|21:14] C:\Program Files\Nokia [22/02/2008|15:00] C:\Program Files\Norton Security Scan [01/09/2005|07:13] C:\Program Files\Online Services [09/03/2008|19:01] C:\Program Files\Outlook Express [14/07/2007|21:14] C:\Program Files\PC Connectivity Solution [17/03/2007|09:08] C:\Program Files\PrintKey 2000 Fr [24/02/2007|17:29] C:\Program Files\QuickTime [04/12/2006|23:47] C:\Program Files\Roxio [01/03/2008|12:51] C:\Program Files\Save Close Bat [10/04/2007|16:04] C:\Program Files\SdLL [01/09/2005|07:15] C:\Program Files\Services en ligne [26/11/2007|21:14] C:\Program Files\Sierra On-Line [04/12/2006|23:42] C:\Program Files\Sigmatel [04/12/2006|23:48] C:\Program Files\Sonic [08/03/2008|21:21] C:\Program Files\ToniArts [07/03/2008|21:10] C:\Program Files\Trend Micro [17/06/2007|10:40] C:\Program Files\Trust [16/12/2006|08:52] C:\Program Files\Ubi Soft [01/09/2005|07:25] C:\Program Files\Uninstall Information [03/01/2008|21:53] C:\Program Files\ViaMichelin [09/03/2008|22:06] C:\Program Files\Wanadoo [20/01/2007|19:12] C:\Program Files\Windows Media Connect 2 [11/03/2008|22:37] C:\Program Files\Windows Media Player [01/09/2005|07:12] C:\Program Files\Windows NT [01/09/2005|07:12] C:\Program Files\Windows Plus [01/09/2005|07:15] C:\Program Files\WindowsUpdate [01/09/2005|07:18] C:\Program Files\xerox [07/03/2008|21:52] C:\Program Files\Yahoo! [09/03/2008|22:07] C:\Program Files\Zylom Games ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------ [09/03/2008|21:38] C:\Program Files\Fichiers communs\. [09/03/2008|21:38] C:\Program Files\Fichiers communs\.. [04/12/2006|23:45] C:\Program Files\Fichiers communs\Adobe [05/11/2007|13:03] C:\Program Files\Fichiers communs\Ahead [04/12/2006|23:46] C:\Program Files\Fichiers communs\Corel [10/12/2006|20:29] C:\Program Files\Fichiers communs\Designer [05/07/2007|17:03] C:\Program Files\Fichiers communs\DirectX [06/01/2007|18:15] C:\Program Files\Fichiers communs\Hewlett-Packard [25/07/2007|19:27] C:\Program Files\Fichiers communs\HP [27/12/2006|17:23] C:\Program Files\Fichiers communs\InstallShield [04/12/2006|23:39] C:\Program Files\Fichiers communs\Java [03/01/2008|21:22] C:\Program Files\Fichiers communs\Microsoft Shared [01/09/2005|07:15] C:\Program Files\Fichiers communs\MSSoap [14/07/2007|21:14] C:\Program Files\Fichiers communs\Nokia [01/09/2005|07:08] C:\Program Files\Fichiers communs\ODBC [17/06/2007|10:40] C:\Program Files\Fichiers communs\PCCamera [14/07/2007|21:14] C:\Program Files\Fichiers communs\PCSuite [04/12/2006|23:47] C:\Program Files\Fichiers communs\Roxio Shared [01/09/2005|07:15] C:\Program Files\Fichiers communs\Services [25/07/2007|19:01] C:\Program Files\Fichiers communs\Sonic Shared [01/09/2005|07:08] C:\Program Files\Fichiers communs\SpeechEngines [09/03/2008|19:01] C:\Program Files\Fichiers communs\System [02/01/2007|21:11] C:\Program Files\Fichiers communs\SystemRequirementsLab [04/12/2006|23:47] C:\Program Files\Fichiers communs\TiVo Shared [09/03/2008|20:19] C:\Program Files\Fichiers communs\Wise Installation Wizard ----------------------[ Recherche avec S_Lop ]--------------------- Aucun fichier / dossier Lop trouvé ! -----------------[ Recherche de Fichiers / Dossiers Lop ]----------------- Aucun fichier / dossier Lop trouvé ! ----------------------[ Verification du Registre ]---------------------- ..... OK ! --------------------[ Verification du fichier Hosts ]--------------------- Fichier Hosts PROPRE ----------------[ Recherche de fichiers avec Catchme ]----------------- catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-13 22:08:56 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden files ... scan completed successfully hidden files: 0 --------------------[ Recherche d'autres infections ]--------------------- C:\WINDOWS\system32\kjkkj.ini2 ! VUNDO Possible ! /!\ [Fich:260][Doss:136] C:\DOCUME~1\Laurent\LOCALS~1\Temp /!\ [Fich:205][Doss:0] C:\DOCUME~1\Laurent\Cookies /!\ [Fich:305][Doss:4] C:\DOCUME~1\Laurent\LOCALS~1\TEMPOR~1\content.IE5 --------------------[ Fin du rapport a 22:09:06,82 ]----------------------

Voici le log -----------------------[ Lop S&D 4.0.6 XP/Vista ]---------------------- [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : Administrateur ] [ "C:\Lop SD" ] [ 12/03/2008 | 19:43:23,90 ] [ PC : MAISON ] [ MAJ : 11-03-2008 | 01:12 ] -------------[ Listing des dossiers dans Application Data ]------------ [11/03/2008|07:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\$_hpcst$.hpc [01/09/2005|07:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\. [01/09/2005|07:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\.. [04/12/2006|23:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI [01/09/2005|07:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini [01/09/2005|07:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [01/09/2005|07:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [09/03/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\. [09/03/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.. [04/12/2006|23:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [16/01/2008|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Aliasworlds [04/12/2006|23:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel [11/03/2008|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [09/12/2006|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [15/07/2007|08:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Help Test Bias File [19/01/2008|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft [06/01/2007|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [09/03/2008|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log [14/07/2007|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations [04/12/2006|23:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [15/02/2008|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear [08/03/2008|23:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [01/03/2008|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does [07/03/2008|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [04/12/2006|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee [16/01/2007|22:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com [07/12/2006|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall [28/01/2008|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [06/11/2007|08:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo [06/03/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\My Games [21/02/2008|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MythPeople [31/10/2007|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania [04/02/2008|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games [14/07/2007|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite [05/01/2008|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [06/11/2007|18:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Runic [12/12/2007|11:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games [11/01/2008|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecretsOfOlympus [06/01/2007|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic [14/02/2008|12:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games [03/03/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [01/12/2007|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TERMINAL Studio [03/01/2008|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ViaMichelin [22/12/2006|07:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [07/03/2008|21:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [31/10/2007|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [09/03/2008|19:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\$_hpcst$.hpc [01/09/2005|07:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\. [01/09/2005|07:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.. [04/12/2006|23:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI [11/03/2008|22:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [01/09/2005|07:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [01/09/2005|07:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [08/01/2008|16:45] C:\DOCUME~1\INVIT~1\APPLIC~1\. [08/01/2008|16:45] C:\DOCUME~1\INVIT~1\APPLIC~1\.. [04/12/2006|23:54] C:\DOCUME~1\INVIT~1\APPLIC~1\ATI [01/09/2005|07:08] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini [24/12/2007|15:20] C:\DOCUME~1\INVIT~1\APPLIC~1\Google [17/01/2008|18:28] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities [08/01/2008|16:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia [03/01/2008|19:58] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft [08/01/2008|16:45] C:\DOCUME~1\INVIT~1\APPLIC~1\PlayFirst [08/01/2008|16:43] C:\DOCUME~1\INVIT~1\APPLIC~1\Sandlot Games [17/01/2008|18:28] C:\DOCUME~1\INVIT~1\APPLIC~1\Zylom [18/01/2008|12:58] C:\DOCUME~1\INVIT~1\APPLIC~1\Zylom Games [03/01/2008|21:23] C:\DOCUME~1\Laurent\APPLIC~1\$_hpcst$.hpc [09/03/2008|19:15] C:\DOCUME~1\Laurent\APPLIC~1\. [09/03/2008|19:15] C:\DOCUME~1\Laurent\APPLIC~1\.. [09/03/2008|21:58] C:\DOCUME~1\Laurent\APPLIC~1\Adobe [22/05/2007|11:38] C:\DOCUME~1\Laurent\APPLIC~1\AdobeUM [05/11/2007|12:10] C:\DOCUME~1\Laurent\APPLIC~1\Ahead [04/12/2006|23:54] C:\DOCUME~1\Laurent\APPLIC~1\ATI [12/02/2007|22:05] C:\DOCUME~1\Laurent\APPLIC~1\Corel [01/09/2005|07:08] C:\DOCUME~1\Laurent\APPLIC~1\desktop.ini [07/12/2006|22:53] C:\DOCUME~1\Laurent\APPLIC~1\eConf [09/12/2006|20:30] C:\DOCUME~1\Laurent\APPLIC~1\Google [07/12/2006|22:29] C:\DOCUME~1\Laurent\APPLIC~1\Help [04/03/2007|13:02] C:\DOCUME~1\Laurent\APPLIC~1\HP [01/01/2008|16:09] C:\DOCUME~1\Laurent\APPLIC~1\Identities [21/12/2006|22:39] C:\DOCUME~1\Laurent\APPLIC~1\Leadertech [03/10/2007|10:20] C:\DOCUME~1\Laurent\APPLIC~1\Macromedia [07/03/2008|22:30] C:\DOCUME~1\Laurent\APPLIC~1\Malwarebytes [07/12/2006|22:06] C:\DOCUME~1\Laurent\APPLIC~1\McAfee.com Personal Firewall [09/03/2008|19:15] C:\DOCUME~1\Laurent\APPLIC~1\Microsoft [10/12/2006|20:27] C:\DOCUME~1\Laurent\APPLIC~1\Microsoft Web Folders [19/12/2006|21:41] C:\DOCUME~1\Laurent\APPLIC~1\MSNInstaller [14/07/2007|21:14] C:\DOCUME~1\Laurent\APPLIC~1\Nokia [14/07/2007|21:14] C:\DOCUME~1\Laurent\APPLIC~1\PC Suite [05/11/2007|13:22] C:\DOCUME~1\Laurent\APPLIC~1\Pegasys Inc [10/11/2007|20:39] C:\DOCUME~1\Laurent\APPLIC~1\PlayFirst [21/12/2006|22:39] C:\DOCUME~1\Laurent\APPLIC~1\Sonic [05/11/2007|13:42] C:\DOCUME~1\Laurent\APPLIC~1\STOIK [03/01/2007|20:22] C:\DOCUME~1\Laurent\APPLIC~1\Sun [02/09/2007|18:57] C:\DOCUME~1\Laurent\APPLIC~1\U3 [16/12/2007|15:04] C:\DOCUME~1\Laurent\APPLIC~1\Zylom [07/12/2006|22:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\. [07/12/2006|22:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\.. [07/12/2006|22:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall [01/09/2005|07:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [01/09/2005|07:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\. [01/09/2005|07:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\.. [01/09/2005|07:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [07/01/2008|13:13] C:\DOCUME~1\Patricia\APPLIC~1\$_hpcst$.hpc [10/03/2008|19:51] C:\DOCUME~1\Patricia\APPLIC~1\. [10/03/2008|19:51] C:\DOCUME~1\Patricia\APPLIC~1\.. [12/12/2006|17:30] C:\DOCUME~1\Patricia\APPLIC~1\Adobe [12/12/2006|17:30] C:\DOCUME~1\Patricia\APPLIC~1\AdobeUM [04/12/2006|23:54] C:\DOCUME~1\Patricia\APPLIC~1\ATI [30/12/2006|21:56] C:\DOCUME~1\Patricia\APPLIC~1\Corel [01/09/2005|07:08] C:\DOCUME~1\Patricia\APPLIC~1\desktop.ini [18/02/2008|08:38] C:\DOCUME~1\Patricia\APPLIC~1\Fuzzy Games [18/11/2007|16:20] C:\DOCUME~1\Patricia\APPLIC~1\Gaijin Ent [06/03/2008|19:50] C:\DOCUME~1\Patricia\APPLIC~1\gemsweeperextractedgfx [11/12/2006|09:54] C:\DOCUME~1\Patricia\APPLIC~1\Google [11/12/2006|08:58] C:\DOCUME~1\Patricia\APPLIC~1\Help [08/01/2007|20:45] C:\DOCUME~1\Patricia\APPLIC~1\HP [21/02/2008|19:28] C:\DOCUME~1\Patricia\APPLIC~1\Identities [07/01/2008|10:06] C:\DOCUME~1\Patricia\APPLIC~1\iWin [25/11/2007|16:06] C:\DOCUME~1\Patricia\APPLIC~1\Jane s Hotel [24/10/2007|10:21] C:\DOCUME~1\Patricia\APPLIC~1\Macromedia [27/12/2007|17:38] C:\DOCUME~1\Patricia\APPLIC~1\Magic Academy [08/12/2006|07:10] C:\DOCUME~1\Patricia\APPLIC~1\McAfee.com Personal Firewall [10/03/2008|19:52] C:\DOCUME~1\Patricia\APPLIC~1\Microsoft [07/11/2007|18:08] C:\DOCUME~1\Patricia\APPLIC~1\My Games [15/07/2007|08:21] C:\DOCUME~1\Patricia\APPLIC~1\PC Suite [07/01/2008|20:43] C:\DOCUME~1\Patricia\APPLIC~1\PlayFirst [31/10/2007|18:46] C:\DOCUME~1\Patricia\APPLIC~1\Sandlot Games [06/11/2007|08:29] C:\DOCUME~1\Patricia\APPLIC~1\STOIK [09/01/2007|19:48] C:\DOCUME~1\Patricia\APPLIC~1\Sun [07/02/2008|11:18] C:\DOCUME~1\Patricia\APPLIC~1\Super-Cow [05/12/2007|12:34] C:\DOCUME~1\Patricia\APPLIC~1\Wildfire [18/02/2008|08:38] C:\DOCUME~1\Patricia\APPLIC~1\Zylom ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]--------------- [12/03/2008 14:00][--ah-----] C:\WINDOWS\tasks\AE23C8FE91447BCA.job [22/02/2008 15:05][--a------] C:\WINDOWS\tasks\Norton Security Scan.job [12/03/2008 19:30][--ah-----] C:\WINDOWS\tasks\SA.DAT [10/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini ---------------[ Listing des dossiers dans C:\Program Files ]-------------- [12/03/2008|15:13] C:\Program Files\. [12/03/2008|15:13] C:\Program Files\.. [04/12/2006|23:45] C:\Program Files\Adobe [02/01/2007|21:26] C:\Program Files\Alwil Software [14/05/2007|19:11] C:\Program Files\Anniversaire [10/03/2008|21:13] C:\Program Files\a-squared Anti-Malware [04/12/2006|23:44] C:\Program Files\ATI Technologies [04/12/2006|23:51] C:\Program Files\BAE [15/06/2007|16:22] C:\Program Files\Black Sheep Studio [04/12/2006|23:45] C:\Program Files\Broadcom [16/01/2007|20:53] C:\Program Files\Calendrier [19/05/2007|15:29] C:\Program Files\Canon [07/03/2008|21:52] C:\Program Files\CCleaner [10/06/2007|09:28] C:\Program Files\ChatAndPlay [01/09/2005|07:13] C:\Program Files\ComPlus Applications [16/05/2007|09:56] C:\Program Files\Corel [04/12/2006|23:45] C:\Program Files\Dell [04/12/2006|23:51] C:\Program Files\Dell Network Assistant [14/07/2007|21:14] C:\Program Files\DIFX [16/02/2007|12:54] C:\Program Files\directx [16/02/2007|14:25] C:\Program Files\EA GAMES [16/02/2007|14:25] C:\Program Files\Electronic Arts [09/03/2008|21:38] C:\Program Files\Fichiers communs [11/05/2007|20:33] C:\Program Files\Free [09/03/2008|20:14] C:\Program Files\FreeAngel [01/09/2005|07:27] C:\Program Files\GemMasterFrench [01/02/2007|08:07] C:\Program Files\Google [28/06/2007|17:27] C:\Program Files\Hasbro Interactive [25/07/2007|19:25] C:\Program Files\Hewlett-Packard [25/07/2007|19:26] C:\Program Files\HP [09/03/2008|20:19] C:\Program Files\IKEA HomePlanner [09/03/2008|21:22] C:\Program Files\IncrediMail [09/03/2008|20:33] C:\Program Files\InstallShield Installation Information [04/12/2006|23:45] C:\Program Files\InterActual [11/03/2008|22:13] C:\Program Files\Internet Explorer [04/12/2006|23:40] C:\Program Files\Java [08/03/2008|23:38] C:\Program Files\Lavasoft [02/07/2007|12:12] C:\Program Files\LEGO Media [19/02/2008|13:46] C:\Program Files\Macrogaming [09/03/2008|20:23] C:\Program Files\MaCuisineLapeyre [04/12/2006|23:50] C:\Program Files\McAfee [04/12/2006|23:40] C:\Program Files\Messenger [16/01/2007|21:47] C:\Program Files\metagenia [03/01/2008|21:22] C:\Program Files\Microsoft ActiveSync [10/12/2006|20:27] C:\Program Files\microsoft frontpage [09/12/2006|20:41] C:\Program Files\Microsoft Money [10/12/2006|20:27] C:\Program Files\Microsoft Office [09/03/2008|21:16] C:\Program Files\Microsoft R‚f‚rence [04/12/2006|23:45] C:\Program Files\Microsoft Works [09/03/2008|20:44] C:\Program Files\Mindscape [09/03/2008|19:01] C:\Program Files\Movie Maker [09/03/2008|20:30] C:\Program Files\Mozilla Firefox [09/03/2008|20:30] C:\Program Files\MSN [04/02/2007|18:11] C:\Program Files\MSN Apps [09/03/2008|21:38] C:\Program Files\MSN Games [01/09/2005|07:12] C:\Program Files\MSN Gaming Zone [09/12/2006|22:09] C:\Program Files\MSXML 4.0 [01/09/2005|07:15] C:\Program Files\NetMeeting [14/07/2007|21:14] C:\Program Files\Nokia [22/02/2008|15:00] C:\Program Files\Norton Security Scan [01/09/2005|07:13] C:\Program Files\Online Services [09/03/2008|19:01] C:\Program Files\Outlook Express [14/07/2007|21:14] C:\Program Files\PC Connectivity Solution [17/03/2007|09:08] C:\Program Files\PrintKey 2000 Fr [24/02/2007|17:29] C:\Program Files\QuickTime [04/12/2006|23:47] C:\Program Files\Roxio [01/03/2008|12:51] C:\Program Files\Save Close Bat [10/04/2007|16:04] C:\Program Files\SdLL [01/09/2005|07:15] C:\Program Files\Services en ligne [26/11/2007|21:14] C:\Program Files\Sierra On-Line [04/12/2006|23:42] C:\Program Files\Sigmatel [04/12/2006|23:48] C:\Program Files\Sonic [08/03/2008|21:21] C:\Program Files\ToniArts [07/03/2008|21:10] C:\Program Files\Trend Micro [17/06/2007|10:40] C:\Program Files\Trust [16/12/2006|08:52] C:\Program Files\Ubi Soft [01/09/2005|07:25] C:\Program Files\Uninstall Information [03/01/2008|21:53] C:\Program Files\ViaMichelin [09/03/2008|22:06] C:\Program Files\Wanadoo [20/01/2007|19:12] C:\Program Files\Windows Media Connect 2 [11/03/2008|22:37] C:\Program Files\Windows Media Player [01/09/2005|07:12] C:\Program Files\Windows NT [01/09/2005|07:12] C:\Program Files\Windows Plus [01/09/2005|07:15] C:\Program Files\WindowsUpdate [01/09/2005|07:18] C:\Program Files\xerox [07/03/2008|21:52] C:\Program Files\Yahoo! [09/03/2008|22:07] C:\Program Files\Zylom Games ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------ [09/03/2008|21:38] C:\Program Files\Fichiers communs\. [09/03/2008|21:38] C:\Program Files\Fichiers communs\.. [04/12/2006|23:45] C:\Program Files\Fichiers communs\Adobe [05/11/2007|13:03] C:\Program Files\Fichiers communs\Ahead [04/12/2006|23:46] C:\Program Files\Fichiers communs\Corel [10/12/2006|20:29] C:\Program Files\Fichiers communs\Designer [05/07/2007|17:03] C:\Program Files\Fichiers communs\DirectX [06/01/2007|18:15] C:\Program Files\Fichiers communs\Hewlett-Packard [25/07/2007|19:27] C:\Program Files\Fichiers communs\HP [27/12/2006|17:23] C:\Program Files\Fichiers communs\InstallShield [04/12/2006|23:39] C:\Program Files\Fichiers communs\Java [03/01/2008|21:22] C:\Program Files\Fichiers communs\Microsoft Shared [01/09/2005|07:15] C:\Program Files\Fichiers communs\MSSoap [14/07/2007|21:14] C:\Program Files\Fichiers communs\Nokia [01/09/2005|07:08] C:\Program Files\Fichiers communs\ODBC [17/06/2007|10:40] C:\Program Files\Fichiers communs\PCCamera [14/07/2007|21:14] C:\Program Files\Fichiers communs\PCSuite [04/12/2006|23:47] C:\Program Files\Fichiers communs\Roxio Shared [01/09/2005|07:15] C:\Program Files\Fichiers communs\Services [25/07/2007|19:01] C:\Program Files\Fichiers communs\Sonic Shared [01/09/2005|07:08] C:\Program Files\Fichiers communs\SpeechEngines [09/03/2008|19:01] C:\Program Files\Fichiers communs\System [02/01/2007|21:11] C:\Program Files\Fichiers communs\SystemRequirementsLab [04/12/2006|23:47] C:\Program Files\Fichiers communs\TiVo Shared [09/03/2008|20:19] C:\Program Files\Fichiers communs\Wise Installation Wizard ----------------------[ Recherche avec S_Lop ]--------------------- Aucun fichier / dossier Lop trouvé ! -----------------[ Recherche de Fichiers / Dossiers Lop ]----------------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\MANAGER FIVE.exe C:\WINDOWS\Tasks\AE23C8FE91447BCA.job ----------------------[ Verification du Registre ]---------------------- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MATH DOES FIRST MODE"="C:\\Documents and Settings\\All Users\\Application Data\\live 64 math does\\MANAGER FIVE.exe" --------------------[ Verification du fichier Hosts ]--------------------- Fichier Hosts MODIFIE 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD 127.0.0.1 download.cdn.errorsafe.com ## added by CiD 127.0.0.1 download.cdn.winsoftware.com ## added by CiD 127.0.0.1 download.errorsafe.com ## added by CiD 127.0.0.1 download.systemdoctor.com ## added by CiD 127.0.0.1 download.winantispyware.com ## added by CiD 127.0.0.1 download.windrivecleaner.com ## added by CiD 127.0.0.1 download.winfixer.com ## added by CiD 127.0.0.1 drivecleaner.com ## added by CiD 127.0.0.1 dynamique.drivecleaner.com ## added by CiD 127.0.0.1 errorprotector.com ## added by CiD 127.0.0.1 errorsafe.com ## added by CiD 127.0.0.1 es.winantivirus.com ## added by CiD 127.0.0.1 fr.winantivirus.com ## added by CiD 127.0.0.1 fr.winfixer.com ## added by CiD 127.0.0.1 go.drivecleaner.com ## added by CiD 127.0.0.1 go.errorsafe.com ## added by CiD 127.0.0.1 go.winantispyware.com ## added by CiD 127.0.0.1 go.winantivirus.com ## added by CiD 127.0.0.1 hk.winantivirus.com ## added by CiD 127.0.0.1 instlog.errorsafe.com ## added by CiD 127.0.0.1 instlog.winantivirus.com ## added by CiD 127.0.0.1 instlog.winfixer.com ## added by CiD 127.0.0.1 jsp.drivecleaner.com ## added by CiD 127.0.0.1 kb.errorsafe.com ## added by CiD 127.0.0.1 kb.winantivirus.com ## added by CiD 127.0.0.1 nl.errorsafe.com ## added by CiD 127.0.0.1 se.errorsafe.com ## added by CiD 127.0.0.1 secure.drivecleaner.com ## added by CiD 127.0.0.1 secure.errorsafe.com ## added by CiD 127.0.0.1 secure.winantispam.com ## added by CiD 127.0.0.1 secure.winantispy.com ## added by CiD 127.0.0.1 secure.winantivirus.com ## added by CiD 127.0.0.1 support.winantivirus.com ## added by CiD 127.0.0.1 trial.updates.winsoftware.com ## added by CiD 127.0.0.1 ulog.winantivirus.com ## added by CiD 127.0.0.1 utils.errorsafe.com ## added by CiD 127.0.0.1 utils.winantivirus.com ## added by CiD 127.0.0.1 utils.winfixer.com ## added by CiD 127.0.0.1 winantispyware.com ## added by CiD 127.0.0.1 winantivirus.com ## added by CiD 127.0.0.1 winfixer.com ## added by CiD 127.0.0.1 winfixer2006.com ## added by CiD 127.0.0.1 winsoftware.com ## added by CiD 127.0.0.1 www.drivecleaner.com ## added by CiD 127.0.0.1 www.errorprotector.com ## added by CiD 127.0.0.1 www.errorsafe.com ## added by CiD 127.0.0.1 www.systemdoctor.com ## added by CiD 127.0.0.1 www.utils.winfixer.com ## added by CiD 127.0.0.1 www.win-anti-virus-pro.com ## added by CiD 127.0.0.1 www.win-virus-pro.com ## added by CiD 127.0.0.1 www.winantispam.com ## added by CiD 127.0.0.1 www.winantispy.com ## added by CiD 127.0.0.1 www.winantispyware.com ## added by CiD 127.0.0.1 www.winantivirus.com ## added by CiD 127.0.0.1 www.winantiviruspro.com ## added by CiD 127.0.0.1 www.windrivecleaner.com ## added by CiD 127.0.0.1 www.windrivesafe.com ## added by CiD 127.0.0.1 www.winfixer.com ## added by CiD 127.0.0.1 www.winfixer2006.com ## added by CiD 127.0.0.1 www.winsoftware.com ## added by CiD -> 72 ( 70 ## added by CiD ) /!\ 1 Not 127.0.0.1 !! ----------------[ Recherche de fichiers avec Catchme ]----------------- catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-12 19:45:05 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden files ... scan completed successfully hidden files: 0 --------------------[ Recherche d'autres infections ]--------------------- C:\WINDOWS\system32\kjkkj.ini2 ! VUNDO Possible ! /!\ [Fich:1][Doss:0] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp /!\ [Fich:1][Doss:0] C:\DOCUME~1\ADMINI~1\Cookies /!\ [Fich:6][Doss:4] C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5 --------------------[ Fin du rapport a 19:45:21,71 ]----------------------