flowstylz

Virus or unwanted program 'TR/Dldr.Swizzor.Gen [trojan]' detected in file 'E:\System Volume Information\_restore{85CE1B43-63F5-469A-9D90-2B103B807E25}\RP83\A0050108.exe. Virus or unwanted program 'TR/Dldr.Swizzor.Gen [trojan]' detected in file 'E:\Program Files\Circle Developement\Uninstall.exe. Action performed: Delete file Virus or unwanted program 'TR/Dldr.Swizzor.Gen [trojan]' detected in file 'E:\System Volume Information\_restore{85CE1B43-63F5-469A-9D90-2B103B807E25}\RP83\A0050108.exe. Action performed: Delete file Virus or unwanted program 'TR/Dldr.Swizzor.Gen [trojan]' detected in file 'E:\System Volume Information\_restore{85CE1B43-63F5-469A-9D90-2B103B807E25}\RP83\A0050109.exe. Action performed: Delete file Virus or unwanted program 'TR/Dldr.Swizzor.Gen [trojan]' detected in file 'E:\System Volume Information\_restore{85CE1B43-63F5-469A-9D90-2B103B807E25}\RP84\A0050208.exe. Action performed: Delete file Virus or unwanted program 'TR/Dldr.Swizzor.Gen [trojan]' detected in file 'E:\System Volume Information\_restore{85CE1B43-63F5-469A-9D90-2B103B807E25}\RP84\A0050209.exe. Action performed: Delete file comme tu vois c'est pas fini heureusement que c'est ma fête aujourd'hui! je fais quand même ce que tu m'a dit?

l'ordi marche nickel merci angélique! mais antivir à quand même dépister ça: Virus or unwanted program 'TR/Dldr.Swizzor.Gen [trojan]' detected in file 'E:\System Volume Information\_restore{85CE1B43-63F5-469A-9D90-2B103B807E25}\RP83\A0050108.exe. je l'ai virer donc y'a plus de soucis? à croire que y'a quelqu'un qui m'en veut à force! lol

ça y'est j'ai désactiver et réactiver la restauration! qu'est ce que je fais maintenant?

j'ai plus de pubs mais l'ordi est un poil lent!

coucou angélique! j'ai fait un scan ça y'est j'ai trouvé les intrus E:\System Volume Information\_restore{85CE1B43-63F5-469A-9D90-2B103B807E25}\RP32\A0014268.exe Infected: not-a-virus:FraudTool.Win32.Takedawnload.a skipped E:\System Volume Information\_restore{85CE1B43-63F5-469A-9D90-2B103B807E25}\RP45\A0022535.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped E:\System Volume Information\_restore{85CE1B43-63F5-469A-9D90-2B103B807E25}\RP46\A0022701.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.az skipped E:\System Volume Information\_restore{85CE1B43-63F5-469A-9D90-2B103B807E25}\RP46\A0022711.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.az skipped E:\System Volume Information\_restore{85CE1B43-63F5-469A-9D90-2B103B807E25}\RP47\A0022863.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.az skipped je te donne pas le scan en entier comme ça ça fait un gain de temps pour toi et aussi le scan et super long donc voila! qu'est ce que je dois faire? merci pour tes conseils!!

windows me bloque le téléchargement de l'active x il me dit que ça vient d'un éditeur inconnu?

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:35:09, on 30/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe E:\WINDOWS\system32\spoolsv.exe E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe E:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe E:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\Explorer.EXE E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe E:\Program Files\HP\HP Software Update\HPWuSchd2.exe E:\WINDOWS\SOUNDMAN.EXE E:\Program Files\Java\jre1.6.0_06\bin\jusched.exe E:\Program Files\Orange HSS\Systray\SystrayApp.exe E:\WINDOWS\system32\ctfmon.exe E:\Program Files\Free Download Manager\fdm.exe E:\WINDOWS\system32\rundll32.exe E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe E:\Program Files\Orange HSS\Launcher\Launcher.exe E:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe E:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe E:\Program Files\Orange HSS\Deskboard\deskboard.exe E:\Program Files\Orange HSS\connectivity\connectivitymanager.exe E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe E:\Program Files\Orange HSS\connectivity\CoreCom\CoreCom.exe E:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe E:\Program Files\Orange HSS\connectivity\CoreCom\OraConfigRecover.exe E:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe E:\Program Files\Windows Live\Messenger\usnsvc.exe E:\Program Files\Windows Live\Messenger\msnmsgr.exe E:\WINDOWS\system32\wuauclt.exe E:\Program Files\Mozilla Firefox\firefox.exe E:\Documents and Settings\florent\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - E:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [systrayORAHSS] "E:\Program Files\Orange HSS\Systray\SystrayApp.exe" O4 - HKLM\..\Run: [ORAHSSSessionManager] E:\Program Files\Orange HSS\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-1614895754-343818398-725345543-1003\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://E:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Download all with Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download web site with Free Download Manager - file://E:\Program Files\Free Download Manager\dlpage.htm O8 - Extra context menu item: Download with Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://E:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?11bf5cfaaa914654ab49e924e0e22865 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://E:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?11bf5cfaaa914654ab49e924e0e22865 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.orange.fr O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - E:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.6.0_06) - O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_06) - O17 - HKLM\System\CCS\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O17 - HKLM\System\CS1\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O17 - HKLM\System\CS2\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Boonty Games - BOONTY - E:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - E:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe -- End of file - 12468 bytes voici mon rapport! mon disque dur est en E mais c'est tout à fait normal problèmes de clusters en mauvais état donc j'ai du changer la partition de la lettre! merci d'avance!

bonjour j'ai quelques problèmes de pubs sur mon ordi j'en ai pas énormément mais elles m'embétent un peu! j'ai fait une analyse avec antivir qui ne m'a rien trouver j'ai donc fait une analyse avec malwarebytes qui ne m'a rien trouver! j'ai donc fait une analyse avec spybot qui m'a trouver ad yieldmanager! je l'ai donc supprimer! le probléme c'est qu'il y'a encore quelques pubs qui viennent m'ennuyer! si quelqu'un pouvait m'aider? merci d'avance

Malwarebytes' Anti-Malware 1.14 Version de la base de données: 815 21:01:12 02/06/2008 mbam-log-6-2-2008 (21-01-12).txt Type de recherche: Examen complet (A:\|C:\|E:\|) Eléments examinés: 143922 Temps écoulé: 1 hour(s), 14 minute(s), 34 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) oui ça y'est c'est terminer pour les pubs merci! je veux poser une dernière question est-ce que spybot et ad-aware sont si utiles que ça?

voici mon rapport -----------------------[ Lop S&D 4.2.1-2 XP/Vista ]--------------------- [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : florent ] [ "E:\Lop SD" ] [ Selection : 3 ] [ 01/06/2008 | 22:12:49,53 ] [ PC : INTEGRA ] [ MAJ : 01-06-2008 | 15:51 ] \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION ///////////////////////////// voici mon hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:21:21, on 01/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe E:\WINDOWS\system32\spoolsv.exe E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe E:\Program Files\HP\HP Software Update\HPWuSchd2.exe E:\WINDOWS\SOUNDMAN.EXE E:\Program Files\Java\jre1.6.0_06\bin\jusched.exe E:\Program Files\Orange HSS\Systray\SystrayApp.exe E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe E:\WINDOWS\system32\ctfmon.exe E:\Program Files\Free Download Manager\fdm.exe E:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe E:\Program Files\Windows Live\Messenger\msnmsgr.exe E:\WINDOWS\system32\rundll32.exe E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe E:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\svchost.exe E:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe E:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe E:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe E:\WINDOWS\system32\wpabaln.exe E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe E:\WINDOWS\explorer.exe E:\PROGRA~1\MOZILL~1\FIREFOX.EXE E:\Documents and Settings\florent\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://em.gad-network.com/eas?camp=15339;ty=ct R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - E:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [memo site kind that] E:\Documents and Settings\All Users\Application Data\Grid Blue Memo Site\chic camp.exe O4 - HKLM\..\Run: [systrayORAHSS] "E:\Program Files\Orange HSS\Systray\SystrayApp.exe" O4 - HKLM\..\Run: [ORAHSSSessionManager] E:\Program Files\Orange HSS\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun O4 - HKCU\..\Run: [MsgCenterExe] "E:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://E:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Download all with Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download web site with Free Download Manager - file://E:\Program Files\Free Download Manager\dlpage.htm O8 - Extra context menu item: Download with Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://E:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?11bf5cfaaa914654ab49e924e0e22865 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://E:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?11bf5cfaaa914654ab49e924e0e22865 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - E:\Program Files\Yahoo!\Common\yinsthelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O17 - HKLM\System\CS1\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O17 - HKLM\System\CS2\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Boonty Games - BOONTY - E:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - E:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe -- End of file - 11585 bytes voici le rapport de l'utilitaire de désinfection Supprimé! - E:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site\chic camp.exe Supprimé! - E:\Program Files\Circle Developement\Uninstall.exe Supprimé! - E:\WINDOWS\Prefetch\CHIC CAMP.EXE-27FE4568.pf Supprimé! - E:\DOCUME~1\florent\Cookies\florent@adin.bigpoint[1].txt Supprimé! - E:\DOCUME~1\florent\Cookies\florent@bigpoint[1].txt Supprimé! - E:\DOCUME~1\florent\Cookies\florent@fr1.seafight.bigpoint[1].txt Supprimé! - E:\DOCUME~1\florent\Cookies\florent@banner.cotedazurpalace[2].txt Supprimé! - E:\DOCUME~1\florent\Cookies\florent@cotedazurpalace[2].txt Supprimé! - E:\DOCUME~1\florent\Cookies\florent@adopt.euroclick[2].txt Supprimé! - E:\DOCUME~1\florent\Cookies\florent@pacificpoker[1].txt Supprimé! - E:\WINDOWS\Tasks\A408CF9993834671.job Supprimé! - E:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site Supprimé! - E:\Program Files\second~1 Supprimé! - E:\Program Files\Circle Developement //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ -------------[ Listing des dossiers dans Application Data ]------------ [30/05/2008|16:42] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [29/05/2008|14:05] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [24/05/2008|02:28] E:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8 [24/05/2008|01:18] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [24/05/2008|13:48] E:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [23/05/2008|22:03] E:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [23/05/2008|20:19] E:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [24/05/2008|04:02] E:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [24/05/2008|04:02] E:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log [30/05/2008|14:37] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [26/05/2008|00:02] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [25/05/2008|23:59] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [31/05/2008|23:12] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [29/05/2008|13:59] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [25/05/2008|11:58] E:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA [25/05/2008|16:59] E:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [31/05/2008|02:29] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [23/05/2008|14:55] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [25/05/2008|21:53] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [25/05/2008|23:58] E:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [27/05/2008|00:06] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [25/05/2008|22:20] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [24/05/2008|03:00] E:\DOCUME~1\Cindy\APPLIC~1\Adobe [23/05/2008|20:19] E:\DOCUME~1\Cindy\APPLIC~1\desktop.ini [24/05/2008|13:13] E:\DOCUME~1\Cindy\APPLIC~1\Free Download Manager [24/05/2008|12:56] E:\DOCUME~1\Cindy\APPLIC~1\HP [24/05/2008|02:55] E:\DOCUME~1\Cindy\APPLIC~1\Identities [24/05/2008|03:00] E:\DOCUME~1\Cindy\APPLIC~1\Macromedia [24/05/2008|19:43] E:\DOCUME~1\Cindy\APPLIC~1\Microsoft [24/05/2008|02:58] E:\DOCUME~1\Cindy\APPLIC~1\Mozilla [24/05/2008|19:55] E:\DOCUME~1\Cindy\APPLIC~1\Sun [24/05/2008|02:59] E:\DOCUME~1\Cindy\APPLIC~1\Talkback [23/05/2008|20:19] E:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [23/05/2008|14:52] E:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [23/05/2008|23:35] E:\DOCUME~1\florent\APPLIC~1\Adobe [29/05/2008|17:39] E:\DOCUME~1\florent\APPLIC~1\Ahead [23/05/2008|23:39] E:\DOCUME~1\florent\APPLIC~1\CyberLink [23/05/2008|20:19] E:\DOCUME~1\florent\APPLIC~1\desktop.ini [23/05/2008|23:43] E:\DOCUME~1\florent\APPLIC~1\DivX [01/06/2008|22:12] E:\DOCUME~1\florent\APPLIC~1\Free Download Manager [24/05/2008|10:22] E:\DOCUME~1\florent\APPLIC~1\HP [23/05/2008|23:18] E:\DOCUME~1\florent\APPLIC~1\Identities [28/05/2008|17:19] E:\DOCUME~1\florent\APPLIC~1\InstallShield [23/05/2008|23:35] E:\DOCUME~1\florent\APPLIC~1\Macromedia [23/05/2008|23:43] E:\DOCUME~1\florent\APPLIC~1\Media Player Classic [30/05/2008|18:05] E:\DOCUME~1\florent\APPLIC~1\Microsoft [23/05/2008|23:19] E:\DOCUME~1\florent\APPLIC~1\Mozilla [24/05/2008|01:50] E:\DOCUME~1\florent\APPLIC~1\Real [24/05/2008|11:50] E:\DOCUME~1\florent\APPLIC~1\Sun [23/05/2008|23:19] E:\DOCUME~1\florent\APPLIC~1\Talkback [24/05/2008|00:29] E:\DOCUME~1\florent\APPLIC~1\vlc [24/05/2008|10:24] E:\DOCUME~1\florent\APPLIC~1\WinRAR [24/05/2008|13:45] E:\DOCUME~1\Kevin\APPLIC~1\Adobe [23/05/2008|20:19] E:\DOCUME~1\Kevin\APPLIC~1\desktop.ini [01/06/2008|19:26] E:\DOCUME~1\Kevin\APPLIC~1\Free Download Manager [24/05/2008|13:30] E:\DOCUME~1\Kevin\APPLIC~1\HP [24/05/2008|13:29] E:\DOCUME~1\Kevin\APPLIC~1\Identities [24/05/2008|13:45] E:\DOCUME~1\Kevin\APPLIC~1\Macromedia [29/05/2008|18:30] E:\DOCUME~1\Kevin\APPLIC~1\Microsoft [24/05/2008|13:43] E:\DOCUME~1\Kevin\APPLIC~1\Mozilla [24/05/2008|13:44] E:\DOCUME~1\Kevin\APPLIC~1\Talkback [24/05/2008|15:09] E:\DOCUME~1\Kevin\APPLIC~1\vlc [24/05/2008|04:03] E:\DOCUME~1\LOCALS~1\APPLIC~1\HP [28/05/2008|00:47] E:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [24/05/2008|02:28] E:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [23/05/2008|22:46] E:\DOCUME~1\UTILIS~1\APPLIC~1\Adobe [23/05/2008|22:03] E:\DOCUME~1\UTILIS~1\APPLIC~1\CyberLink [23/05/2008|16:40] E:\DOCUME~1\UTILIS~1\APPLIC~1\desktop.ini [23/05/2008|20:54] E:\DOCUME~1\UTILIS~1\APPLIC~1\DivX [23/05/2008|23:17] E:\DOCUME~1\UTILIS~1\APPLIC~1\Free Download Manager [24/05/2008|13:09] E:\DOCUME~1\UTILIS~1\APPLIC~1\HP [23/05/2008|18:43] E:\DOCUME~1\UTILIS~1\APPLIC~1\Identities [23/05/2008|22:46] E:\DOCUME~1\UTILIS~1\APPLIC~1\Macromedia [23/05/2008|20:54] E:\DOCUME~1\UTILIS~1\APPLIC~1\Media Player Classic [24/05/2008|02:28] E:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft [23/05/2008|22:44] E:\DOCUME~1\UTILIS~1\APPLIC~1\Mozilla [23/05/2008|15:20] E:\DOCUME~1\UTILIS~1\APPLIC~1\Nero [23/05/2008|22:50] E:\DOCUME~1\UTILIS~1\APPLIC~1\Sun [23/05/2008|22:44] E:\DOCUME~1\UTILIS~1\APPLIC~1\Talkback ----------------[ Tâches planifiées dans E:\WINDOWS\tasks ]--------------- [01/06/2008 21:35][--a------] E:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job [01/06/2008 21:50][--ah-----] E:\WINDOWS\tasks\SA.DAT [07/12/2004 03:51][-r-h-----] E:\WINDOWS\tasks\desktop.ini ---------------[ Listing des dossiers dans E:\Program Files ]-------------- [23/05/2008|15:08] E:\Program Files\Adobe [25/05/2008|11:46] E:\Program Files\AMD [29/05/2008|13:24] E:\Program Files\AskTBar [23/05/2008|18:53] E:\Program Files\AVG [24/05/2008|01:18] E:\Program Files\Avira [25/05/2008|11:42] E:\Program Files\AvRack [29/05/2008|03:11] E:\Program Files\Belkin [24/05/2008|13:46] E:\Program Files\Boonty [24/05/2008|13:47] E:\Program Files\BoontyGames [25/05/2008|22:05] E:\Program Files\CCleaner [23/05/2008|14:48] E:\Program Files\ComPlus Applications [23/05/2008|15:11] E:\Program Files\CyberLink [23/05/2008|23:45] E:\Program Files\DivX [01/06/2008|21:57] E:\Program Files\eMule [29/05/2008|16:31] E:\Program Files\Fichiers communs [23/05/2008|15:09] E:\Program Files\Free Download Manager [24/05/2008|03:57] E:\Program Files\Hewlett-Packard [24/05/2008|04:01] E:\Program Files\HP [31/05/2008|01:25] E:\Program Files\InstallShield Installation Information [26/05/2008|22:09] E:\Program Files\Internet Explorer [25/05/2008|12:44] E:\Program Files\Java [30/05/2008|14:36] E:\Program Files\Lavasoft [23/05/2008|15:12] E:\Program Files\Media Player Classic [23/05/2008|14:48] E:\Program Files\Messenger [25/05/2008|22:00] E:\Program Files\Messenger Plus! Live [23/05/2008|15:12] E:\Program Files\microsoft frontpage [23/05/2008|15:40] E:\Program Files\Microsoft Office [23/05/2008|15:40] E:\Program Files\Microsoft Visual Studio [23/05/2008|15:40] E:\Program Files\Microsoft Works [23/05/2008|15:40] E:\Program Files\Microsoft.NET [23/05/2008|20:31] E:\Program Files\Movie Maker [01/06/2008|22:06] E:\Program Files\Mozilla Firefox [23/05/2008|15:34] E:\Program Files\MSBuild [23/05/2008|20:33] E:\Program Files\msn gaming zone [26/05/2008|00:00] E:\Program Files\MSN Messenger [23/05/2008|15:04] E:\Program Files\MSXML 4.0 [23/05/2008|15:04] E:\Program Files\MSXML 6.0 [29/05/2008|13:59] E:\Program Files\Nero [23/05/2008|20:30] E:\Program Files\NetMeeting [28/05/2008|17:25] E:\Program Files\Orange HSS [23/05/2008|22:22] E:\Program Files\Outlook Express [29/05/2008|16:29] E:\Program Files\PhotoFiltre [25/05/2008|11:42] E:\Program Files\Realtek AC97 [25/05/2008|11:42] E:\Program Files\Realtek Sound Manager [23/05/2008|15:28] E:\Program Files\Reference Assemblies [28/05/2008|17:19] E:\Program Files\SAGEM [28/05/2008|17:18] E:\Program Files\Securitoo [23/05/2008|14:51] E:\Program Files\Services en ligne [23/05/2008|21:49] E:\Program Files\SIW [31/05/2008|01:35] E:\Program Files\Spybot - Search & Destroy [01/06/2008|17:27] E:\Program Files\Steam [31/05/2008|01:25] E:\Program Files\ToniArts [29/05/2008|13:24] E:\Program Files\Uninstall Ask Toolbar.dll [23/05/2008|18:43] E:\Program Files\Uninstall Information [24/05/2008|00:24] E:\Program Files\VideoLAN [25/05/2008|23:58] E:\Program Files\Windows Live [25/05/2008|21:53] E:\Program Files\Windows Live Favorites [25/05/2008|21:53] E:\Program Files\Windows Live Toolbar [23/05/2008|14:56] E:\Program Files\Windows Media Connect 2 [29/05/2008|13:42] E:\Program Files\Windows Media Player [23/05/2008|20:28] E:\Program Files\Windows NT [23/05/2008|14:51] E:\Program Files\WindowsUpdate [23/05/2008|18:41] E:\Program Files\WinRar [23/05/2008|15:12] E:\Program Files\xerox [23/05/2008|18:41] E:\Program Files\Xvid [25/05/2008|22:05] E:\Program Files\Yahoo! [28/05/2008|00:28] E:\Program Files\Zylom Games ------[ Listing des dossiers dans E:\Program Files\Fichiers communs ]------ [23/05/2008|15:08] E:\Program Files\Fichiers communs\Adobe [29/05/2008|14:03] E:\Program Files\Fichiers communs\Ahead [24/05/2008|13:47] E:\Program Files\Fichiers communs\BOONTY Shared [23/05/2008|15:40] E:\Program Files\Fichiers communs\DESIGNER [28/05/2008|17:22] E:\Program Files\Fichiers communs\France Telecom [24/05/2008|03:56] E:\Program Files\Fichiers communs\Hewlett-Packard [24/05/2008|04:01] E:\Program Files\Fichiers communs\HP [25/05/2008|11:39] E:\Program Files\Fichiers communs\InstallShield [25/05/2008|12:44] E:\Program Files\Fichiers communs\Java [25/05/2008|23:59] E:\Program Files\Fichiers communs\Microsoft Shared [23/05/2008|14:50] E:\Program Files\Fichiers communs\MSSoap [23/05/2008|21:10] E:\Program Files\Fichiers communs\Nero [23/05/2008|16:40] E:\Program Files\Fichiers communs\ODBC [24/05/2008|01:50] E:\Program Files\Fichiers communs\Real [23/05/2008|14:50] E:\Program Files\Fichiers communs\Services [23/05/2008|16:40] E:\Program Files\Fichiers communs\SpeechEngines [23/05/2008|22:22] E:\Program Files\Fichiers communs\System [25/05/2008|23:59] E:\Program Files\Fichiers communs\WindowsLiveInstaller [30/05/2008|14:35] E:\Program Files\Fichiers communs\Wise Installation Wizard ---------------------------[ Process ]-------------------------- ... 40 ... OK ! ----------------------[ Recherche avec S_Lop ]--------------------- Aucun fichier / dossier Lop trouvé ! -----------------[ Recherche de Fichiers / Dossiers Lop ]----------------- Aucun fichier / dossier Lop trouvé ! ----------------------[ Verification du Registre ]---------------------- ..... OK ! --------------------[ Verification du fichier Hosts ]--------------------- Fichier Hosts PROPRE ----------------[ Recherche de fichiers avec Catchme ]----------------- catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-01 22:14:01 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------[ Recherche d'autres infections ]--------------------- => E:\Documents and Settings\florent\.housecall6.6\Quarantine\WinRAR.v3.xx.Crack.exe.bac_a03624 [F:49][D:5]-> E:\DOCUME~1\florent\LOCALS~1\Temp [F:51][D:0]-> E:\DOCUME~1\florent\Cookies [F:1047][D:4]-> E:\DOCUME~1\florent\LOCALS~1\TEMPOR~1\content.IE5 --------------------[ Fin du rapport a 22:14:23,45 ]---------------------- oui j'avais avg avant mais il était périmé je télécharge quand même malwarebyte?

voici mon rapport -----------------------[ Lop S&D 4.2.1-2 XP/Vista ]--------------------- [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : florent ] [ "E:\Lop SD" ] [ Selection : 1 ] [ 01/06/2008 | 21:05:23,42 ] [ PC : INTEGRA ] [ MAJ : 01-06-2008 | 15:51 ] -------------[ Listing des dossiers dans Application Data ]------------ [30/05/2008|16:42] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [29/05/2008|14:05] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [24/05/2008|02:28] E:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8 [24/05/2008|01:18] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [24/05/2008|13:48] E:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [23/05/2008|22:03] E:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [23/05/2008|20:19] E:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [25/05/2008|22:01] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site [24/05/2008|04:02] E:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [24/05/2008|04:02] E:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log [30/05/2008|14:37] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [26/05/2008|00:02] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [25/05/2008|23:59] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [31/05/2008|23:12] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [29/05/2008|13:59] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [25/05/2008|11:58] E:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA [25/05/2008|16:59] E:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [31/05/2008|02:29] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [23/05/2008|14:55] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [25/05/2008|21:53] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [25/05/2008|23:58] E:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [27/05/2008|00:06] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [25/05/2008|22:20] E:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [24/05/2008|03:00] E:\DOCUME~1\Cindy\APPLIC~1\Adobe [23/05/2008|20:19] E:\DOCUME~1\Cindy\APPLIC~1\desktop.ini [24/05/2008|13:13] E:\DOCUME~1\Cindy\APPLIC~1\Free Download Manager [24/05/2008|12:56] E:\DOCUME~1\Cindy\APPLIC~1\HP [24/05/2008|02:55] E:\DOCUME~1\Cindy\APPLIC~1\Identities [24/05/2008|03:00] E:\DOCUME~1\Cindy\APPLIC~1\Macromedia [24/05/2008|19:43] E:\DOCUME~1\Cindy\APPLIC~1\Microsoft [24/05/2008|02:58] E:\DOCUME~1\Cindy\APPLIC~1\Mozilla [24/05/2008|19:55] E:\DOCUME~1\Cindy\APPLIC~1\Sun [24/05/2008|02:59] E:\DOCUME~1\Cindy\APPLIC~1\Talkback [23/05/2008|20:19] E:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [23/05/2008|14:52] E:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [23/05/2008|23:35] E:\DOCUME~1\florent\APPLIC~1\Adobe [29/05/2008|17:39] E:\DOCUME~1\florent\APPLIC~1\Ahead [23/05/2008|23:39] E:\DOCUME~1\florent\APPLIC~1\CyberLink [23/05/2008|20:19] E:\DOCUME~1\florent\APPLIC~1\desktop.ini [23/05/2008|23:43] E:\DOCUME~1\florent\APPLIC~1\DivX [01/06/2008|21:03] E:\DOCUME~1\florent\APPLIC~1\Free Download Manager [24/05/2008|10:22] E:\DOCUME~1\florent\APPLIC~1\HP [23/05/2008|23:18] E:\DOCUME~1\florent\APPLIC~1\Identities [28/05/2008|17:19] E:\DOCUME~1\florent\APPLIC~1\InstallShield [23/05/2008|23:35] E:\DOCUME~1\florent\APPLIC~1\Macromedia [23/05/2008|23:43] E:\DOCUME~1\florent\APPLIC~1\Media Player Classic [30/05/2008|18:05] E:\DOCUME~1\florent\APPLIC~1\Microsoft [23/05/2008|23:19] E:\DOCUME~1\florent\APPLIC~1\Mozilla [24/05/2008|01:50] E:\DOCUME~1\florent\APPLIC~1\Real [24/05/2008|11:50] E:\DOCUME~1\florent\APPLIC~1\Sun [23/05/2008|23:19] E:\DOCUME~1\florent\APPLIC~1\Talkback [24/05/2008|00:29] E:\DOCUME~1\florent\APPLIC~1\vlc [24/05/2008|10:24] E:\DOCUME~1\florent\APPLIC~1\WinRAR [24/05/2008|13:45] E:\DOCUME~1\Kevin\APPLIC~1\Adobe [23/05/2008|20:19] E:\DOCUME~1\Kevin\APPLIC~1\desktop.ini [01/06/2008|19:26] E:\DOCUME~1\Kevin\APPLIC~1\Free Download Manager [24/05/2008|13:30] E:\DOCUME~1\Kevin\APPLIC~1\HP [24/05/2008|13:29] E:\DOCUME~1\Kevin\APPLIC~1\Identities [24/05/2008|13:45] E:\DOCUME~1\Kevin\APPLIC~1\Macromedia [29/05/2008|18:30] E:\DOCUME~1\Kevin\APPLIC~1\Microsoft [24/05/2008|13:43] E:\DOCUME~1\Kevin\APPLIC~1\Mozilla [24/05/2008|13:44] E:\DOCUME~1\Kevin\APPLIC~1\Talkback [24/05/2008|15:09] E:\DOCUME~1\Kevin\APPLIC~1\vlc [24/05/2008|04:03] E:\DOCUME~1\LOCALS~1\APPLIC~1\HP [28/05/2008|00:47] E:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [24/05/2008|02:28] E:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [23/05/2008|22:46] E:\DOCUME~1\UTILIS~1\APPLIC~1\Adobe [23/05/2008|22:03] E:\DOCUME~1\UTILIS~1\APPLIC~1\CyberLink [23/05/2008|16:40] E:\DOCUME~1\UTILIS~1\APPLIC~1\desktop.ini [23/05/2008|20:54] E:\DOCUME~1\UTILIS~1\APPLIC~1\DivX [23/05/2008|23:17] E:\DOCUME~1\UTILIS~1\APPLIC~1\Free Download Manager [24/05/2008|13:09] E:\DOCUME~1\UTILIS~1\APPLIC~1\HP [23/05/2008|18:43] E:\DOCUME~1\UTILIS~1\APPLIC~1\Identities [23/05/2008|22:46] E:\DOCUME~1\UTILIS~1\APPLIC~1\Macromedia [23/05/2008|20:54] E:\DOCUME~1\UTILIS~1\APPLIC~1\Media Player Classic [24/05/2008|02:28] E:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft [23/05/2008|22:44] E:\DOCUME~1\UTILIS~1\APPLIC~1\Mozilla [23/05/2008|15:20] E:\DOCUME~1\UTILIS~1\APPLIC~1\Nero [23/05/2008|22:50] E:\DOCUME~1\UTILIS~1\APPLIC~1\Sun [23/05/2008|22:44] E:\DOCUME~1\UTILIS~1\APPLIC~1\Talkback ----------------[ Tâches planifiées dans E:\WINDOWS\tasks ]--------------- [01/06/2008 21:00][--ah-----] E:\WINDOWS\tasks\A408CF9993834671.job [01/06/2008 20:35][--a------] E:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job [01/06/2008 12:10][--ah-----] E:\WINDOWS\tasks\SA.DAT [07/12/2004 03:51][-r-h-----] E:\WINDOWS\tasks\desktop.ini A408CF9993834671.job <--> e:\docume~1\cindy_2\applic~1\second~1\ActiveLoadUser.exe ---------------[ Listing des dossiers dans E:\Program Files ]-------------- [23/05/2008|15:08] E:\Program Files\Adobe [25/05/2008|11:46] E:\Program Files\AMD [29/05/2008|13:24] E:\Program Files\AskTBar [23/05/2008|18:53] E:\Program Files\AVG [24/05/2008|01:18] E:\Program Files\Avira [25/05/2008|11:42] E:\Program Files\AvRack [29/05/2008|03:11] E:\Program Files\Belkin [24/05/2008|13:46] E:\Program Files\Boonty [24/05/2008|13:47] E:\Program Files\BoontyGames [25/05/2008|22:05] E:\Program Files\CCleaner [25/05/2008|22:00] E:\Program Files\Circle Developement [23/05/2008|14:48] E:\Program Files\ComPlus Applications [23/05/2008|15:11] E:\Program Files\CyberLink [23/05/2008|23:45] E:\Program Files\DivX [01/06/2008|18:26] E:\Program Files\eMule [29/05/2008|16:31] E:\Program Files\Fichiers communs [23/05/2008|15:09] E:\Program Files\Free Download Manager [24/05/2008|03:57] E:\Program Files\Hewlett-Packard [24/05/2008|04:01] E:\Program Files\HP [31/05/2008|01:25] E:\Program Files\InstallShield Installation Information [26/05/2008|22:09] E:\Program Files\Internet Explorer [25/05/2008|12:44] E:\Program Files\Java [30/05/2008|14:36] E:\Program Files\Lavasoft [23/05/2008|15:12] E:\Program Files\Media Player Classic [23/05/2008|14:48] E:\Program Files\Messenger [25/05/2008|22:00] E:\Program Files\Messenger Plus! Live [23/05/2008|15:12] E:\Program Files\microsoft frontpage [23/05/2008|15:40] E:\Program Files\Microsoft Office [23/05/2008|15:40] E:\Program Files\Microsoft Visual Studio [23/05/2008|15:40] E:\Program Files\Microsoft Works [23/05/2008|15:40] E:\Program Files\Microsoft.NET [23/05/2008|20:31] E:\Program Files\Movie Maker [01/06/2008|21:01] E:\Program Files\Mozilla Firefox [23/05/2008|15:34] E:\Program Files\MSBuild [23/05/2008|20:33] E:\Program Files\msn gaming zone [26/05/2008|00:00] E:\Program Files\MSN Messenger [23/05/2008|15:04] E:\Program Files\MSXML 4.0 [23/05/2008|15:04] E:\Program Files\MSXML 6.0 [29/05/2008|13:59] E:\Program Files\Nero [23/05/2008|20:30] E:\Program Files\NetMeeting [28/05/2008|17:25] E:\Program Files\Orange HSS [23/05/2008|22:22] E:\Program Files\Outlook Express [29/05/2008|16:29] E:\Program Files\PhotoFiltre [25/05/2008|11:42] E:\Program Files\Realtek AC97 [25/05/2008|11:42] E:\Program Files\Realtek Sound Manager [23/05/2008|15:28] E:\Program Files\Reference Assemblies [28/05/2008|17:19] E:\Program Files\SAGEM [25/05/2008|22:01] E:\Program Files\seconddoesboob [28/05/2008|17:18] E:\Program Files\Securitoo [23/05/2008|14:51] E:\Program Files\Services en ligne [23/05/2008|21:49] E:\Program Files\SIW [31/05/2008|01:35] E:\Program Files\Spybot - Search & Destroy [01/06/2008|17:27] E:\Program Files\Steam [31/05/2008|01:25] E:\Program Files\ToniArts [23/05/2008|18:43] E:\Program Files\Uninstall Information [24/05/2008|00:24] E:\Program Files\VideoLAN [25/05/2008|23:58] E:\Program Files\Windows Live [25/05/2008|21:53] E:\Program Files\Windows Live Favorites [25/05/2008|21:53] E:\Program Files\Windows Live Toolbar [23/05/2008|14:56] E:\Program Files\Windows Media Connect 2 [29/05/2008|13:42] E:\Program Files\Windows Media Player [23/05/2008|20:28] E:\Program Files\Windows NT [23/05/2008|14:51] E:\Program Files\WindowsUpdate [23/05/2008|18:41] E:\Program Files\WinRar [23/05/2008|15:12] E:\Program Files\xerox [23/05/2008|18:41] E:\Program Files\Xvid [25/05/2008|22:05] E:\Program Files\Yahoo! [28/05/2008|00:28] E:\Program Files\Zylom Games ------[ Listing des dossiers dans E:\Program Files\Fichiers communs ]------ [23/05/2008|15:08] E:\Program Files\Fichiers communs\Adobe [29/05/2008|14:03] E:\Program Files\Fichiers communs\Ahead [24/05/2008|13:47] E:\Program Files\Fichiers communs\BOONTY Shared [23/05/2008|15:40] E:\Program Files\Fichiers communs\DESIGNER [28/05/2008|17:22] E:\Program Files\Fichiers communs\France Telecom [24/05/2008|03:56] E:\Program Files\Fichiers communs\Hewlett-Packard [24/05/2008|04:01] E:\Program Files\Fichiers communs\HP [25/05/2008|11:39] E:\Program Files\Fichiers communs\InstallShield [25/05/2008|12:44] E:\Program Files\Fichiers communs\Java [25/05/2008|23:59] E:\Program Files\Fichiers communs\Microsoft Shared [23/05/2008|14:50] E:\Program Files\Fichiers communs\MSSoap [23/05/2008|21:10] E:\Program Files\Fichiers communs\Nero [23/05/2008|16:40] E:\Program Files\Fichiers communs\ODBC [24/05/2008|01:50] E:\Program Files\Fichiers communs\Real [23/05/2008|14:50] E:\Program Files\Fichiers communs\Services [23/05/2008|16:40] E:\Program Files\Fichiers communs\SpeechEngines [23/05/2008|22:22] E:\Program Files\Fichiers communs\System [25/05/2008|23:59] E:\Program Files\Fichiers communs\WindowsLiveInstaller [30/05/2008|14:35] E:\Program Files\Fichiers communs\Wise Installation Wizard ---------------------------[ Process ]-------------------------- ... 52 iexplore.exe ~ [5268] ----------------------[ Recherche avec S_Lop ]--------------------- Aucun fichier / dossier Lop trouvé ! -----------------[ Recherche de Fichiers / Dossiers Lop ]----------------- E:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site E:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site\chic camp.exe E:\Program Files\second~1 E:\Program Files\Circle Developement E:\Program Files\Circle Developement\Uninstall.exe E:\WINDOWS\Prefetch\CHIC CAMP.EXE-27FE4568.pf E:\DOCUME~1\florent\Cookies\florent@adin.bigpoint[1].txt E:\DOCUME~1\florent\Cookies\florent@bigpoint[1].txt E:\DOCUME~1\florent\Cookies\florent@fr1.seafight.bigpoint[1].txt E:\DOCUME~1\florent\Cookies\florent@banner.cotedazurpalace[2].txt E:\DOCUME~1\florent\Cookies\florent@cotedazurpalace[2].txt E:\DOCUME~1\florent\Cookies\florent@adopt.euroclick[2].txt E:\DOCUME~1\florent\Cookies\florent@pacificpoker[1].txt E:\DOCUME~1\florent\Cookies\florent@fr1.seafight.bigpoint[1].txt E:\WINDOWS\Tasks\A408CF9993834671.job ----------------------[ Verification du Registre ]---------------------- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "memo site kind that"="E:\\Documents and Settings\\All Users\\Application Data\\Grid Blue Memo Site\\chic camp.exe" --------------------[ Verification du fichier Hosts ]--------------------- Fichier Hosts PROPRE ----------------[ Recherche de fichiers avec Catchme ]----------------- catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-01 21:06:41 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------[ Recherche d'autres infections ]--------------------- => E:\Documents and Settings\florent\.housecall6.6\Quarantine\WinRAR.v3.xx.Crack.exe.bac_a03624 [F:50][D:5]-> E:\DOCUME~1\florent\LOCALS~1\Temp [F:58][D:0]-> E:\DOCUME~1\florent\Cookies [F:1048][D:4]-> E:\DOCUME~1\florent\LOCALS~1\TEMPOR~1\content.IE5 --------------------[ Fin du rapport a 21:07:02,50 ]---------------------- merci d'avance!!

je me suis aperçu que des pubs venait squatter mon ordi lorsque je me connecte à internet! j'ai fais deux scans avec ad-aware et spybot ça m'a trouvé un malwares et des adwares j'ai fait un scan en ligne avec trend micro qui m'a trouvé des choses j'ai donc tout virer! le problème c'est que des pubs continue quand même à venir sur l'ordi! je vous donne donc mon hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:18:55, on 01/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe E:\WINDOWS\system32\spoolsv.exe E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe E:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe E:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\svchost.exe E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe E:\Program Files\Windows Live\Messenger\usnsvc.exe E:\WINDOWS\Explorer.EXE E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe E:\Program Files\HP\HP Software Update\HPWuSchd2.exe E:\WINDOWS\SOUNDMAN.EXE E:\Program Files\Java\jre1.6.0_06\bin\jusched.exe E:\Program Files\Orange HSS\Systray\SystrayApp.exe E:\WINDOWS\system32\rundll32.exe E:\Program Files\Internet Explorer\IEXPLORE.EXE E:\WINDOWS\system32\ctfmon.exe E:\Program Files\Free Download Manager\fdm.exe E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe E:\Program Files\Orange HSS\Launcher\Launcher.exe E:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe E:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe E:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe E:\Program Files\Orange HSS\Deskboard\deskboard.exe E:\Program Files\Orange HSS\connectivity\connectivitymanager.exe E:\Program Files\Orange HSS\connectivity\CoreCom\CoreCom.exe E:\WINDOWS\system32\wpabaln.exe E:\Program Files\Orange HSS\connectivity\CoreCom\OraConfigRecover.exe E:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe E:\Program Files\Windows Live\Messenger\msnmsgr.exe E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe E:\Documents and Settings\florent\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://em.gad-network.com/eas?camp=15339;ty=ct R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - E:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - E:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - E:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [memo site kind that] E:\Documents and Settings\All Users\Application Data\Grid Blue Memo Site\chic camp.exe O4 - HKLM\..\Run: [systrayORAHSS] "E:\Program Files\Orange HSS\Systray\SystrayApp.exe" O4 - HKLM\..\Run: [ORAHSSSessionManager] E:\Program Files\Orange HSS\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun O4 - HKCU\..\Run: [MsgCenterExe] "E:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://E:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Download all with Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download web site with Free Download Manager - file://E:\Program Files\Free Download Manager\dlpage.htm O8 - Extra context menu item: Download with Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://E:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?11bf5cfaaa914654ab49e924e0e22865 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://E:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?11bf5cfaaa914654ab49e924e0e22865 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.orange.fr O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - E:\Program Files\Yahoo!\Common\yinsthelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O17 - HKLM\System\CS1\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O17 - HKLM\System\CS2\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Boonty Games - BOONTY - E:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - E:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe -- End of file - 12521 bytes si quelqu'un pouvait m'aider ce serait très aimable! merci d'avance pour vos précieux conseils!!

BTFix 1.090 (par bibi26) - 24/03/2008 17:10:42 - Nettoyage - Mode normal Lancé depuis C:\Documents and Settings\florent\Bureau\BTFix\BTFix\BTFix.exe ---> Fichiers/dossiers supprimés (Première passe) - Fichiers temporaires effacés - C:\Program Files\AskTBar\bar\1.bin\ - C:\Program Files\AskTBar\bar\3.bin\ - C:\Program Files\AskTBar\bar\Cache\ - C:\Program Files\AskTBar\bar\History\ - C:\Program Files\AskTBar\bar\Settings\ - C:\Program Files\AskTBar\bar\ - C:\Program Files\AskTBar\PopSwatr\History\ - C:\Program Files\AskTBar\PopSwatr\ - C:\Program Files\AskTBar\SrchAstt\1.bin\ - C:\Program Files\AskTBar\SrchAstt\3.bin\ - C:\Program Files\AskTBar\SrchAstt\ - C:\Program Files\AskTBar\ ---> Nettoyage terminé

BTFix 1.090 (par bibi26) - 24/03/2008 17:07:32 - Analyse Lancé depuis C:\Documents and Settings\florent\Bureau\BTFix\BTFix\BTFix.exe ---> Fichiers/Dossiers trouvés - C:\Program Files\AskTBar\ ---> Analyse terminée

je me suis chopé zlob.downloader! j'ai essayé de le supprimer avec mon antivirus je n'y suis pas arrivé! enfin bref j'ai arrivé à tout virer avec spybot! sauf le malware win32 BHO.je donc voila si quelqu'un pouvait m'aider ce serai sympa! voici mon rapport hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:47:12, on 24/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Orange HSS\Systray\SystrayApp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: (no name) - {6860A44B-5D3E-433D-A7B5-D517F810D0E7} - C:\Program Files\NetProject\sbmdl.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: e404 helper - {DF47DD37-AC11-4A93-8E16-2B2364AF0897} - (no file) O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file) O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: (no name) - {C5C1C68B-79A3-461B-BF41-410CF67FABB4} - (no file) O3 - Toolbar: Internet Service - {DB9FBA9D-AB1B-4CC6-9745-F3B549D64E40} - C:\Program Files\NetProject\wamdl.dll (file missing) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [systrayORAHSS] "C:\Program Files\Orange HSS\Systray\SystrayApp.exe" O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O15 - Trusted Zone: http://www.orange.fr O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1199414060562 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Br...018/flashax.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{13FA503D-5D0E-4322-810B-C20C322EE84E}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{13FA503D-5D0E-4322-810B-C20C322EE84E}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{13FA503D-5D0E-4322-810B-C20C322EE84E}: NameServer = 192.168.1.1 O22 - SharedTaskScheduler: figpecker - {7d7bd0c4-4913-4933-b870-7388a7bffb82} - C:\WINDOWS\system32\lvhjtsa.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 11974 bytes merci d'avance!!