novice42

bonjour, oui déja essayé avec un autre écran. et mon écran est tout noir. encore merci.

bonsoir, dsl de répondre que maintenant, voila toujous pareille mon ordinateur démarre mais l'écran ne s'allume toujours pas. j'ai essayé avec la touche Fn mais rien de plus. j'ai le logiciel linux que j'ai essayé de mettre sur une clé USB mais toujours aucun résultat encore merci de votre aide.

Bonjour, tout d'abord, merci d'être la pour aider un ignorant comme moi en informatique. Voila je vous explique mon problème. J'ai un ASUS eeepc 4G qui fonctionne avec linux. Suite à une mise à jour du bios par linux mon pc au démarage affiche un écran noir juste 2 diodes s'allument, une verte pour l'allumage, et une bleu sur le wifi. J'ai déja lu beaucoup de chose et assayé pas mal d'astuces trouvé sur le net. J'ai essayé toutes les touches au démarage F2 F1 F10 F9 echap ctrl+alt+dell, rien n'apparait. J'ai aussi essayé le bouton reset derrière l'ordinateur. Ainsi qu'une clé USB pour relancer la machine. Rien n'y fait. Avez vous des solutions pour moi et mon PC??? D'avance merci.

ben écouté cette fois il a rien trouvé surment que au première recherche j'ai du tout éliminer. merci de l'aide voila le rapport au cas ou. Malwarebytes' Anti-Malware 1.42 Version de la base de données: 3392 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 19/12/2009 15:11:46 mbam-log-2009-12-19 (15-11-46).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 178501 Temps écoulé: 1 hour(s), 32 minute(s), 49 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) encore merci...

bonjour, voila encore des virus ou trojan sur mon ordinateur portable. antivir me parle de TR/Trassh.gen et un autre antivirus me parle de plein de chose je vous envoi un rapport Hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:09:08, on 19/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16945) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\hphmon05.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Apoint2K\Apntex.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Yahoo!\Companion\Installs\cpn\ytbb.exe C:\DOCUME~1\josselin\LOCALS~1\Temp\Rar$EX00.547\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr/r/Ohome_accueil?ref=O_t...ook_defaultPage R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} - http://logicielsgratuits.orange.fr/downloa...geInstaller.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 7737 bytes merci de votre aide.

bonjour, voila j'ai formater mon PC voila un rapport serait il possible de me dire ce que je peux enlever au demarage qui est inutile et fais ramer mon pc. voila un rapport. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:29:58, on 16/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\tgbstarter.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Documents and Settings\josselin font\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini20.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1224005427468 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O20 - Winlogon Notify: TGBBOB - C:\WINDOWS\SYSTEM32\TGBBOBNotif.dll O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: TGB::BOB! Starter - Unknown owner - C:\WINDOWS\system32\tgbstarter.exe O23 - Service: TGB::BOB! (TGBBOB) - SISTECH - TheGreenBow - C:\Program Files\MINDSCAPE\MCF\TGBBOB.exe O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe -- End of file - 8032 bytes

bonsoir voila encore un rapport, qui me dit infecté HI. enfin bon merci beaucoup. ;******************************************************************************* ********************************************************************************* ******************* ANALYSIS: 2008-09-26 17:53:41 PROTECTIONS: 1 MALWARE: 2 SUSPECTS: 0 ;******************************************************************************* ********************************************************************************* ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================= =================== eTrust EZ Antivirus 7.0.7.9 No Yes ;=============================================================================== ================================================================================= =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================= =================== 00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP1\A0000037.exe 03738670 Generic Malware Virus/Trojan No 0 No No C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP1\A0000038.msi[unk_0049][syncPlanObserver.exe] 03738670 Generic Malware Virus/Trojan No 0 No No C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP1\A0000034.msi[unk_0049][syncPlanObserver.exe] ;=============================================================================== ================================================================================= =================== SUSPECTS Sent Location ;=============================================================================== ================================================================================= =================== ;=============================================================================== ================================================================================= =================== VULNERABILITIES Id Severity Description ;=============================================================================== ================================================================================= =================== ;=============================================================================== ================================================================================= ===================

bonjour, voila mon ultime rapport mais, il me dit que je suis encore infecté. enfin bon si tu me dis tout est bon. ok ;******************************************************************************* ********************************************************************************* ******************* ANALYSIS: 2008-09-26 09:05:53 PROTECTIONS: 1 MALWARE: 3 SUSPECTS: 0 ;******************************************************************************* ********************************************************************************* ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================= =================== eTrust EZ Antivirus 7.0.7.9 No Yes ;=============================================================================== ================================================================================= =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================= =================== 00139535 Application/Processor HackTools No 0 Yes No C:\WINDOWS\system32\Process.exe 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Josselin\Cookies\josselin@xiti[2].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Josselin\Cookies\josselin@xiti[1].txt 03738670 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple\Installer Cache\Apple Mobile Device Support 1.1.4.7\AppleMobileDeviceSupport.msi[unk_0049][syncPlanObserver.exe] ;=============================================================================== ================================================================================= =================== SUSPECTS Sent Location ;=============================================================================== ================================================================================= =================== ;=============================================================================== ================================================================================= =================== VULNERABILITIES Id Severity Description ;=============================================================================== ================================================================================= =================== ;=============================================================================== ================================================================================= ===================

Bonjour voila le rapport. [ Rapport ToolsCleaner version 2.2.3 (par A.Rothstein & dj QUIOU) ] -->- Recherche: C:\VundoFix.txt: trouvé ! C:\Combofix.txt: trouvé ! C:\TB.txt: trouvé ! C:\SDFIX: trouvé ! C:\Vundofix backups: trouvé ! C:\Toolbar SD: trouvé ! C:\Documents and Settings\Josselin\Bureau\SdFix.exe: trouvé ! C:\Documents and Settings\Josselin\Bureau\vundoFix.exe: trouvé ! C:\Documents and Settings\Josselin\Bureau\ToolBarSD.exe: trouvé ! --------------------------------- -->- Suppression: C:\Documents and Settings\Josselin\Bureau\SdFix.exe: supprimé ! C:\Documents and Settings\Josselin\Bureau\vundoFix.exe: supprimé ! C:\Documents and Settings\Josselin\Bureau\ToolBarSD.exe: supprimé ! C:\VundoFix.txt: supprimé ! C:\Combofix.txt: supprimé ! C:\TB.txt: supprimé ! C:\SDFIX: supprimé ! C:\Vundofix backups: supprimé ! C:\Toolbar SD: supprimé ! je suis en train de faire tous ce que tu m'as dit après que j'aurais tout fais veux tu a nouveau un rapport de pandan active scan??? merci de ton aide précieuse...

voila un nouveau rapport. de panda. ;******************************************************************************* ********************************************************************************* ******************* ANALYSIS: 2008-09-23 18:38:21 PROTECTIONS: 1 MALWARE: 4 SUSPECTS: 0 ;******************************************************************************* ********************************************************************************* ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================= =================== eTrust EZ Antivirus 7.0.7.9 No Yes ;=============================================================================== ================================================================================= =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================= =================== 00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP20\A0002220.exe 00139535 Application/Processor HackTools No 0 No No C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP20\A0002170.exe[C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP20\A0002170.exe][sDFix\apps\Process.exe] 00139535 Application/Processor HackTools No 0 Yes No C:\WINDOWS\system32\Process.exe 00147814 Cookie/AspinallsOnlineCasino TrackingCookie No 0 Yes No C:\Lop SD\Backup-Lop\DOCUME~1\Josselin\Cookies\josselin@pacificpoker[1].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Josselin\Cookies\josselin@xiti[1].txt 00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Josselin\Cookies\josselin@weborama[1].txt ;=============================================================================== ================================================================================= =================== SUSPECTS Sent Location y3 ;=============================================================================== ================================================================================= =================== ;=============================================================================== ================================================================================= =================== VULNERABILITIES Id Severity Description y3 ;=============================================================================== ================================================================================= =================== ;=============================================================================== ================================================================================= =================== après enlever tous les logiciels qui me servent a rien et optimiser mon démarage et oui je sais a quoid sa correspond je voudrais aussi le supprimer. mais suis je tjrs infecté merci de ton aide.

voila c'est en cour. tu pourais me dire tout ce que je peux supprimer comme logiciel voila un rapport. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:12:22, on 23/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe C:\WINDOWS\System32\dmadmin.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\system32\hphmon05.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint2K\Apoint.exe" O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe" O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVP] "C:\Documents and Settings\All Users.WINDOWS\Bureau\Kaspersky Lab Tool1\setup_7.0.0.180_24.04.2008_22-25.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/...trolLite_EN.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1168171833640 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://orange.securitoo.com/ols/fscax.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\WINDOWS\System32\FTRTSVC.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: setup_7.0.0.180_24.04.2008_22-25 - Unknown owner - C:\Documents and Settings\All Users.WINDOWS\Bureau\Kaspersky Lab Tool\setup_7.0.0.180_24.04.2008_22-25.exe (file missing) O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe -- End of file - 9891 bytes et voila le rapport de l'antivirus ;******************************************************************************* ********************************************************************************* ******************* ANALYSIS: 2008-09-23 11:10:22 PROTECTIONS: 1 MALWARE: 4 SUSPECTS: 0 ;******************************************************************************* ********************************************************************************* ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================= =================== eTrust EZ Antivirus 7.0.7.9 No Yes ;=============================================================================== ================================================================================= =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================= =================== 00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP20\A0002220.exe 00139535 Application/Processor HackTools No 0 No No C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP20\A0002170.exe[C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP20\A0002170.exe][sDFix\apps\Process.exe] 00139535 Application/Processor HackTools No 0 Yes No C:\WINDOWS\system32\Process.exe 00147814 Cookie/AspinallsOnlineCasino TrackingCookie No 0 Yes No C:\Lop SD\Backup-Lop\DOCUME~1\Josselin\Cookies\josselin@pacificpoker[1].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Josselin\Cookies\josselin@xiti[1].txt 00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Josselin\Cookies\josselin@weborama[1].txt ;=============================================================================== ================================================================================= =================== SUSPECTS Sent Location y3 ;=============================================================================== ================================================================================= =================== ;=============================================================================== ================================================================================= =================== VULNERABILITIES Id Severity Description y3 ;=============================================================================== ================================================================================= =================== ;=============================================================================== ================================================================================= ===================

bonsoir j'ai réussi, a remettre internet explorer grace a safari que j'ai grace a mon ipod enfin j'ai re télécharger. internet explorer. que veux tu comme rapport maintenant. MERCI ton aide.

fonctionne pas mieux.

bonsoir pour internet rien ne marche. voila le rapport. c:\Documents and Settings\Josselin\Local Settings\Temp\MsgPlusUninstall.exe moved successfully. < EmptyTemp > File delete failed. C:\DOCUME~1\Josselin\LOCALS~1\Temp\~DF2400.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\Josselin\LOCALS~1\Temp\~DF2424.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\Josselin\LOCALS~1\Temp\~DF32AD.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\Josselin\LOCALS~1\Temp\~DF33A5.tmp scheduled to be deleted on reboot. Temp folders emptied. IE temp folders emptied. OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09222008_173050 Files moved on Reboot... File C:\DOCUME~1\Josselin\LOCALS~1\Temp\~DF2400.tmp not found! File C:\DOCUME~1\Josselin\LOCALS~1\Temp\~DF2424.tmp not found! File C:\DOCUME~1\Josselin\LOCALS~1\Temp\~DF32AD.tmp not found! File C:\DOCUME~1\Josselin\LOCALS~1\Temp\~DF33A5.tmp not found! voila j'espère que j'ai tout fais correctement... merci de ton aide

voila les 2 rapports donné par le logiciel. catchme catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-21 20:06:12 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000a94032d03] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94032d03] "006057afe2c3"=hex:26,0c,52,af,87,57,7f,84,08,36,d9,0c,fd,79,91,a3 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\000a94032d03] "006057afe2c3"=hex:26,0c,52,af,87,57,7f,84,08,36,d9,0c,fd,79,91,a3 scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher] "TracesProcessed"=dword:0000024e [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" "DeviceNotSelectedTimeout"="15" "GDIProcessHandleQuota"=dword:00002710 "Spooler"="yes" "swapdisk"="" "TransmissionRetryTimeout"="90" "USERProcessHandleQuota"=dword:00002710 scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 résultat DiagHelp version v1.4 - http://www.malekal.com excute le 21/09/2008 à 20:04:39,62 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->21/09/2008 20:04:36 C:\WINDOWS\prefetch\AVWSC.EXE-347FCF75.pf -->21/09/2008 20:04:27 C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->21/09/2008 20:03:53 C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->21/09/2008 20:02:56 C:\WINDOWS\prefetch\WMPLAYER.EXE-18DDEFA3.pf -->21/09/2008 14:36:27 C:\WINDOWS\prefetch\WMPLAYER.EXE-18DDEFA5.pf -->21/09/2008 14:35:16 C:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->21/09/2008 14:31:32 C:\WINDOWS\prefetch\USNSVC.EXE-2DF2835C.pf -->21/09/2008 12:54:27 C:\WINDOWS\prefetch\MSNMSGR.EXE-030AB647.pf -->21/09/2008 12:53:49 C:\WINDOWS\prefetch\AUTODOWN.EXE-2DA03331.pf -->21/09/2008 12:19:12 C:\WINDOWS\System32\drivers\fidbox.idx -->20/09/2008 18:30:02 C:\WINDOWS\System32\drivers\fidbox.dat -->20/09/2008 18:30:02 C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->10/09/2008 00:04:02 C:\WINDOWS\System32\drivers\mbam.sys -->10/09/2008 00:03:56 C:\WINDOWS\System32\drivers\avipbb.sys -->18/07/2008 15:10:01 C:\WINDOWS\System32\drivers\vetmonnt.sys -->02/07/2008 15:33:36 C:\WINDOWS\System32\drivers\VetEFile.sys -->02/07/2008 15:33:25 C:\WINDOWS\System32\wpa.dbl -->21/09/2008 12:18:29 C:\WINDOWS\System32\cmd.cfexe -->17/09/2008 19:04:14 C:\WINDOWS\System32\MRT.exe -->26/08/2008 13:28:14 C:\WINDOWS\System32\TZLog.log -->14/08/2008 22:53:34 C:\WINDOWS\System32\jupdate-1.6.0_07-b06.log -->28/07/2008 21:32:39 C:\WINDOWS\System32\cdm.dll -->18/07/2008 22:10:48 C:\WINDOWS\System32\wuauclt.exe -->18/07/2008 22:10:42 C:\WINDOWS\System32\wups2.dll -->18/07/2008 22:10:40 C:\WINDOWS\System32\wucltui.dll.mui -->18/07/2008 22:10:36 C:\WINDOWS\System32\wups.dll -->18/07/2008 22:10:20 C:\WINDOWS\System32\wuaucpl.cpl.mui -->18/07/2008 22:09:56 C:\WINDOWS\System32\wucltui.dll -->18/07/2008 22:09:46 C:\WINDOWS\System32\wuaucpl.cpl -->18/07/2008 22:09:46 C:\WINDOWS\System32\wuweb.dll -->18/07/2008 22:09:44 C:\WINDOWS\System32\wuapi.dll -->18/07/2008 22:09:44 C:\WINDOWS\System32\wuaueng.dll -->18/07/2008 22:09:42 C:\WINDOWS\System32\wuapi.dll.mui -->18/07/2008 22:09:14 C:\WINDOWS\System32\wuaueng.dll.mui -->18/07/2008 22:09:06 C:\WINDOWS\System32\mucltui.dll -->18/07/2008 22:07:34 C:\WINDOWS\System32\muweb.dll -->18/07/2008 22:07:32 C:\WINDOWS\System32\mucltui.dll.mui -->18/07/2008 22:07:28 C:\WINDOWS\System32\6feb99be-.txt -->12/07/2008 13:10:10 C:\WINDOWS\System32\tzchange.exe -->11/07/2008 14:42:28 C:\WINDOWS\System32\es.dll -->07/07/2008 22:28:20 C:\WINDOWS\System32\VetRedir.dll -->02/07/2008 15:32:23 C:\WINDOWS\WindowsUpdate.log -->21/09/2008 12:20:13 C:\WINDOWS\0.log -->21/09/2008 12:17:34 C:\WINDOWS\wiadebug.log -->21/09/2008 12:17:27 C:\WINDOWS\wiaservc.log -->21/09/2008 12:17:26 C:\WINDOWS\bootstat.dat -->21/09/2008 12:17:06 C:\WINDOWS\ntbtlog.txt -->20/09/2008 22:39:43 C:\WINDOWS\SchedLgU.Txt -->20/09/2008 18:29:53 C:\WINDOWS\setupapi.log -->19/09/2008 20:33:15 C:\WINDOWS\Sti_Trace.log -->19/09/2008 17:58:19 C:\WINDOWS\system.ini -->17/09/2008 18:54:20 C:\WINDOWS\videoimp.ini -->08/09/2008 13:28:48 C:\WINDOWS\dsez8690.dat -->08/09/2008 13:12:12 C:\WINDOWS\WININIT.INI -->25/08/2008 21:32:02 C:\WINDOWS\ModemLog_Motorola USB Modem.txt -->13/08/2008 19:01:10 C:\WINDOWS\UnVet32.exe -->02/07/2008 15:32:23 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1544 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll 0x44080000 0xd0000 7.00.6000.16705 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16705 C:\WINDOWS\system32\iertutil.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x753c0000 0x6b000 1.420.2600.5512 C:\WINDOWS\system32\USP10.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll 0x6bd00000 0xd000 0.01.0002.0003 C:\WINDOWS\system32\SYNCOR11.DLL 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x44160000 0x127000 7.00.6000.16705 C:\WINDOWS\system32\urlmon.dll 0x44360000 0x5cd000 7.00.6000.16705 C:\WINDOWS\system32\ieframe.dll 0x13420000 0x1a000 11.00.5721.5145 C:\PROGRA~1\WINDOW~2\wmpband.dll 0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL 0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll 0x442b0000 0x3c000 7.00.6000.16705 C:\WINDOWS\system32\webcheck.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x10000000 0x11000 3.00.0001.0905 C:\WINDOWS\system32\btncopy.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x00cb0000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll 0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll 0x02cc0000 0x187000 1.06.0000.0012 C:\PROGRA~1\SPYBOT~1\SDHelper.dll 0x43ff0000 0xa000 7.00.6000.16705 C:\WINDOWS\system32\jsproxy.dll 0x75be0000 0x7d000 5.07.0000.18066 C:\WINDOWS\system32\jscript.dll 0x4eb80000 0x1a6000 5.01.3102.5581 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll 0x73600000 0x7000 6.05.2600.5512 C:\WINDOWS\system32\msdmo.dll 0x15110000 0x25a000 11.00.5721.5145 C:\WINDOWS\system32\wmvcore.dll 0x11c70000 0x3a000 11.00.5721.5238 C:\WINDOWS\system32\WMASF.DLL 0x0bef0000 0x37000 11.00.5721.5145 C:\WINDOWS\system32\MFPlat.DLL 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x03620000 0x2c000 C:\Program Files\WinRAR\rarext.dll 0x03690000 0x2e000 1.01.0000.0015 C:\Program Files\Spyware Terminator\sptcontmenu.dll 0x036c0000 0x12000 7.00.0000.0015 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll 0x03800000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL 0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x03910000 0x12000 1.01.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll 0x03930000 0x1c000 11.00.0007.0009 C:\WINDOWS\avshlext.dll 0x03970000 0x13000 1.00.0000.0001 C:\Program Files\RecordNow!\shlext.dll 0x7c000000 0x54000 7.00.9466.0000 C:\Program Files\RecordNow!\MSVCR70.dll 0x5a500000 0x50000 8.05.1302.1018 C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll 0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll 0x16210000 0x27e000 5.02.5721.5145 C:\WINDOWS\system32\wpdshext.dll 0x07160000 0x46000 5.02.5721.5145 C:\WINDOWS\system32\Audiodev.dll 0x01bf0000 0xd000 7.00.0009.0050 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 0x6d7c0000 0x7b000 6.00.0070.0006 C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 492 Command line: winlogon.exe Base Size Version Path 0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x753c0000 0x6b000 1.420.2600.5512 C:\WINDOWS\system32\USP10.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x6bd00000 0xd000 0.01.0002.0003 C:\WINDOWS\system32\SYNCOR11.DLL 0x013e0000 0x3b000 1.07.0018.0005 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 64C8-5D6F Répertoire de C:\WINDOWS\system32 13/04/2008 19:34 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 6 533 849 088 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 64C8-5D6F Répertoire de C:\WINDOWS\system32 08/04/2004 05:22 1 323 008 dmcpl.exe 1 fichier(s) 1 323 008 octets 0 Rép(s) 6 533 849 088 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 64C8-5D6F Répertoire de C:\WINDOWS\Downloaded Program Files 19/09/2008 20:33 <REP> . 19/09/2008 20:33 <REP> .. 09/08/2005 15:43 193 ampx.inf 27/02/2008 15:59 290 816 auc_lib.dll 15/01/2008 22:12 255 336 avsniffdlgs.dll 09/01/2008 15:01 32 bdcore.dll 09/01/2008 15:01 118 784 bdupd.dll 27/02/2008 15:59 541 ca.pub 18/06/2008 01:00 2 504 catalog.dat 27/02/2008 15:59 495 616 daas_s.dll 05/01/2007 18:52 65 desktop.ini 28/10/2003 09:51 7 424 DjVuLite.inf 18/06/2008 01:00 6 899 ecbootil.vxd 15/01/2008 22:02 42 112 ecmldr32.dll 18/06/2008 01:00 259 440 ecmsvr32.dll 15/06/2006 19:33 1 132 192 EPUWALcontrol.dll 11/04/2007 14:55 1 292 erma.inf 27/02/2008 16:00 262 144 fscax.dll 27/02/2008 15:59 614 fscax.inf 13/04/2007 03:14 382 344 GAME_UNO1.dll 17/01/2007 16:44 316 GAME_UNO1.INF 27/02/2008 15:59 588 392 gatelauncher.exe 09/01/2008 15:01 53 248 ipsupd.dll 26/02/2008 15:42 7 724 lang.ini 08/10/2007 21:21 367 LegitCheckControl.inf 09/01/2008 15:01 32 libfn.dll 21/01/2008 17:43 130 live.ini 30/01/2002 02:00 497 MDM.inf 23/02/2007 00:41 304 544 MessengerStatsPAClient.dll 28/02/2007 15:21 131 472 msgrchkr.dll 30/06/2005 15:19 227 MsnMessengerSetupDownloader.inf 14/08/2005 00:26 113 664 MsnMessengerSetupDownloader.ocx 15/01/2008 22:02 6 850 navapi.vxd 15/01/2008 22:02 201 896 navapi32.dll 18/06/2008 01:00 177 520 naveng32.dll 18/06/2008 01:00 1 164 656 navex32a.dll 07/02/2008 14:06 1 248 oscan8.inf 26/02/2008 15:59 487 424 oscan82.ocx 09/01/2008 15:01 6 828 scanoptions.tsi 18/06/2008 01:00 97 776 scrauth.dat 14/02/2007 16:30 144 setup.inf 28/02/2007 15:21 142 248 SolitaireShowdown.dll 27/08/2005 14:30 5 065 swflash.inf 18/06/2008 01:00 11 814 symaveng.cat 18/06/2008 01:00 1 061 symaveng.inf 18/06/2008 01:00 412 289 tcdefs.dat 18/06/2008 01:00 3 843 326 tcscan7.dat 18/06/2008 01:00 152 839 tcscan8.dat 18/06/2008 01:00 410 721 tcscan9.dat 18/06/2008 01:00 453 tinf.dat 18/06/2008 01:00 148 tinfidx.dat 18/06/2008 01:00 1 957 tinfl.dat 18/06/2008 01:00 71 435 tscan1.dat 18/06/2008 01:00 3 760 tscan1hd.dat 18/06/2008 01:00 4 778 v.grd 18/06/2008 01:00 2 267 v.sig 18/06/2008 01:00 106 244 virscan.inf 18/06/2008 01:00 1 008 604 virscan1.dat 18/06/2008 01:00 571 362 virscan2.dat 18/06/2008 01:00 151 904 virscan3.dat 18/06/2008 01:00 320 253 virscan4.dat 18/06/2008 01:00 7 836 779 virscan5.dat 18/06/2008 01:00 394 208 virscan6.dat 18/06/2008 01:00 28 249 025 virscan7.dat 18/06/2008 01:00 2 050 716 virscan8.dat 18/06/2008 01:00 6 355 728 virscan9.dat 18/06/2008 01:00 32 virscant.dat 26/05/2005 05:19 291 wuweb.inf 18/06/2008 01:00 224 zdone.dat 19/02/2007 12:26 159 128 ZIntro.ocx 68 fichier(s) 58 871 962 octets Total des fichiers listés : 68 fichier(s) 58 871 962 octets 2 Rép(s) 6 533 849 088 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update" "C:\\Program Files\\Fichiers communs\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Fichiers communs\\AOL\\System Information\\sinf.exe:*:Enabled:AOL System Information" "C:\\Program Files\\Fichiers communs\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Fichiers communs\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Enabled:AOL" "C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"="C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Disabled:eMule" "C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Disabled:HP Software Update Client" "C:\\WINDOWS\\system32\\mshta.exe"="C:\\WINDOWS\\system32\\mshta.exe:*:Disabled:Microsoft ® HTML Application host" "C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Disabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Disabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Disabled:Windows Messenger" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL" "C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL" "C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "HideLegacyLogonScripts"=dword:00000000 "HideLogoffScripts"=dword:00000000 "RunLogonScriptSync"=dword:00000001 "RunStartupScriptSync"=dword:00000000 "HideStartupScripts"=dword:00000000 "DisableRegistryTools"=dword:00000000 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-21 20:06:12 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000a94032d03] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94032d03] "006057afe2c3"=hex:26,0c,52,af,87,57,7f,84,08,36,d9,0c,fd,79,91,a3 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\000a94032d03] "006057afe2c3"=hex:26,0c,52,af,87,57,7f,84,08,36,d9,0c,fd,79,91,a3 scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher] "TracesProcessed"=dword:0000024e [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" "DeviceNotSelectedTimeout"="15" "GDIProcessHandleQuota"=dword:00002710 "Spooler"="yes" "swapdisk"="" "TransmissionRetryTimeout"="90" "USERProcessHandleQuota"=dword:00002710 scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 160 - csrss.exe 204 - svchost.exe 492 - winlogon.exe 504 - svchost.exe 512 - SyncServices.ex 616 - sp_rsser.exe 680 - services.exe 756 - lsass.exe 820 - HPZipm12.exe 904 - avguard.exe 924 - svchost.exe 952 - ctfmon.exe 1028 - AppleMobileDevi 1184 - svchost.exe 1252 - VetMsg.exe 1316 - mDNSResponder.e 1412 - svchost.exe 1544 - explorer.exe 1644 - svchost.exe 2040 - sched.exe 2100 - Apoint.exe 2328 - ApntEx.exe 2432 - hphmon05.exe 2452 - TeaTimer.exe 2904 - avgnt.exe 2960 - msnmsgr.exe 2980 - usnsvc.exe 3816 - cmd.exe Total number of processes = 29 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806D0000 - \WINDOWS\system32\hal.dll F7B4E000 - \WINDOWS\system32\KDCOM.DLL F7A5E000 - \WINDOWS\system32\BOOTVID.dll F751E000 - ACPI.sys F7B50000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F750D000 - pci.sys F764E000 - isapnp.sys F7A62000 - compbatt.sys F7A66000 - \WINDOWS\system32\DRIVERS\BATTC.SYS F7C16000 - pciide.sys F78CE000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F74EF000 - pcmcia.sys F765E000 - MountMgr.sys F74D0000 - ftdisk.sys F7A6A000 - ACPIEC.sys F7C17000 - \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS F78D6000 - PartMgr.sys F766E000 - VolSnap.sys F74B8000 - atapi.sys F767E000 - disk.sys F768E000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F7498000 - fltmgr.sys F7486000 - sr.sys F769E000 - PxHelp20.sys F746F000 - KSecDD.sys F745C000 - WudfPf.sys F73CF000 - Ntfs.sys F73A2000 - NDIS.sys F7391000 - Serial.sys F78DE000 - nv_agp.sys F7377000 - Mup.sys F7A6E000 - tiumflt.sys F724B000 - btkrnl.sys F76FE000 - \SystemRoot\system32\DRIVERS\AmdK8.sys F7B2E000 - \SystemRoot\system32\DRIVERS\wmiacpi.sys F7B32000 - \SystemRoot\system32\DRIVERS\CmBatt.sys F770E000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F799E000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F6D14000 - \SystemRoot\system32\DRIVERS\Apfiltr.sys F79A6000 - \SystemRoot\system32\DRIVERS\mouclass.sys F79AE000 - \SystemRoot\system32\DRIVERS\fdc.sys F6D00000 - \SystemRoot\system32\DRIVERS\parport.sys F79B6000 - \SystemRoot\system32\DRIVERS\usbohci.sys F6CDC000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F79BE000 - \SystemRoot\system32\DRIVERS\usbehci.sys F6C46000 - \SystemRoot\system32\drivers\smwdm.sys F6C22000 - \SystemRoot\system32\drivers\portcls.sys F772E000 - \SystemRoot\system32\drivers\drmk.sys F6BFF000 - \SystemRoot\system32\drivers\ks.sys F6BE7000 - \SystemRoot\system32\drivers\aeaudio.sys F6AC0000 - \SystemRoot\system32\DRIVERS\AGRSM.sys F79D6000 - \SystemRoot\System32\Drivers\Modem.SYS F773E000 - \SystemRoot\system32\DRIVERS\imapi.sys F774E000 - \SystemRoot\System32\Drivers\AFS2K.SYS F775E000 - \SystemRoot\system32\DRIVERS\cdrom.sys F776E000 - \SystemRoot\system32\DRIVERS\redbook.sys F7B42000 - \SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys F777E000 - \SystemRoot\system32\DRIVERS\R8139n51.SYS F6A6C000 - \SystemRoot\system32\DRIVERS\bcmwl5.sys F79DE000 - \SystemRoot\system32\drivers\tiumfwl.sys F692B000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys F6917000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F778E000 - \SystemRoot\System32\Drivers\tosrfcom.sys F7CAD000 - \SystemRoot\system32\DRIVERS\audstub.sys F7B82000 - \SystemRoot\System32\Drivers\RootMdm.sys F779E000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F7B4A000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F6900000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F77AE000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F77BE000 - \SystemRoot\system32\DRIVERS\raspptp.sys F79E6000 - \SystemRoot\system32\DRIVERS\TDI.SYS F68EF000 - \SystemRoot\system32\DRIVERS\psched.sys F77CE000 - \SystemRoot\system32\DRIVERS\msgpc.sys F79EE000 - \SystemRoot\system32\DRIVERS\ptilink.sys F79F6000 - \SystemRoot\system32\DRIVERS\raspti.sys F79FE000 - \SystemRoot\system32\DRIVERS\RimSerial.sys F77DE000 - \SystemRoot\system32\DRIVERS\termdd.sys F7B86000 - \SystemRoot\system32\DRIVERS\swenum.sys F67F1000 - \SystemRoot\system32\DRIVERS\update.sys F720A000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F77FE000 - \SystemRoot\system32\DRIVERS\tosporte.sys F780E000 - \SystemRoot\System32\Drivers\NDProxy.SYS F782E000 - \SystemRoot\system32\DRIVERS\usbhub.sys F7B90000 - \SystemRoot\system32\DRIVERS\USBD.SYS F7AF6000 - \SystemRoot\System32\Drivers\VETFDDNT.SYS F7B94000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F5705000 - \SystemRoot\System32\Drivers\VETEFILE.SYS F7AFA000 - \SystemRoot\System32\Drivers\VET-REC.SYS F7A1E000 - \SystemRoot\System32\Drivers\VET-FILT.SYS F7A26000 - \SystemRoot\System32\Drivers\VETMONNT.SYS F56C5000 - \SystemRoot\System32\Drivers\VETEBOOT.SYS F7D8A000 - \SystemRoot\System32\Drivers\Null.SYS F7BA2000 - \SystemRoot\System32\Drivers\Beep.SYS F7A2E000 - \SystemRoot\System32\drivers\vga.sys F7BA4000 - \SystemRoot\System32\Drivers\mnmdd.SYS F7BA8000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F7A36000 - \SystemRoot\System32\Drivers\Msfs.SYS F7A3E000 - \SystemRoot\System32\Drivers\Npfs.SYS F7B0E000 - \SystemRoot\system32\DRIVERS\rasacd.sys F5692000 - \SystemRoot\system32\DRIVERS\ipsec.sys F5639000 - \SystemRoot\system32\DRIVERS\tcpip.sys F5611000 - \SystemRoot\system32\DRIVERS\netbt.sys F55EB000 - \SystemRoot\system32\DRIVERS\ipnat.sys F55C9000 - \SystemRoot\System32\drivers\afd.sys F784E000 - \SystemRoot\system32\DRIVERS\netbios.sys F786E000 - \SystemRoot\system32\DRIVERS\wanarp.sys F7A46000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys F55A6000 - \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys F557B000 - \SystemRoot\system32\DRIVERS\rdbss.sys F54E3000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys F789E000 - \SystemRoot\System32\Drivers\Fips.SYS F7BB4000 - \??\C:\WINDOWS\system32\drivers\EABFiltr.sys F54D2000 - \SystemRoot\system32\DRIVERS\avipbb.sys F7BBA000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys F76BE000 - \SystemRoot\System32\Drivers\Cdfs.SYS F54BA000 - \SystemRoot\System32\Drivers\dump_atapi.sys F7B76000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys F6D2B000 - \SystemRoot\System32\drivers\Dxapi.sys F791E000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys F7D92000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D5000 - \SystemRoot\System32\nv4_disp.dll F2DF5000 - \SystemRoot\system32\DRIVERS\ndisuio.sys F2AEC000 - \SystemRoot\system32\DRIVERS\mrxdav.sys F2AAF000 - \SystemRoot\system32\drivers\wdmaud.sys F77EE000 - \SystemRoot\system32\drivers\sysaudio.sys F2BF5000 - \SystemRoot\system32\DRIVERS\MaVc2K.sys F7C00000 - \SystemRoot\System32\Drivers\ParVdm.SYS F7C06000 - \SystemRoot\System32\Drivers\ASCTRM.SYS F2865000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys F2C19000 - \SystemRoot\System32\Drivers\CommSBEP.SYS F27EB000 - \SystemRoot\system32\DRIVERS\srv.sys F220A000 - \SystemRoot\System32\Drivers\HTTP.sys F207A000 - \SystemRoot\system32\DRIVERS\asyncmac.sys F1605000 - \SystemRoot\system32\drivers\kmixer.sys F79CE000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS F15E1000 - \SystemRoot\System32\Drivers\Fastfat.SYS F7D45000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 140 Liste des programmes installes Adobe Flash Player ActiveX Adobe Reader 7.1.0 - Français Adobe Shockwave Player 11 Agere Systems AC'97 Modem ALPS Touch Pad Driver Analyseur et SDK MSXML 4.0 SP2 Apple Mobile Device Support Apple Software Update Archiveur WinRAR ArcSoft VideoImpression 1.6 Assistant de connexion Windows Live Athlon 64 Processor Driver Avanquest update Avira AntiVir Personal - Free Antivirus BG Zip 2002 BlackBerry Desktop Manager Bluetooth by hp Bluetooth Stack for Windows Bonjour Broadcom 802.11 Driver Capturino 1.4 CCleaner (remove only) CodeStuff Starter Copy Correctif pour Lecteur Windows Media 11 (KB939683) Correctif pour Windows Internet Explorer 7 (KB947864) Correctif pour Windows XP (KB952287) CreativeProjects Director DocProc eMule eTrust EZ Antivirus GdiplusUpgrade HijackThis 2.0.2 Hotfix for Windows Media Format 11 SDK (KB929399) HP Deskjet Preloaded Printer Drivers HP Image Zone 3.5 HP PSC & OfficeJet 3.5 hp psc 1200 series hp psc 1200 series HP Software Update HPIZFix3 hpmdtab HPSystemDiagnostics InstantShare iTunes Java 6 Update 7 K-Lite Codec Pack 3.3.5 Full Learn2 Player (Uninstall Only) Lecteur Windows Media 11 Malwarebytes' Anti-Malware Maxtor Manager Maxtor Manager Memories Disc Creator 2.0 Messenger Plus! 3 Messenger Plus! Live Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft .NET Framework 2.0 Service Pack 1 Microsoft Baseline Security Analyzer 2.1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Flight Simulator X Microsoft Flight Simulator X Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office PowerPoint Viewer 2003 Microsoft Office Professional Microsoft User-Mode Driver Framework Feature Pack 1.5 Microsoft Visual C++ 2005 Redistributable Microsoft Works 7.0 Mio Technology Speedcam Synchronisation ( M2 ) 1.2.12.03.2007 Mio Technology SpeedCam Tool MioMap v3 Updater for Mio C220 C250 Mise à jour de sécurité pour le Codeur Windows Media (KB954156) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB938464) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB946648) Mise à jour de sécurité pour Windows XP (KB950760) Mise à jour de sécurité pour Windows XP (KB950762) Mise à jour de sécurité pour Windows XP (KB950974) Mise à jour de sécurité pour Windows XP (KB951066) Mise à jour de sécurité pour Windows XP (KB951376-v2) Mise à jour de sécurité pour Windows XP (KB951376) Mise à jour de sécurité pour Windows XP (KB951698) Mise à jour de sécurité pour Windows XP (KB951748) Mise à jour de sécurité pour Windows XP (KB952954) Mise à jour de sécurité pour Windows XP (KB953839) Mise à jour pour Windows XP (KB951072-v2) Mise à jour pour Windows XP (KB951978) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Motorola Phone Tools Motorola Phone Tools MSN Messenger 7.0 MSN Toolbar MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 6.0 Parser (KB933579) NVIDIA nForce Drivers NVIDIA Windows 2000/XP Display Drivers overland Package de base Microsoft de service de chiffrement pour cartes à puce PCI 1620 Cardbus Controller and Software Photo et imagerie HP 2.0 - All-in-One Photo et imagerie HP 2.0 - All-in-One Pilote Photo et imagerie HP 2.0 - hp psc 1200 series PhotoFiltre Studio PhotoGallery Photosmart 140,240,7200,7600,7700,7900 Series Picasa 2 Prefixes Professional GP300/GM300 Series CPS (D03.02.01_EN) Project IGI PSShortcutsP QFolder Quick Launch Buttons 5.00 B3 QuickProjects QuickTime RealPlayer Basic Realtek RTL8139/810x Fast Ethernet NIC Driver Setup RecordNow! Safari SAMSUNG CDMA Modem Driver Set SAMSUNG Mobile USB Modem ^^ SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung PC Studio Samsung PC Studio Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) SkinsHP1 SkinsHP2 Sonic Update Manager SoundMAX Spybot - Search & Destroy Spyware Terminator SpywareBlaster 4.1 Tcl/Tk 8.3.2 for Windows TI1620/1520 TrayApp TRS2006 Viewpoint Media Player WebFldrs XP WebReg Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage v1.3.0254.0 Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Live installer Windows Live Messenger Windows Media Encoder 9 Series Windows Media Encoder 9 Series Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 3 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 64C8-5D6F Répertoire de C:\Program Files 20/09/2008 18:28 <REP> . 20/09/2008 18:28 <REP> .. 15/03/2006 18:12 <REP> Adobe 13/01/2005 15:37 <REP> AMD 13/01/2005 15:33 <REP> Analog Devices 02/07/2008 14:33 <REP> AntivirusFirewall 17/05/2008 16:02 <REP> Anuman Interactive 24/04/2008 08:52 <REP> Apoint2K 28/08/2008 12:45 <REP> Apple Software Update 31/05/2008 14:25 <REP> ArcSoft 02/07/2008 13:52 <REP> Ascentive 27/06/2008 10:20 <REP> Auslogics 13/08/2008 15:06 <REP> Avanquest update 02/07/2008 16:04 <REP> Avira 24/11/2006 14:26 <REP> BG Zip 2002 28/08/2008 12:34 <REP> Bonjour 06/01/2007 14:10 <REP> Borland 02/07/2008 15:32 <REP> CA 30/06/2008 20:46 <REP> Capturino 1.4 29/08/2008 08:41 <REP> CCleaner 11/11/2007 17:40 <REP> CodeStuff 27/06/2008 09:36 <REP> Common Files 24/04/2008 12:32 <REP> Datel 13/12/2006 21:01 <REP> DID 12/09/2007 20:23 <REP> DIFX 11/09/2008 22:03 <REP> eMule 28/01/2007 12:23 <REP> eoRezo 17/09/2008 18:51 <REP> Fichiers communs 02/07/2008 09:16 <REP> FlasKMPEG_594h 08/09/2008 13:30 <REP> Google 13/01/2006 21:03 <REP> Hewlett-Packard 18/10/2007 22:39 <REP> HP 18/10/2007 22:39 <REP> HPQ 05/12/2005 19:55 <REP> InterActual 20/09/2008 10:40 <REP> Internet Explorer 16/09/2008 09:55 <REP> internetmeet 28/08/2008 12:38 <REP> iPod 28/08/2008 12:38 <REP> iTunes 28/07/2008 21:32 <REP> Java 20/08/2007 09:41 <REP> K-Lite Codec Pack 30/05/2008 21:30 <REP> Lavasoft 14/01/2005 15:16 <REP> Learn2.com 20/12/2006 21:20 <REP> LizardTech 27/06/2008 09:45 <REP> Logitech 20/09/2008 18:29 <REP> Malwarebytes' Anti-Malware 26/12/2007 10:49 <REP> Maxtor 14/08/2008 22:57 <REP> Messenger 20/09/2008 09:08 <REP> Messenger Plus! Live 12/05/2008 21:15 <REP> Microsoft Baseline Security Analyzer 2 26/04/2008 13:33 <REP> Microsoft CAPICOM 2.1.0.2 13/01/2005 15:19 <REP> microsoft frontpage 25/12/2006 15:14 <REP> Microsoft Games 03/01/2006 22:50 <REP> Microsoft Office 18/02/2005 13:09 <REP> Microsoft Works 15/12/2006 14:23 <REP> Mindscape 20/08/2008 16:56 <REP> Mio Technology 22/08/2008 15:05 <REP> Motorola 13/08/2008 15:06 <REP> Motorola Phone Tools 15/05/2008 09:47 <REP> Movie Maker 13/01/2005 15:12 <REP> MSN 29/11/2006 17:36 <REP> MSN Apps 13/01/2005 15:12 <REP> MSN Gaming Zone 20/09/2008 09:04 <REP> MSN Messenger 26/12/2007 10:48 <REP> MSXML 6.0 15/05/2008 09:42 <REP> NetMeeting 28/06/2008 13:29 <REP> Norton Internet Security 14/02/2007 20:01 <REP> Online Services 15/05/2008 09:42 <REP> Outlook Express 13/01/2006 23:22 <REP> Overland 28/07/2008 21:34 <REP> Panda Security 08/09/2008 13:16 <REP> PhotoFiltre Studio 08/09/2008 13:31 <REP> Picasa2 10/07/2008 14:02 <REP> Proxomitron Naoko v4.5 28/08/2008 12:34 <REP> QuickTime 14/01/2005 15:15 <REP> Real 13/01/2005 15:51 <REP> RecordNow! 07/06/2008 17:10 <REP> Registry Easy 18/10/2007 21:54 <REP> Research In Motion 28/08/2008 12:17 <REP> Safari 13/09/2007 20:35 <REP> Samsung 01/09/2007 10:56 <REP> Securitoo 13/01/2005 15:16 <REP> Services en ligne 13/01/2005 15:51 <REP> Sonic 28/07/2008 22:44 <REP> Spybot - Search & Destroy 19/09/2008 05:56 <REP> Spyware Terminator 28/07/2008 22:33 <REP> SpywareBlaster 24/04/2008 12:32 <REP> SRBR_LMR 26/01/2005 18:12 <REP> Tcl 20/09/2007 21:44 <REP> Toshiba 19/09/2008 18:57 <REP> Trend Micro 28/12/2005 22:42 <REP> ubi.com 07/01/2007 12:41 <REP> WIDCOMM 18/09/2008 23:04 <REP> WinClamAVShield 02/03/2008 20:23 <REP> Windows Live 13/01/2008 15:22 <REP> Windows Media Components 03/08/2007 13:10 <REP> Windows Media Connect 2 15/05/2008 10:07 <REP> Windows Media Player 15/05/2008 09:42 <REP> Windows NT 30/06/2008 13:50 <REP> WinRAR 24/11/2006 10:11 <REP> WinZip 13/01/2005 15:19 <REP> xerox 30/08/2008 12:30 <REP> Yahoo! 17/07/2008 19:02 <REP> Zone Labs 0 fichier(s) 0 octets 103 Rép(s) 6 514 892 800 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 64C8-5D6F Répertoire de C:\Program Files\fichiers communs 17/09/2008 18:51 <REP> . 17/09/2008 18:51 <REP> .. 28/07/2008 22:05 <REP> Adobe 01/09/2007 10:44 <REP> AOL 14/01/2005 15:16 <REP> aolback 01/09/2007 10:41 <REP> aolshare 03/09/2007 12:00 <REP> Apple 13/01/2005 16:05 <REP> Hewlett-Packard 13/01/2005 16:00 <REP> HP 13/01/2005 15:37 <REP> InstallShield 28/07/2008 21:30 <REP> Java 13/01/2008 15:24 <REP> Logitech 13/08/2008 15:04 <REP> Microsoft Shared 13/01/2005 15:15 <REP> MSSoap 14/01/2005 15:15 <REP> Nullsoft 23/12/2005 17:58 <REP> PocketSoft 27/06/2008 09:37 <REP> Pumatech Shared 14/01/2005 15:15 <REP> Real 27/06/2008 09:35 <REP> Research In Motion 14/12/2005 15:39 <REP> Scanner 13/01/2005 15:15 <REP> Services 13/01/2005 15:52 <REP> Sonic 14/01/2005 00:31 <REP> SpeechEngines 13/01/2005 15:51 <REP> SureThing Shared 28/06/2008 18:20 <REP> Symantec Shared 15/05/2008 09:41 <REP> System 08/06/2008 15:16 <REP> Teleca Shared 0 fichier(s) 0 octets 27 Rép(s) 6 514 892 800 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 64C8-5D6F Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 13/01/2005 15:28 <REP> . 13/01/2005 15:28 <REP> .. 18/05/2001 16:57 561 209 MSONSEXT.DLL 03/06/1999 13:09 122 937 MSOWS409.DLL 07/03/2001 08:00 127 033 MSOWS40c.DLL 3 fichier(s) 811 179 octets 2 Rép(s) 6 514 892 800 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 64C8-5D6F Répertoire de C:\Program Files\common files 27/06/2008 09:36 <REP> . 27/06/2008 09:36 <REP> .. 28/06/2008 13:39 <REP> Pumatech Shared 25/12/2006 12:00 <REP> Scanner 0 fichier(s) 0 octets 4 Rép(s) 6 514 892 800 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 64C8-5D6F Répertoire de C:\ 25/03/2002 09:52 644 976 BootVis.exe 24/05/2001 13:59 162 304 UNWISE.EXE 2 fichier(s) 807 280 octets 0 Rép(s) 6 514 892 800 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 64C8-5D6F Répertoire de C:\ c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\PPClean.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\afixinst.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\afixlang.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\afixlang_fr.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\alsetup.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\CCUInst.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\cculang.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\cculang_fr.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\iphinst.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\muinst.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\ocpinst.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\postproc.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\setup.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\sminstlp.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\sminstlp_fr.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\stmninst.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\tbsetup.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\waol-fr-0.4327.47.1.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\acs\acssetup.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\afix\afixinst.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\afix\afixlang.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\afix\afixlang_fr.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\afix\WinsockFix.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\afix\wsfinst.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\aolload\alsetup.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\flash\flash9ex.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\muinst\muinst.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\ocp\ocpgc.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\ocp\ocpinst.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\parcon\AOLParconLink.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\sm\sminstlp.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\sm\stmninst.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\sysinfo\SinfInst.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\tb\tbsetup.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\toolbar\toolbar.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\tpspd\wbsetup.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\vwpt\VPPrePop.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\vwpt\Vwpt.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer\Installer Cache\iTunes 7.7.1.11\SetupAdmin.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\EmailNotifier\EmailNotifier.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\nokia_pc_suite_6_84_10_3_fre_web.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\Megaupload\Megauper.exe c:\Documents and Settings\All Users.WINDOWS\Application Data\Spyware Terminator\sp_rsdel.exe c:\Documents and Settings\All Users.WINDOWS\Bureau\Kaspersky Lab Tool1\minst.exe c:\Documents and Settings\All Users.WINDOWS\Bureau\Kaspersky Lab Tool1\setup_7.0.0.180_24.04.2008_22-25.exe c:\Documents and Settings\All Users.WINDOWS\Bureau\Kaspersky Lab Tool1\unins000.exe c:\Documents and Settings\Josselin\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr710_fr_FR.exe c:\Documents and Settings\Josselin\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe c:\Documents and Settings\Josselin\Application Data\Microsoft\Installer\{370C2797-8D14-4A13-BED1-0F417B7C0680}\_16496df1.exe c:\Documents and Settings\Josselin\Application Data\Microsoft\Installer\{370C2797-8D14-4A13-BED1-0F417B7C0680}\_2cd672ae.exe c:\Documents and Settings\Josselin\Application Data\Microsoft\Installer\{370C2797-8D14-4A13-BED1-0F417B7C0680}\_69525f90.exe c:\Documents and Settings\Josselin\Application Data\ubi.com\Core\cabarc.exe c:\Documents and Settings\Josselin\Application Data\ubi.com\Core\GLPatcher2.exe c:\Documents and Settings\Josselin\Bureau\ewido_micro.exe c:\Documents and Settings\Josselin\Bureau\HJTInstall.exe c:\Documents and Settings\Josselin\Bureau\LopSD.exe c:\Documents and Settings\Josselin\Bureau\mbam-setup.exe c:\Documents and Settings\Josselin\Bureau\SpywareTerminatorSetup.exe c:\Documents and Settings\Josselin\Bureau\windows-kb890830-v2.2.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\catchme.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\dumphive.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\find2.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\gzip.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\KProcCheck.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\md5sums.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\sigcheck.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\Josselin\Bureau\DiagHelp\DiagHelp\tar.exe c:\Documents and Settings\Josselin\Bureau\Raccourcis Bureau non utilisés\P2K_Easy_Tool_v39.exe c:\Documents and Settings\Josselin\Bureau\Raccourcis Bureau non utilisés\setup_7.0.0.180_24.04.2008_22-25.exe c:\Documents and Settings\Josselin\Local Settings\Temp\MsgPlusUninstall.exe c:\Documents and Settings\Josselin\Local Settings\Temporary Internet Files\Content.IE5\SHYORFTP\MsgPlusLive-470[1].exe c:\Documents and Settings\Josselin\Mes documents\Nouveau dossier\RUNDLL32.EXE-2A0169F6 a c:\Documents and Settings\Josselin\Mes documents\VISAR\gp900\RUNTIME.EXE c:\Documents and Settings\Josselin\Mes documents\Wookie\INSTALL.EXE c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\CCNdInst.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\gui.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\instph.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\instSup.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\ocfcheck.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\ocpchk.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\ProgUpd.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite_fr_1.1.17.1\tbinst.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\afix\ocfcheck.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\afix\wsfixchk.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\ocp\instSup.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\ocp\ocpchk.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\sysinfo\SiNdInst.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\tb\tbinst.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\toolbar\aoltbchk.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\tpspd\Dacldll.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\tpspd\tsverchk.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\AOL Downloads\waol_fr\0.4327.47.1\comps\vwpt\AOLVPChk.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aecore.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeemu.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aegen.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aehelp.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeheur.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeoffice.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aepack.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aerdl.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescn.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescript.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aevdf.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\EmailNotifier\EmailNotifierAPI.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\Josselin\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\Josselin\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll c:\Documents and Settings\Josselin\Application Data\ubi.com\Core\artpclnt.dll c:\Documents and Settings\Josselin\Application Data\ubi.com\Core\Patchw32.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_JOSSELIN-703236.tar.gz a l'adresse http://upload.malekal.com

depuis Lop S&D.

bonjour, le logiciel n'a rien trouvé. est ce normal que internet explorer ne souvre plus sur l'autre ordinateur??? enfin voila le rapport. encore merci... Malwarebytes' Anti-Malware 1.28 Version de la base de données: 1181 Windows 5.1.2600 Service Pack 3 20/09/2008 22:39:16 mbam-log-2008-09-20 (22-39-16).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 150773 Temps écoulé: 1 hour(s), 33 minute(s), 25 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

voila Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:01:54, on 20/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Documents and Settings\All Users.WINDOWS\Bureau\Kaspersky Lab Tool\setup_7.0.0.180_24.04.2008_22-25.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe C:\WINDOWS\System32\dmadmin.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\system32\hphmon05.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\cmd.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\cmd.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint2K\Apoint.exe" O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe" O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\Josselin\LOCALS~1\Temp\MsgPlusUninst.bat" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/...trolLite_EN.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1168171833640 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://orange.securitoo.com/ols/fscax.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\WINDOWS\System32\FTRTSVC.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: setup_7.0.0.180_24.04.2008_22-25 - Kaspersky Lab - C:\Documents and Settings\All Users.WINDOWS\Bureau\Kaspersky Lab Tool\setup_7.0.0.180_24.04.2008_22-25.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe -- End of file - 9981 bytes --------------------\\ Lop S&D 4.2.4-3 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP Processor 2800+ ) BIOS : Ver 1.00PARTTBL USER : Josselin ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated) C:\ (Local Disk) - NTFS - Total : 37 Go Free : 5 Go D:\ (CD or DVD) "C:\Lop SD" ( MAJ : 14-09-2008|22:40 ) Option : [1] ( 20/09/2008|12:01 ) --------------------\\ Listing des dossiers dans APPLIC~1 [13/01/2005|15:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [28/06/2008|13:25] C:\DOCUME~1\ADMINI~1.JOS\APPLIC~1\Microsoft [14/12/2005|14:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL [14/01/2005|00:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [28/07/2008|22:06] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe [01/09/2007|10:35] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL [21/08/2007|13:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL Downloads [03/09/2007|12:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple [03/09/2007|12:01] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer [28/06/2008|13:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avg8(2) [02/07/2008|16:04] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira [13/08/2008|18:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\BVRP Software [02/07/2008|15:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\CA [22/12/2006|20:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\DVD Shrink [13/08/2008|14:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\EmailNotifier [06/06/2005|12:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\hpqwmi [12/09/2007|20:22] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Installations [30/05/2008|21:30] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft [21/08/2007|13:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Macromedia [01/05/2008|07:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Malwarebytes [26/12/2007|11:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Maxtor [20/09/2007|19:51] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\McAfee.com [13/08/2008|14:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Megaupload [20/09/2008|11:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus! [16/05/2008|22:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft [12/09/2007|20:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Nokia [12/09/2007|20:30] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\PC Suite [21/09/2005|13:06] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime [18/09/2008|10:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy [19/09/2008|05:56] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spyware Terminator [18/09/2008|09:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP [11/01/2006|15:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage [02/03/2008|20:22] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller [20/09/2007|21:56] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! [28/06/2008|13:26] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion(2) [14/01/2005|00:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [13/01/2005|15:18] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft [19/09/2008|20:33] C:\DOCUME~1\Josselin\APPLIC~1\Adobe [28/07/2008|21:59] C:\DOCUME~1\Josselin\APPLIC~1\AdobeUM [01/09/2007|10:35] C:\DOCUME~1\Josselin\APPLIC~1\AOL [12/04/2008|11:25] C:\DOCUME~1\Josselin\APPLIC~1\Apple Computer [14/08/2005|11:15] C:\DOCUME~1\Josselin\APPLIC~1\ArcSoft [27/06/2008|10:20] C:\DOCUME~1\Josselin\APPLIC~1\Auslogics [07/01/2007|14:04] C:\DOCUME~1\Josselin\APPLIC~1\Common Files [13/08/2008|14:12] C:\DOCUME~1\Josselin\APPLIC~1\EmailNotifier [28/01/2007|12:23] C:\DOCUME~1\Josselin\APPLIC~1\EoRezo [20/09/2007|21:47] C:\DOCUME~1\Josselin\APPLIC~1\F-Secure [26/12/2007|17:05] C:\DOCUME~1\Josselin\APPLIC~1\GetRightToGo [02/12/2005|23:03] C:\DOCUME~1\Josselin\APPLIC~1\Google [22/02/2005|11:51] C:\DOCUME~1\Josselin\APPLIC~1\Help [07/01/2007|14:03] C:\DOCUME~1\Josselin\APPLIC~1\HP [13/01/2005|15:27] C:\DOCUME~1\Josselin\APPLIC~1\Identities [01/02/2005|22:49] C:\DOCUME~1\Josselin\APPLIC~1\InterVideo [20/09/2007|20:14] C:\DOCUME~1\Josselin\APPLIC~1\ispnews [23/01/2005|01:10] C:\DOCUME~1\Josselin\APPLIC~1\Macromedia [01/05/2008|07:42] C:\DOCUME~1\Josselin\APPLIC~1\Malwarebytes [20/08/2007|09:43] C:\DOCUME~1\Josselin\APPLIC~1\Media Player Classic [07/06/2008|22:36] C:\DOCUME~1\Josselin\APPLIC~1\Megaupload [28/06/2008|13:12] C:\DOCUME~1\Josselin\APPLIC~1\Microsoft [12/09/2007|20:24] C:\DOCUME~1\Josselin\APPLIC~1\Nokia [12/09/2007|20:32] C:\DOCUME~1\Josselin\APPLIC~1\PC Suite [24/04/2008|12:32] C:\DOCUME~1\Josselin\APPLIC~1\PC Tools [20/09/2007|20:32] C:\DOCUME~1\Josselin\APPLIC~1\PEX [18/10/2007|20:54] C:\DOCUME~1\Josselin\APPLIC~1\Research In Motion [19/09/2007|21:51] C:\DOCUME~1\Josselin\APPLIC~1\Samsung [14/03/2007|15:24] C:\DOCUME~1\Josselin\APPLIC~1\Screenshot Sender [28/06/2007|22:52] C:\DOCUME~1\Josselin\APPLIC~1\Skype [13/01/2005|15:52] C:\DOCUME~1\Josselin\APPLIC~1\Sonic [11/04/2008|17:35] C:\DOCUME~1\Josselin\APPLIC~1\Sony Ericsson [18/09/2008|23:03] C:\DOCUME~1\Josselin\APPLIC~1\Spyware Terminator [13/01/2005|15:54] C:\DOCUME~1\Josselin\APPLIC~1\Sun [24/04/2008|13:44] C:\DOCUME~1\Josselin\APPLIC~1\Sunbelt Software [11/04/2008|17:37] C:\DOCUME~1\Josselin\APPLIC~1\Teleca [18/02/2005|13:11] C:\DOCUME~1\Josselin\APPLIC~1\Template [28/12/2005|22:38] C:\DOCUME~1\Josselin\APPLIC~1\ubi.com [03/04/2005|14:55] C:\DOCUME~1\Josselin\APPLIC~1\WholeSecurity [14/01/2005|15:16] C:\DOCUME~1\Josselin\APPLIC~1\You've Got Pictures Screensaver [17/09/2008|22:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [17/09/2008|22:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM [15/09/2005|19:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia [28/06/2008|13:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [28/06/2008|13:25] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [28/08/2008 12:45][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [10/09/2008 19:20][--a------] C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job [23/04/2008 19:20][--a------] C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job [20/09/2008 09:26][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ MsgPlus SPONSOR INSTALLED ! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin] "SponsorInstalled"=dword:00000000 --------------------\\ Listing des dossiers dans C:\Program Files [15/03/2006|18:12] C:\Program Files\Adobe [13/01/2005|15:37] C:\Program Files\AMD [13/01/2005|15:33] C:\Program Files\Analog Devices [02/07/2008|14:33] C:\Program Files\AntivirusFirewall [17/05/2008|16:02] C:\Program Files\Anuman Interactive [24/04/2008|08:52] C:\Program Files\Apoint2K [28/08/2008|12:45] C:\Program Files\Apple Software Update [31/05/2008|14:25] C:\Program Files\ArcSoft [02/07/2008|13:52] C:\Program Files\Ascentive [27/06/2008|10:20] C:\Program Files\Auslogics [13/08/2008|15:06] C:\Program Files\Avanquest update [02/07/2008|16:04] C:\Program Files\Avira [24/11/2006|14:26] C:\Program Files\BG Zip 2002 [28/08/2008|12:34] C:\Program Files\Bonjour [06/01/2007|14:10] C:\Program Files\Borland [02/07/2008|15:32] C:\Program Files\CA [30/06/2008|20:46] C:\Program Files\Capturino 1.4 [29/08/2008|08:41] C:\Program Files\CCleaner [11/11/2007|17:40] C:\Program Files\CodeStuff [27/06/2008|09:36] C:\Program Files\Common Files [24/04/2008|12:32] C:\Program Files\Datel [13/12/2006|21:01] C:\Program Files\DID [12/09/2007|20:23] C:\Program Files\DIFX [11/09/2008|22:03] C:\Program Files\eMule [28/01/2007|12:23] C:\Program Files\eoRezo [17/09/2008|18:51] C:\Program Files\Fichiers communs [02/07/2008|09:16] C:\Program Files\FlasKMPEG_594h [08/09/2008|13:30] C:\Program Files\Google [13/01/2006|21:03] C:\Program Files\Hewlett-Packard [18/10/2007|22:39] C:\Program Files\HP [18/10/2007|22:39] C:\Program Files\HPQ [27/08/2008|12:28] C:\Program Files\InstallShield Installation Information [05/12/2005|19:55] C:\Program Files\InterActual [20/09/2008|10:40] C:\Program Files\Internet Explorer [16/09/2008|09:55] C:\Program Files\internetmeet [28/08/2008|12:38] C:\Program Files\iPod [28/08/2008|12:38] C:\Program Files\iTunes [28/07/2008|21:32] C:\Program Files\Java [20/08/2007|09:41] C:\Program Files\K-Lite Codec Pack [30/05/2008|21:30] C:\Program Files\Lavasoft [14/01/2005|15:16] C:\Program Files\Learn2.com [20/12/2006|21:20] C:\Program Files\LizardTech [27/06/2008|09:45] C:\Program Files\Logitech [28/07/2008|22:14] C:\Program Files\Malwarebytes' Anti-Malware [26/12/2007|10:49] C:\Program Files\Maxtor [14/08/2008|22:57] C:\Program Files\Messenger [20/09/2008|09:08] C:\Program Files\Messenger Plus! Live [12/05/2008|21:15] C:\Program Files\Microsoft Baseline Security Analyzer 2 [26/04/2008|13:33] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [13/01/2005|15:19] C:\Program Files\microsoft frontpage [25/12/2006|15:14] C:\Program Files\Microsoft Games [03/01/2006|22:50] C:\Program Files\Microsoft Office [18/02/2005|13:09] C:\Program Files\Microsoft Works [15/12/2006|14:23] C:\Program Files\Mindscape [20/08/2008|16:56] C:\Program Files\Mio Technology [22/08/2008|15:05] C:\Program Files\Motorola [13/08/2008|15:06] C:\Program Files\Motorola Phone Tools [15/05/2008|09:47] C:\Program Files\Movie Maker [13/01/2005|15:12] C:\Program Files\MSN [29/11/2006|17:36] C:\Program Files\MSN Apps [13/01/2005|15:12] C:\Program Files\MSN Gaming Zone [20/09/2008|09:04] C:\Program Files\MSN Messenger [26/12/2007|10:48] C:\Program Files\MSXML 6.0 [15/05/2008|09:42] C:\Program Files\NetMeeting [28/06/2008|13:29] C:\Program Files\Norton Internet Security [14/02/2007|20:01] C:\Program Files\Online Services [15/05/2008|09:42] C:\Program Files\Outlook Express [13/01/2006|23:22] C:\Program Files\Overland [28/07/2008|21:34] C:\Program Files\Panda Security [08/09/2008|13:16] C:\Program Files\PhotoFiltre Studio [08/09/2008|13:31] C:\Program Files\Picasa2 [10/07/2008|14:02] C:\Program Files\Proxomitron Naoko v4.5 [28/08/2008|12:34] C:\Program Files\QuickTime [14/01/2005|15:15] C:\Program Files\Real [13/01/2005|15:51] C:\Program Files\RecordNow! [07/06/2008|17:10] C:\Program Files\Registry Easy [18/10/2007|21:54] C:\Program Files\Research In Motion [28/08/2008|12:17] C:\Program Files\Safari [13/09/2007|20:35] C:\Program Files\Samsung [01/09/2007|10:56] C:\Program Files\Securitoo [13/01/2005|15:16] C:\Program Files\Services en ligne [13/01/2005|15:51] C:\Program Files\Sonic [28/07/2008|22:44] C:\Program Files\Spybot - Search & Destroy [19/09/2008|05:56] C:\Program Files\Spyware Terminator [28/07/2008|22:33] C:\Program Files\SpywareBlaster [24/04/2008|12:32] C:\Program Files\SRBR_LMR [26/01/2005|18:12] C:\Program Files\Tcl [20/09/2007|21:44] C:\Program Files\Toshiba [19/09/2008|18:57] C:\Program Files\Trend Micro [28/12/2005|22:42] C:\Program Files\ubi.com [07/01/2007|12:41] C:\Program Files\WIDCOMM [18/09/2008|23:04] C:\Program Files\WinClamAVShield [02/03/2008|20:23] C:\Program Files\Windows Live [13/01/2008|15:22] C:\Program Files\Windows Media Components [03/08/2007|13:10] C:\Program Files\Windows Media Connect 2 [15/05/2008|10:07] C:\Program Files\Windows Media Player [15/05/2008|09:42] C:\Program Files\Windows NT [30/06/2008|13:50] C:\Program Files\WinRAR [24/11/2006|10:11] C:\Program Files\WinZip [13/01/2005|15:19] C:\Program Files\xerox [30/08/2008|12:30] C:\Program Files\Yahoo! [17/07/2008|19:02] C:\Program Files\Zone Labs --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [28/07/2008|22:05] C:\Program Files\Fichiers communs\Adobe [01/09/2007|10:44] C:\Program Files\Fichiers communs\AOL [14/01/2005|15:16] C:\Program Files\Fichiers communs\aolback [01/09/2007|10:41] C:\Program Files\Fichiers communs\aolshare [03/09/2007|12:00] C:\Program Files\Fichiers communs\Apple [13/01/2005|16:05] C:\Program Files\Fichiers communs\Hewlett-Packard [13/01/2005|16:00] C:\Program Files\Fichiers communs\HP [13/01/2005|15:37] C:\Program Files\Fichiers communs\InstallShield [28/07/2008|21:30] C:\Program Files\Fichiers communs\Java [13/01/2008|15:24] C:\Program Files\Fichiers communs\Logitech [13/08/2008|15:04] C:\Program Files\Fichiers communs\Microsoft Shared [13/01/2005|15:15] C:\Program Files\Fichiers communs\MSSoap [14/01/2005|15:15] C:\Program Files\Fichiers communs\Nullsoft [23/12/2005|17:58] C:\Program Files\Fichiers communs\PocketSoft [27/06/2008|09:37] C:\Program Files\Fichiers communs\Pumatech Shared [14/01/2005|15:15] C:\Program Files\Fichiers communs\Real [27/06/2008|09:35] C:\Program Files\Fichiers communs\Research In Motion [14/12/2005|15:39] C:\Program Files\Fichiers communs\Scanner [13/01/2005|15:15] C:\Program Files\Fichiers communs\Services [13/01/2005|15:52] C:\Program Files\Fichiers communs\Sonic [14/01/2005|00:31] C:\Program Files\Fichiers communs\SpeechEngines [13/01/2005|15:51] C:\Program Files\Fichiers communs\SureThing Shared [28/06/2008|18:20] C:\Program Files\Fichiers communs\Symantec Shared [15/05/2008|09:41] C:\Program Files\Fichiers communs\System [08/06/2008|15:16] C:\Program Files\Fichiers communs\Teleca Shared [02/03/2008|20:23] C:\Program Files\Fichiers communs\WindowsLiveInstaller --------------------\\ Process ( 49 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\Program Files\intern~1 C:\Program Files\intern~1\Connection Wizard C:\Program Files\intern~1\hmmapi.dll C:\Program Files\intern~1\iedw.exe C:\Program Files\intern~1\iexplore.exe --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-20 12:08:01 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:36][D:3]-> C:\DOCUME~1\Josselin\LOCALS~1\Temp [F:128][D:0]-> C:\DOCUME~1\Josselin\Cookies [F:7194][D:8]-> C:\DOCUME~1\Josselin\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 19/09/2008|21:40 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 20/09/2008| 9:24 - Option : [2] 3 - "C:\Lop SD\LopR_3.txt" - 20/09/2008|10:52 - Option : [2] 4 - "C:\Lop SD\LopR_4.txt" - 20/09/2008|12:12 - Option : [1] --------------------\\ Fin du rapport a 12:12:44 merci

bonjour, j'ai gagné je n'arrive plus a ouvir internet explorer enfin bon heureusement j'ai un bon ami. voila le rapport malgré tout merci de m'aider pour mes 2 problèmes. --------------------\\ Lop S&D 4.2.4-3 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP Processor 2800+ ) BIOS : Ver 1.00PARTTBL USER : Josselin ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated) C:\ (Local Disk) - NTFS - Total : 37 Go Free : 5 Go D:\ (CD or DVD) "C:\Lop SD" ( MAJ : 14-09-2008|22:40 ) Option : [2] ( 20/09/2008|10:39 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Echec ! - C:\Program Files\intern~1\Connection Wizard Supprime! - C:\Program Files\intern~1\hmmapi.dll Supprime! - C:\Program Files\intern~1\iedw.exe Supprime! - C:\Program Files\intern~1\iexplore.exe Supprime! - C:\DOCUME~1\Josselin\Cookies\josselin@adopt.euroclick[1].txt Echec ! - C:\Program Files\intern~1 \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE Echec ! - C:\Program Files\intern~1\Connection Wizard Supprime! - C:\Program Files\intern~1\hmmapi.dll Supprime! - C:\Program Files\intern~1\iedw.exe Supprime! - C:\Program Files\intern~1\iexplore.exe Echec ! - C:\Program Files\intern~1 \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [13/01/2005|15:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [28/06/2008|13:25] C:\DOCUME~1\ADMINI~1.JOS\APPLIC~1\Microsoft [14/12/2005|14:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL [14/01/2005|00:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [28/07/2008|22:06] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe [01/09/2007|10:35] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL [21/08/2007|13:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL Downloads [03/09/2007|12:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple [03/09/2007|12:01] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer [28/06/2008|13:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avg8(2) [02/07/2008|16:04] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira [13/08/2008|18:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\BVRP Software [02/07/2008|15:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\CA [22/12/2006|20:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\DVD Shrink [13/08/2008|14:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\EmailNotifier [06/06/2005|12:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\hpqwmi [12/09/2007|20:22] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Installations [30/05/2008|21:30] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft [21/08/2007|13:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Macromedia [01/05/2008|07:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Malwarebytes [26/12/2007|11:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Maxtor [20/09/2007|19:51] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\McAfee.com [13/08/2008|14:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Megaupload [16/05/2008|22:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft [12/09/2007|20:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Nokia [12/09/2007|20:30] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\PC Suite [21/09/2005|13:06] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime [18/09/2008|10:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy [19/09/2008|05:56] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spyware Terminator [18/09/2008|09:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP [11/01/2006|15:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage [02/03/2008|20:22] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller [20/09/2007|21:56] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! [28/06/2008|13:26] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion(2) [14/01/2005|00:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [13/01/2005|15:18] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft [19/09/2008|20:33] C:\DOCUME~1\Josselin\APPLIC~1\Adobe [28/07/2008|21:59] C:\DOCUME~1\Josselin\APPLIC~1\AdobeUM [01/09/2007|10:35] C:\DOCUME~1\Josselin\APPLIC~1\AOL [12/04/2008|11:25] C:\DOCUME~1\Josselin\APPLIC~1\Apple Computer [14/08/2005|11:15] C:\DOCUME~1\Josselin\APPLIC~1\ArcSoft [27/06/2008|10:20] C:\DOCUME~1\Josselin\APPLIC~1\Auslogics [07/01/2007|14:04] C:\DOCUME~1\Josselin\APPLIC~1\Common Files [13/08/2008|14:12] C:\DOCUME~1\Josselin\APPLIC~1\EmailNotifier [28/01/2007|12:23] C:\DOCUME~1\Josselin\APPLIC~1\EoRezo [20/09/2007|21:47] C:\DOCUME~1\Josselin\APPLIC~1\F-Secure [26/12/2007|17:05] C:\DOCUME~1\Josselin\APPLIC~1\GetRightToGo [02/12/2005|23:03] C:\DOCUME~1\Josselin\APPLIC~1\Google [22/02/2005|11:51] C:\DOCUME~1\Josselin\APPLIC~1\Help [07/01/2007|14:03] C:\DOCUME~1\Josselin\APPLIC~1\HP [13/01/2005|15:27] C:\DOCUME~1\Josselin\APPLIC~1\Identities [01/02/2005|22:49] C:\DOCUME~1\Josselin\APPLIC~1\InterVideo [20/09/2007|20:14] C:\DOCUME~1\Josselin\APPLIC~1\ispnews [23/01/2005|01:10] C:\DOCUME~1\Josselin\APPLIC~1\Macromedia [01/05/2008|07:42] C:\DOCUME~1\Josselin\APPLIC~1\Malwarebytes [20/08/2007|09:43] C:\DOCUME~1\Josselin\APPLIC~1\Media Player Classic [07/06/2008|22:36] C:\DOCUME~1\Josselin\APPLIC~1\Megaupload [28/06/2008|13:12] C:\DOCUME~1\Josselin\APPLIC~1\Microsoft [12/09/2007|20:24] C:\DOCUME~1\Josselin\APPLIC~1\Nokia [12/09/2007|20:32] C:\DOCUME~1\Josselin\APPLIC~1\PC Suite [24/04/2008|12:32] C:\DOCUME~1\Josselin\APPLIC~1\PC Tools [20/09/2007|20:32] C:\DOCUME~1\Josselin\APPLIC~1\PEX [18/10/2007|20:54] C:\DOCUME~1\Josselin\APPLIC~1\Research In Motion [19/09/2007|21:51] C:\DOCUME~1\Josselin\APPLIC~1\Samsung [14/03/2007|15:24] C:\DOCUME~1\Josselin\APPLIC~1\Screenshot Sender [28/06/2007|22:52] C:\DOCUME~1\Josselin\APPLIC~1\Skype [13/01/2005|15:52] C:\DOCUME~1\Josselin\APPLIC~1\Sonic [11/04/2008|17:35] C:\DOCUME~1\Josselin\APPLIC~1\Sony Ericsson [18/09/2008|23:03] C:\DOCUME~1\Josselin\APPLIC~1\Spyware Terminator [13/01/2005|15:54] C:\DOCUME~1\Josselin\APPLIC~1\Sun [24/04/2008|13:44] C:\DOCUME~1\Josselin\APPLIC~1\Sunbelt Software [11/04/2008|17:37] C:\DOCUME~1\Josselin\APPLIC~1\Teleca [18/02/2005|13:11] C:\DOCUME~1\Josselin\APPLIC~1\Template [28/12/2005|22:38] C:\DOCUME~1\Josselin\APPLIC~1\ubi.com [03/04/2005|14:55] C:\DOCUME~1\Josselin\APPLIC~1\WholeSecurity [14/01/2005|15:16] C:\DOCUME~1\Josselin\APPLIC~1\You've Got Pictures Screensaver [17/09/2008|22:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [17/09/2008|22:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM [15/09/2005|19:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia [28/06/2008|13:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [28/06/2008|13:25] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [28/08/2008 12:45][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [10/09/2008 19:20][--a------] C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job [23/04/2008 19:20][--a------] C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job [20/09/2008 09:26][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ MsgPlus SPONSOR INSTALLED ! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin] "SponsorInstalled"=dword:00000000 --------------------\\ Listing des dossiers dans C:\Program Files [15/03/2006|18:12] C:\Program Files\Adobe [13/01/2005|15:37] C:\Program Files\AMD [13/01/2005|15:33] C:\Program Files\Analog Devices [02/07/2008|14:33] C:\Program Files\AntivirusFirewall [17/05/2008|16:02] C:\Program Files\Anuman Interactive [24/04/2008|08:52] C:\Program Files\Apoint2K [28/08/2008|12:45] C:\Program Files\Apple Software Update [31/05/2008|14:25] C:\Program Files\ArcSoft [02/07/2008|13:52] C:\Program Files\Ascentive [27/06/2008|10:20] C:\Program Files\Auslogics [13/08/2008|15:06] C:\Program Files\Avanquest update [02/07/2008|16:04] C:\Program Files\Avira [24/11/2006|14:26] C:\Program Files\BG Zip 2002 [28/08/2008|12:34] C:\Program Files\Bonjour [06/01/2007|14:10] C:\Program Files\Borland [02/07/2008|15:32] C:\Program Files\CA [30/06/2008|20:46] C:\Program Files\Capturino 1.4 [29/08/2008|08:41] C:\Program Files\CCleaner [11/11/2007|17:40] C:\Program Files\CodeStuff [27/06/2008|09:36] C:\Program Files\Common Files [24/04/2008|12:32] C:\Program Files\Datel [13/12/2006|21:01] C:\Program Files\DID [12/09/2007|20:23] C:\Program Files\DIFX [11/09/2008|22:03] C:\Program Files\eMule [28/01/2007|12:23] C:\Program Files\eoRezo [17/09/2008|18:51] C:\Program Files\Fichiers communs [02/07/2008|09:16] C:\Program Files\FlasKMPEG_594h [08/09/2008|13:30] C:\Program Files\Google [13/01/2006|21:03] C:\Program Files\Hewlett-Packard [18/10/2007|22:39] C:\Program Files\HP [18/10/2007|22:39] C:\Program Files\HPQ [27/08/2008|12:28] C:\Program Files\InstallShield Installation Information [05/12/2005|19:55] C:\Program Files\InterActual [20/09/2008|10:40] C:\Program Files\Internet Explorer [16/09/2008|09:55] C:\Program Files\internetmeet [28/08/2008|12:38] C:\Program Files\iPod [28/08/2008|12:38] C:\Program Files\iTunes [28/07/2008|21:32] C:\Program Files\Java [20/08/2007|09:41] C:\Program Files\K-Lite Codec Pack [30/05/2008|21:30] C:\Program Files\Lavasoft [14/01/2005|15:16] C:\Program Files\Learn2.com [20/12/2006|21:20] C:\Program Files\LizardTech [27/06/2008|09:45] C:\Program Files\Logitech [28/07/2008|22:14] C:\Program Files\Malwarebytes' Anti-Malware [26/12/2007|10:49] C:\Program Files\Maxtor [14/08/2008|22:57] C:\Program Files\Messenger [20/09/2008|09:08] C:\Program Files\Messenger Plus! Live [12/05/2008|21:15] C:\Program Files\Microsoft Baseline Security Analyzer 2 [26/04/2008|13:33] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [13/01/2005|15:19] C:\Program Files\microsoft frontpage [25/12/2006|15:14] C:\Program Files\Microsoft Games [03/01/2006|22:50] C:\Program Files\Microsoft Office [18/02/2005|13:09] C:\Program Files\Microsoft Works [15/12/2006|14:23] C:\Program Files\Mindscape [20/08/2008|16:56] C:\Program Files\Mio Technology [22/08/2008|15:05] C:\Program Files\Motorola [13/08/2008|15:06] C:\Program Files\Motorola Phone Tools [15/05/2008|09:47] C:\Program Files\Movie Maker [13/01/2005|15:12] C:\Program Files\MSN [29/11/2006|17:36] C:\Program Files\MSN Apps [13/01/2005|15:12] C:\Program Files\MSN Gaming Zone [20/09/2008|09:04] C:\Program Files\MSN Messenger [26/12/2007|10:48] C:\Program Files\MSXML 6.0 [15/05/2008|09:42] C:\Program Files\NetMeeting [28/06/2008|13:29] C:\Program Files\Norton Internet Security [14/02/2007|20:01] C:\Program Files\Online Services [15/05/2008|09:42] C:\Program Files\Outlook Express [13/01/2006|23:22] C:\Program Files\Overland [28/07/2008|21:34] C:\Program Files\Panda Security [08/09/2008|13:16] C:\Program Files\PhotoFiltre Studio [08/09/2008|13:31] C:\Program Files\Picasa2 [10/07/2008|14:02] C:\Program Files\Proxomitron Naoko v4.5 [28/08/2008|12:34] C:\Program Files\QuickTime [14/01/2005|15:15] C:\Program Files\Real [13/01/2005|15:51] C:\Program Files\RecordNow! [07/06/2008|17:10] C:\Program Files\Registry Easy [18/10/2007|21:54] C:\Program Files\Research In Motion [28/08/2008|12:17] C:\Program Files\Safari [13/09/2007|20:35] C:\Program Files\Samsung [01/09/2007|10:56] C:\Program Files\Securitoo [13/01/2005|15:16] C:\Program Files\Services en ligne [13/01/2005|15:51] C:\Program Files\Sonic [28/07/2008|22:44] C:\Program Files\Spybot - Search & Destroy [19/09/2008|05:56] C:\Program Files\Spyware Terminator [28/07/2008|22:33] C:\Program Files\SpywareBlaster [24/04/2008|12:32] C:\Program Files\SRBR_LMR [26/01/2005|18:12] C:\Program Files\Tcl [20/09/2007|21:44] C:\Program Files\Toshiba [19/09/2008|18:57] C:\Program Files\Trend Micro [28/12/2005|22:42] C:\Program Files\ubi.com [07/01/2007|12:41] C:\Program Files\WIDCOMM [18/09/2008|23:04] C:\Program Files\WinClamAVShield [02/03/2008|20:23] C:\Program Files\Windows Live [13/01/2008|15:22] C:\Program Files\Windows Media Components [03/08/2007|13:10] C:\Program Files\Windows Media Connect 2 [15/05/2008|10:07] C:\Program Files\Windows Media Player [15/05/2008|09:42] C:\Program Files\Windows NT [30/06/2008|13:50] C:\Program Files\WinRAR [24/11/2006|10:11] C:\Program Files\WinZip [13/01/2005|15:19] C:\Program Files\xerox [30/08/2008|12:30] C:\Program Files\Yahoo! [17/07/2008|19:02] C:\Program Files\Zone Labs --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [28/07/2008|22:05] C:\Program Files\Fichiers communs\Adobe [01/09/2007|10:44] C:\Program Files\Fichiers communs\AOL [14/01/2005|15:16] C:\Program Files\Fichiers communs\aolback [01/09/2007|10:41] C:\Program Files\Fichiers communs\aolshare [03/09/2007|12:00] C:\Program Files\Fichiers communs\Apple [13/01/2005|16:05] C:\Program Files\Fichiers communs\Hewlett-Packard [13/01/2005|16:00] C:\Program Files\Fichiers communs\HP [13/01/2005|15:37] C:\Program Files\Fichiers communs\InstallShield [28/07/2008|21:30] C:\Program Files\Fichiers communs\Java [13/01/2008|15:24] C:\Program Files\Fichiers communs\Logitech [13/08/2008|15:04] C:\Program Files\Fichiers communs\Microsoft Shared [13/01/2005|15:15] C:\Program Files\Fichiers communs\MSSoap [14/01/2005|15:15] C:\Program Files\Fichiers communs\Nullsoft [23/12/2005|17:58] C:\Program Files\Fichiers communs\PocketSoft [27/06/2008|09:37] C:\Program Files\Fichiers communs\Pumatech Shared [14/01/2005|15:15] C:\Program Files\Fichiers communs\Real [27/06/2008|09:35] C:\Program Files\Fichiers communs\Research In Motion [14/12/2005|15:39] C:\Program Files\Fichiers communs\Scanner [13/01/2005|15:15] C:\Program Files\Fichiers communs\Services [13/01/2005|15:52] C:\Program Files\Fichiers communs\Sonic [14/01/2005|00:31] C:\Program Files\Fichiers communs\SpeechEngines [13/01/2005|15:51] C:\Program Files\Fichiers communs\SureThing Shared [28/06/2008|18:20] C:\Program Files\Fichiers communs\Symantec Shared [15/05/2008|09:41] C:\Program Files\Fichiers communs\System [08/06/2008|15:16] C:\Program Files\Fichiers communs\Teleca Shared [02/03/2008|20:23] C:\Program Files\Fichiers communs\WindowsLiveInstaller --------------------\\ Process ( 44 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\Program Files\intern~1 C:\Program Files\intern~1\Connection Wizard C:\Program Files\intern~1\hmmapi.dll C:\Program Files\intern~1\iedw.exe C:\Program Files\intern~1\iexplore.exe --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-20 10:46:50 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:29][D:3]-> C:\DOCUME~1\Josselin\LOCALS~1\Temp [F:128][D:0]-> C:\DOCUME~1\Josselin\Cookies [F:7192][D:8]-> C:\DOCUME~1\Josselin\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 19/09/2008|21:40 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 20/09/2008| 9:24 - Option : [2] 3 - "C:\Lop SD\LopR_3.txt" - 20/09/2008|10:52 - Option : [2] --------------------\\ Fin du rapport a 10:52:02

bonsoir encore merci de ton aide --------------------\\ Lop S&D 4.2.4-3 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP Processor 2800+ ) BIOS : Ver 1.00PARTTBL USER : Josselin ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated) C:\ (Local Disk) - NTFS - Total : 37 Go Free : 5 Go D:\ (CD or DVD) "C:\Lop SD" ( MAJ : 14-09-2008|22:40 ) Option : [1] ( 19/09/2008|21:26 ) --------------------\\ Listing des dossiers dans APPLIC~1 [13/01/2005|15:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [28/06/2008|13:25] C:\DOCUME~1\ADMINI~1.JOS\APPLIC~1\Microsoft [14/12/2005|14:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL [14/01/2005|00:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [28/07/2008|22:06] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe [01/09/2007|10:35] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL [21/08/2007|13:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL Downloads [03/09/2007|12:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple [03/09/2007|12:01] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer [28/06/2008|13:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avg8(2) [02/07/2008|16:04] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira [13/08/2008|18:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\BVRP Software [02/07/2008|15:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\CA [22/12/2006|20:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\DVD Shrink [13/08/2008|14:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\EmailNotifier [06/06/2005|12:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\hpqwmi [12/09/2007|20:22] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Installations [30/05/2008|21:30] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft [16/09/2008|09:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\LICENSE ADMIN OPTION BIB [21/08/2007|13:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Macromedia [01/05/2008|07:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Malwarebytes [26/12/2007|11:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Maxtor [20/09/2007|19:51] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\McAfee.com [13/08/2008|14:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Megaupload [20/01/2006|23:43] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus! [16/05/2008|22:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft [12/09/2007|20:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Nokia [12/09/2007|20:30] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\PC Suite [21/09/2005|13:06] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime [18/09/2008|10:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy [19/09/2008|05:56] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spyware Terminator [18/09/2008|09:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP [14/01/2005|15:15] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Viewpoint [11/01/2006|15:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage [02/03/2008|20:22] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller [20/09/2007|21:56] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! [28/06/2008|13:26] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion(2) [14/01/2005|00:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [13/01/2005|15:18] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft [19/09/2008|20:33] C:\DOCUME~1\Josselin\APPLIC~1\Adobe [28/07/2008|21:59] C:\DOCUME~1\Josselin\APPLIC~1\AdobeUM [01/09/2007|10:35] C:\DOCUME~1\Josselin\APPLIC~1\AOL [12/04/2008|11:25] C:\DOCUME~1\Josselin\APPLIC~1\Apple Computer [14/08/2005|11:15] C:\DOCUME~1\Josselin\APPLIC~1\ArcSoft [27/06/2008|10:20] C:\DOCUME~1\Josselin\APPLIC~1\Auslogics [07/01/2007|14:04] C:\DOCUME~1\Josselin\APPLIC~1\Common Files [13/08/2008|14:12] C:\DOCUME~1\Josselin\APPLIC~1\EmailNotifier [28/01/2007|12:23] C:\DOCUME~1\Josselin\APPLIC~1\EoRezo [20/09/2007|21:47] C:\DOCUME~1\Josselin\APPLIC~1\F-Secure [26/12/2007|17:05] C:\DOCUME~1\Josselin\APPLIC~1\GetRightToGo [02/12/2005|23:03] C:\DOCUME~1\Josselin\APPLIC~1\Google [22/02/2005|11:51] C:\DOCUME~1\Josselin\APPLIC~1\Help [07/01/2007|14:03] C:\DOCUME~1\Josselin\APPLIC~1\HP [13/01/2005|15:27] C:\DOCUME~1\Josselin\APPLIC~1\Identities [16/09/2008|09:55] C:\DOCUME~1\Josselin\APPLIC~1\internetmeet [01/02/2005|22:49] C:\DOCUME~1\Josselin\APPLIC~1\InterVideo [20/09/2007|20:14] C:\DOCUME~1\Josselin\APPLIC~1\ispnews [23/01/2005|01:10] C:\DOCUME~1\Josselin\APPLIC~1\Macromedia [01/05/2008|07:42] C:\DOCUME~1\Josselin\APPLIC~1\Malwarebytes [20/08/2007|09:43] C:\DOCUME~1\Josselin\APPLIC~1\Media Player Classic [07/06/2008|22:36] C:\DOCUME~1\Josselin\APPLIC~1\Megaupload [28/06/2008|13:12] C:\DOCUME~1\Josselin\APPLIC~1\Microsoft [12/09/2007|20:24] C:\DOCUME~1\Josselin\APPLIC~1\Nokia [12/09/2007|20:32] C:\DOCUME~1\Josselin\APPLIC~1\PC Suite [24/04/2008|12:32] C:\DOCUME~1\Josselin\APPLIC~1\PC Tools [20/09/2007|20:32] C:\DOCUME~1\Josselin\APPLIC~1\PEX [18/10/2007|20:54] C:\DOCUME~1\Josselin\APPLIC~1\Research In Motion [19/09/2007|21:51] C:\DOCUME~1\Josselin\APPLIC~1\Samsung [14/03/2007|15:24] C:\DOCUME~1\Josselin\APPLIC~1\Screenshot Sender [28/06/2007|22:52] C:\DOCUME~1\Josselin\APPLIC~1\Skype [13/01/2005|15:52] C:\DOCUME~1\Josselin\APPLIC~1\Sonic [11/04/2008|17:35] C:\DOCUME~1\Josselin\APPLIC~1\Sony Ericsson [18/09/2008|23:03] C:\DOCUME~1\Josselin\APPLIC~1\Spyware Terminator [13/01/2005|15:54] C:\DOCUME~1\Josselin\APPLIC~1\Sun [24/04/2008|13:44] C:\DOCUME~1\Josselin\APPLIC~1\Sunbelt Software [11/04/2008|17:37] C:\DOCUME~1\Josselin\APPLIC~1\Teleca [18/02/2005|13:11] C:\DOCUME~1\Josselin\APPLIC~1\Template [28/12/2005|22:38] C:\DOCUME~1\Josselin\APPLIC~1\ubi.com [03/04/2005|14:55] C:\DOCUME~1\Josselin\APPLIC~1\WholeSecurity [14/01/2005|15:16] C:\DOCUME~1\Josselin\APPLIC~1\You've Got Pictures Screensaver [17/09/2008|22:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [17/09/2008|22:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM [15/09/2005|19:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia [28/06/2008|13:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [28/06/2008|13:25] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [19/09/2008 21:00][--ah-----] C:\WINDOWS\tasks\A51E4EA39185C63B.job [28/08/2008 12:45][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [10/09/2008 19:20][--a------] C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job [23/04/2008 19:20][--a------] C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job [19/09/2008 17:57][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini ( A51E4EA39185C63B.job )=( c:\docume~1\josselin\applic~1\intern~1\BENDPURECITY.exe ) --------------------\\ MsgPlus SPONSOR INSTALLED ! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin] "DisplayName"="Messenger Plus! 3 & Sponsor" "SponsorInstalled"=dword:00000000 --------------------\\ Listing des dossiers dans C:\Program Files [15/03/2006|18:12] C:\Program Files\Adobe [13/01/2005|15:37] C:\Program Files\AMD [13/01/2005|15:33] C:\Program Files\Analog Devices [02/07/2008|14:33] C:\Program Files\AntivirusFirewall [17/05/2008|16:02] C:\Program Files\Anuman Interactive [24/04/2008|08:52] C:\Program Files\Apoint2K [28/08/2008|12:45] C:\Program Files\Apple Software Update [31/05/2008|14:25] C:\Program Files\ArcSoft [02/07/2008|13:52] C:\Program Files\Ascentive [27/06/2008|10:20] C:\Program Files\Auslogics [13/08/2008|15:06] C:\Program Files\Avanquest update [02/07/2008|16:04] C:\Program Files\Avira [24/11/2006|14:26] C:\Program Files\BG Zip 2002 [28/08/2008|12:34] C:\Program Files\Bonjour [06/01/2007|14:10] C:\Program Files\Borland [02/07/2008|15:32] C:\Program Files\CA [30/06/2008|20:46] C:\Program Files\Capturino 1.4 [29/08/2008|08:41] C:\Program Files\CCleaner [17/09/2008|11:56] C:\Program Files\Circle Developement [11/11/2007|17:40] C:\Program Files\CodeStuff [27/06/2008|09:36] C:\Program Files\Common Files [24/04/2008|12:32] C:\Program Files\Datel [13/12/2006|21:01] C:\Program Files\DID [12/09/2007|20:23] C:\Program Files\DIFX [11/09/2008|22:03] C:\Program Files\eMule [28/01/2007|12:23] C:\Program Files\eoRezo [17/09/2008|18:51] C:\Program Files\Fichiers communs [02/07/2008|09:16] C:\Program Files\FlasKMPEG_594h [08/09/2008|13:30] C:\Program Files\Google [13/01/2006|21:03] C:\Program Files\Hewlett-Packard [18/10/2007|22:39] C:\Program Files\HP [18/10/2007|22:39] C:\Program Files\HPQ [27/08/2008|12:28] C:\Program Files\InstallShield Installation Information [05/12/2005|19:55] C:\Program Files\InterActual [14/08/2008|22:59] C:\Program Files\Internet Explorer [16/09/2008|09:55] C:\Program Files\internetmeet [28/08/2008|12:38] C:\Program Files\iPod [28/08/2008|12:38] C:\Program Files\iTunes [28/07/2008|21:32] C:\Program Files\Java [20/08/2007|09:41] C:\Program Files\K-Lite Codec Pack [30/05/2008|21:30] C:\Program Files\Lavasoft [14/01/2005|15:16] C:\Program Files\Learn2.com [20/12/2006|21:20] C:\Program Files\LizardTech [27/06/2008|09:45] C:\Program Files\Logitech [28/07/2008|22:14] C:\Program Files\Malwarebytes' Anti-Malware [26/12/2007|10:49] C:\Program Files\Maxtor [14/08/2008|22:57] C:\Program Files\Messenger [06/09/2008|16:20] C:\Program Files\Messenger Plus! Live [28/06/2006|13:31] C:\Program Files\MessengerPlus! 3 [12/05/2008|21:15] C:\Program Files\Microsoft Baseline Security Analyzer 2 [26/04/2008|13:33] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [13/01/2005|15:19] C:\Program Files\microsoft frontpage [25/12/2006|15:14] C:\Program Files\Microsoft Games [03/01/2006|22:50] C:\Program Files\Microsoft Office [18/02/2005|13:09] C:\Program Files\Microsoft Works [15/12/2006|14:23] C:\Program Files\Mindscape [20/08/2008|16:56] C:\Program Files\Mio Technology [22/08/2008|15:05] C:\Program Files\Motorola [13/08/2008|15:06] C:\Program Files\Motorola Phone Tools [15/05/2008|09:47] C:\Program Files\Movie Maker [13/01/2005|15:12] C:\Program Files\MSN [29/11/2006|17:36] C:\Program Files\MSN Apps [13/01/2005|15:12] C:\Program Files\MSN Gaming Zone [02/03/2008|20:26] C:\Program Files\MSN Messenger [26/12/2007|10:48] C:\Program Files\MSXML 6.0 [15/05/2008|09:42] C:\Program Files\NetMeeting [28/06/2008|13:29] C:\Program Files\Norton Internet Security [14/02/2007|20:01] C:\Program Files\Online Services [15/05/2008|09:42] C:\Program Files\Outlook Express [13/01/2006|23:22] C:\Program Files\Overland [28/07/2008|21:34] C:\Program Files\Panda Security [08/09/2008|13:16] C:\Program Files\PhotoFiltre Studio [08/09/2008|13:31] C:\Program Files\Picasa2 [10/07/2008|14:02] C:\Program Files\Proxomitron Naoko v4.5 [28/08/2008|12:34] C:\Program Files\QuickTime [14/01/2005|15:15] C:\Program Files\Real [13/01/2005|15:51] C:\Program Files\RecordNow! [07/06/2008|17:10] C:\Program Files\Registry Easy [18/10/2007|21:54] C:\Program Files\Research In Motion [28/08/2008|12:17] C:\Program Files\Safari [13/09/2007|20:35] C:\Program Files\Samsung [01/09/2007|10:56] C:\Program Files\Securitoo [13/01/2005|15:16] C:\Program Files\Services en ligne [13/01/2005|15:51] C:\Program Files\Sonic [28/07/2008|22:44] C:\Program Files\Spybot - Search & Destroy [19/09/2008|05:56] C:\Program Files\Spyware Terminator [28/07/2008|22:33] C:\Program Files\SpywareBlaster [24/04/2008|12:32] C:\Program Files\SRBR_LMR [26/01/2005|18:12] C:\Program Files\Tcl [20/09/2007|21:44] C:\Program Files\Toshiba [19/09/2008|18:57] C:\Program Files\Trend Micro [28/12/2005|22:42] C:\Program Files\ubi.com [14/01/2005|15:15] C:\Program Files\Viewpoint [07/01/2007|12:41] C:\Program Files\WIDCOMM [18/09/2008|23:04] C:\Program Files\WinClamAVShield [02/03/2008|20:23] C:\Program Files\Windows Live [13/01/2008|15:22] C:\Program Files\Windows Media Components [03/08/2007|13:10] C:\Program Files\Windows Media Connect 2 [15/05/2008|10:07] C:\Program Files\Windows Media Player [15/05/2008|09:42] C:\Program Files\Windows NT [30/06/2008|13:50] C:\Program Files\WinRAR [24/11/2006|10:11] C:\Program Files\WinZip [13/01/2005|15:19] C:\Program Files\xerox [30/08/2008|12:30] C:\Program Files\Yahoo! [17/07/2008|19:02] C:\Program Files\Zone Labs --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [28/07/2008|22:05] C:\Program Files\Fichiers communs\Adobe [01/09/2007|10:44] C:\Program Files\Fichiers communs\AOL [14/01/2005|15:16] C:\Program Files\Fichiers communs\aolback [01/09/2007|10:41] C:\Program Files\Fichiers communs\aolshare [03/09/2007|12:00] C:\Program Files\Fichiers communs\Apple [13/01/2005|16:05] C:\Program Files\Fichiers communs\Hewlett-Packard [13/01/2005|16:00] C:\Program Files\Fichiers communs\HP [13/01/2005|15:37] C:\Program Files\Fichiers communs\InstallShield [28/07/2008|21:30] C:\Program Files\Fichiers communs\Java [13/01/2008|15:24] C:\Program Files\Fichiers communs\Logitech [13/08/2008|15:04] C:\Program Files\Fichiers communs\Microsoft Shared [13/01/2005|15:15] C:\Program Files\Fichiers communs\MSSoap [14/01/2005|15:15] C:\Program Files\Fichiers communs\Nullsoft [23/12/2005|17:58] C:\Program Files\Fichiers communs\PocketSoft [27/06/2008|09:37] C:\Program Files\Fichiers communs\Pumatech Shared [14/01/2005|15:15] C:\Program Files\Fichiers communs\Real [27/06/2008|09:35] C:\Program Files\Fichiers communs\Research In Motion [14/12/2005|15:39] C:\Program Files\Fichiers communs\Scanner [13/01/2005|15:15] C:\Program Files\Fichiers communs\Services [13/01/2005|15:52] C:\Program Files\Fichiers communs\Sonic [14/01/2005|00:31] C:\Program Files\Fichiers communs\SpeechEngines [13/01/2005|15:51] C:\Program Files\Fichiers communs\SureThing Shared [28/06/2008|18:20] C:\Program Files\Fichiers communs\Symantec Shared [15/05/2008|09:41] C:\Program Files\Fichiers communs\System [08/06/2008|15:16] C:\Program Files\Fichiers communs\Teleca Shared [02/03/2008|20:23] C:\Program Files\Fichiers communs\WindowsLiveInstaller --------------------\\ Process ( 48 Processes ) IEXPLORE.EXE ~ [PID:784] IEXPLORE.EXE ~ [PID:1800] iexplore.exe ~ [PID:3344] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\LICENSE ADMIN OPTION BIB C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\LICENSE ADMIN OPTION BIB\ball eq.exe C:\DOCUME~1\Josselin\APPLIC~1\intern~1 C:\DOCUME~1\Josselin\APPLIC~1\intern~1\BENDPURECITY.exe C:\DOCUME~1\Josselin\APPLIC~1\intern~1\Grey First The Web.exe C:\DOCUME~1\Josselin\APPLIC~1\intern~1\jwmbdkrs.exe C:\DOCUME~1\Josselin\APPLIC~1\intern~1\setupdatabrowse.exe C:\Program Files\intern~1 C:\Program Files\intern~1\Connection Wizard C:\Program Files\intern~1\custsat.dll C:\Program Files\intern~1\fr-fr C:\Program Files\intern~1\hmmapi.dll C:\Program Files\intern~1\iedw.exe C:\Program Files\intern~1\ieproxy.dll C:\Program Files\intern~1\iexplore.exe C:\Program Files\intern~1\MUI C:\Program Files\intern~1\PLUGINS C:\Program Files\intern~1\SIGNUP C:\Program Files\Circle Developement C:\DOCUME~1\Josselin\Cookies\josselin@advertstream[2].txt C:\DOCUME~1\Josselin\Cookies\josselin@adopt.euroclick[2].txt C:\DOCUME~1\Josselin\Cookies\josselin@pacificpoker[1].txt C:\DOCUME~1\Josselin\Cookies\josselin@32vegas[1].txt C:\DOCUME~1\Josselin\Cookies\josselin@banner.32vegas[2].txt C:\WINDOWS\Tasks\A51E4EA39185C63B.job --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Eq real"="C:\\DOCUME~1\\Josselin\\APPLIC~1\\INTERN~1\\setupdatabrowse.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Option Bib Logo Log"="C:\\Documents and Settings\\All Users.WINDOWS\\Application Data\\LICENSE ADMIN OPTION BIB\\ball eq.exe" --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-19 21:34:22 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:29][D:3]-> C:\DOCUME~1\Josselin\LOCALS~1\Temp [F:120][D:0]-> C:\DOCUME~1\Josselin\Cookies [F:6518][D:8]-> C:\DOCUME~1\Josselin\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 19/09/2008|21:40 - Option : [1] --------------------\\ Fin du rapport a 21:40:03

bonjour j'ai tout fais comme tu as dis mais voila de nouveau des PUB arfffffffff. voila un rapport. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:58:29, on 19/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\Explorer.EXE C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\system32\hphmon05.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\System32\dmadmin.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint2K\Apoint.exe" O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe" O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Option Bib Logo Log] C:\Documents and Settings\All Users.WINDOWS\Application Data\LICENSE ADMIN OPTION BIB\ball eq.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Eq real] C:\DOCUME~1\Josselin\APPLIC~1\INTERN~1\setupdatabrowse.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/...trolLite_EN.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1168171833640 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://orange.securitoo.com/ols/fscax.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\WINDOWS\System32\FTRTSVC.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: setup_7.0.0.180_24.04.2008_22-25 - Kaspersky Lab - C:\Documents and Settings\All Users.WINDOWS\Bureau\Kaspersky Lab Tool\setup_7.0.0.180_24.04.2008_22-25.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe -- End of file - 10055 bytes merci

BONJOUR merci pour vos conseils, voila le dernier rapport -->- Recherche: C:\SDFIX: trouvé ! C:\Qoobox: trouvé ! C:\Toolbar SD: trouvé ! C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis: trouvé ! C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé ! C:\Documents and Settings\Josselin\Bureau\ComboFix.exe: trouvé ! C:\Documents and Settings\Josselin\Bureau\Raccourcis Bureau non utilisés\SdFix.exe: trouvé ! C:\Documents and Settings\Josselin\Bureau\Raccourcis Bureau non utilisés\HijackThis.lnk: trouvé ! C:\Documents and Settings\Josselin\Bureau\Raccourcis Bureau non utilisés\vundoFix.exe: trouvé ! C:\Documents and Settings\Josselin\Bureau\Raccourcis Bureau non utilisés\HJTInstall.exe: trouvé ! C:\Documents and Settings\Josselin\Bureau\Raccourcis Bureau non utilisés\ToolBar S&D.lnk: trouvé ! C:\Documents and Settings\Josselin\Menu Démarrer\Programmes\Toolbar S&D: trouvé ! C:\Program Files\Trend Micro\HijackThis: trouvé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé ! C:\QooBox\Quarantine\C\Vundofix backups: trouvé ! C:\Toolbar SD\ToolBar S&D.lnk: trouvé ! --------------------------------- -->- Suppression: C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé ! C:\Documents and Settings\Josselin\Bureau\ComboFix.exe: supprimé ! C:\Documents and Settings\Josselin\Bureau\Raccourcis Bureau non utilisés\SdFix.exe: supprimé ! C:\Documents and Settings\Josselin\Bureau\Raccourcis Bureau non utilisés\HijackThis.lnk: supprimé ! C:\Documents and Settings\Josselin\Bureau\Raccourcis Bureau non utilisés\vundoFix.exe: supprimé ! C:\Documents and Settings\Josselin\Bureau\Raccourcis Bureau non utilisés\HJTInstall.exe: supprimé ! C:\Documents and Settings\Josselin\Bureau\Raccourcis Bureau non utilisés\ToolBar S&D.lnk: supprimé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé ! C:\Toolbar SD\ToolBar S&D.lnk: supprimé ! C:\SDFIX: supprimé ! C:\Qoobox: supprimé ! C:\Toolbar SD: supprimé ! C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis: supprimé ! C:\Documents and Settings\Josselin\Menu Démarrer\Programmes\Toolbar S&D: supprimé ! C:\Program Files\Trend Micro\HijackThis: supprimé ! Corbeille vidée! Fichiers temporaires nettoyés !

bonsoir voila le rapport encore merci de votre aide ------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER REPORT Thursday, July 24, 2008 10:26:26 PM Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600) Kaspersky On-line Scanner version : 5.0.83.0 Dernière mise à jour de la base antivirus Kaspersky : 24/07/2008 Enregistrements dans la base antivirus Kaspersky : 1002876 ------------------------------------------------------------------------------- Paramètres d'analyse: Analyser avec la base antivirus suivante: étendue Analyser les archives: vrai Analyser les bases de messagerie: vrai Cible de l'analyse - Poste de travail: C:\ D:\ Statistiques de l'analyse: Total d'objets analysés: 107329 Nombre de virus trouvés: 2 Nombre d'objets infectés: 5 / 0 Nombre d'objets suspects: 0 Durée de l'analyse: 03:45:50 Nom de l'objet infecté / Nom du virus / Dernière action C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré C:\Documents and Settings\Josselin\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Josselin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\Josselin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Josselin\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Josselin\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Josselin\ntuser.dat L'objet est verrouillé ignoré C:\Documents and Settings\Josselin\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\SDFix\backups\backups.zip/backups/nnnlIcax.dll Infecté : Trojan.Win32.Monderb.gen ignoré C:\SDFix\backups\backups.zip ZIP: infecté - 1 ignoré C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP402\A0122748.exe Infecté : Hoax.Win32.Renos.vaoz ignoré C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP404\A0125678.exe Infecté : Hoax.Win32.Renos.vaoz ignoré C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP426\A0130529.dll L'objet est verrouillé ignoré C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP426\A0130530.dll L'objet est verrouillé ignoré C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP426\A0130531.dll L'objet est verrouillé ignoré C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP430\A0130727.exe Infecté : Hoax.Win32.Renos.vaoz ignoré C:\System Volume Information\_restore{6EB8589D-63C1-43F8-8810-D4EC2C935887}\RP436\change.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\EventCache\{FA8FF702-D455-421F-8DC4-4EEFE4BCFCEF}.bin L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré Analyse terminée.

bonsoir désolé je n'y arrive pas il me dit qu'il y a une erreur sur la page que dois je faire??? merci beaucoup

bonjour et désolé du retard mais les vacances... toujours des popups voila les rapports ComboFix 08-07-22.4 - Josselin 2008-07-23 14:09:13.3 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.439 [GMT 2:00] Endroit: C:\Documents and Settings\Josselin\Bureau\ComboFix.exe * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés 2008-06-23 to 2008-07-23 )))))))))))))))))))))))))))))))))))) . 2008-07-22 15:30 . 2008-07-22 15:50 <REP> d-------- C:\WINDOWS\CAVTemp 2008-07-17 19:02 . 2008-07-17 19:02 <REP> d-------- C:\WINDOWS\Internet Logs 2008-07-17 19:02 . 2008-07-17 19:02 <REP> d-------- C:\Program Files\Zone Labs 2008-07-13 18:41 . 2008-06-19 17:24 28,544 --a------ C:\WINDOWS\system32\drivers\pavboot.sys 2008-07-13 18:40 . 2008-07-13 18:40 <REP> d-------- C:\Program Files\Panda Security 2008-07-12 14:51 . 2008-07-12 14:51 1,374 --a------ C:\WINDOWS\imsins.BAK 2008-07-10 15:39 . 2008-07-11 16:13 <REP> d-------- C:\Toolbar SD 2008-07-10 13:52 . 2008-07-10 14:02 <REP> d-------- C:\Program Files\Proxomitron Naoko v4.5 2008-07-09 13:02 . 2008-07-09 13:02 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-07-09 13:02 . 2008-07-09 13:02 1,409 --a------ C:\WINDOWS\QTFont.for 2008-07-02 16:04 . 2008-07-02 16:04 <REP> d-------- C:\Program Files\Avira 2008-07-02 16:04 . 2008-07-02 16:04 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira 2008-07-02 15:33 . 2008-07-02 15:33 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\CA 2008-07-02 15:33 . 2008-07-02 15:33 26,787 --a------ C:\WINDOWS\system32\drivers\vetmonnt.sys 2008-07-02 15:32 . 2008-07-02 15:32 <REP> d-------- C:\Program Files\CA 2008-07-01 20:25 . 2008-07-02 13:52 <REP> d-------- C:\Program Files\Ascentive 2008-07-01 20:25 . 2008-04-17 16:22 208,896 --a------ C:\WINDOWS\system32\ConTest.dll 2008-07-01 20:25 . 2007-10-17 10:19 20,480 --a------ C:\WINDOWS\system32\SysRestore.dll 2008-06-30 20:43 . 2008-06-30 20:46 <REP> d-------- C:\Program Files\Capturino 1.4 2008-06-30 00:16 . 2008-06-30 00:17 159,228,420 --a------ C:\Documents and Settings\Josselin\TRACE_BOOT+DRIVERS_1_1.BIN 2008-06-30 00:01 . 2002-12-29 01:14 81,920 --a------ C:\WINDOWS\system32\Startup.cpl 2008-06-29 14:56 . 2008-06-29 15:01 15,172,608 --a--c--- C:\audioOut.AC3 2008-06-29 14:48 . 2008-07-02 09:16 <REP> d-------- C:\Program Files\FlasKMPEG_594h 2008-06-28 18:34 . 2008-06-28 18:34 <REP> d-------- C:\Program Files\CCleaner 2008-06-28 13:39 . 2008-06-28 13:39 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion 2008-06-28 13:29 . 2008-06-28 13:29 <REP> d-------- C:\Program Files\Norton Internet Security 2008-06-28 13:11 . 2008-06-28 13:23 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8(2) 2008-06-28 12:59 . 2008-06-28 13:26 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion(2) 2008-06-27 10:26 . 2008-06-28 18:50 <REP> d-------- C:\Program Files\jv16 PowerTools 2008-06-27 10:20 . 2008-06-27 10:20 <REP> d-------- C:\Program Files\Auslogics 2008-06-27 10:20 . 2008-06-27 10:20 <REP> d-------- C:\Documents and Settings\Josselin\Application Data\Auslogics 2008-06-25 19:31 . 2008-06-25 19:31 88 --a------ C:\WINDOWS\Kit.ini 2008-06-23 11:40 . 2006-04-16 23:06 225,280 --a------ C:\WINDOWS\system32\OfficeMenu2003.ocx 2008-06-23 11:40 . 1998-07-13 01:00 141,312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL 2008-06-23 11:40 . 1998-07-13 00:00 15,872 --a------ C:\WINDOWS\system32\WINSKFR.DLL . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-13 16:41 --------- d-----w C:\Documents and Settings\Josselin\Application Data\Spyware Terminator 2008-07-13 12:18 --------- d-----w C:\Program Files\WinClamAVShield 2008-07-12 12:45 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spyware Terminator 2008-07-12 12:15 --------- d-----w C:\Program Files\Spyware Terminator 2008-07-02 13:33 879,832 ----a-w C:\WINDOWS\system32\drivers\VetEFile.sys 2008-07-02 13:33 108,360 ----a-w C:\WINDOWS\system32\drivers\VetEBoot.sys 2008-07-02 13:32 69,632 ----a-w C:\WINDOWS\system32\VetRedir.dll 2008-07-02 13:32 21,031 ----a-w C:\WINDOWS\system32\drivers\Vet-Filt.sys 2008-07-02 13:32 15,735 ----a-w C:\WINDOWS\system32\drivers\VetFDDNT.sys 2008-07-02 13:32 15,478 ----a-w C:\WINDOWS\system32\drivers\Vet-Rec.sys 2008-07-02 13:32 110,592 ----a-w C:\WINDOWS\UnVet32.exe 2008-07-02 13:32 106,496 ----a-w C:\WINDOWS\AVShlExt.dll 2008-07-02 12:33 --------- d-----w C:\Program Files\AntivirusFirewall 2008-07-02 12:24 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-07-01 19:03 --------- d-----w C:\Program Files\eMule 2008-06-28 16:20 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-06-27 07:45 --------- d-----w C:\Program Files\Logitech 2008-06-27 07:37 --------- d-----w C:\Program Files\Fichiers communs\Pumatech Shared 2008-06-27 07:36 --------- d-----w C:\Program Files\Common Files 2008-06-27 07:35 --------- d-----w C:\Program Files\Fichiers communs\Research In Motion 2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-14 17:33 272,768 ----a-w C:\WINDOWS\system32\drivers\bthport.sys 2008-06-08 13:16 --------- d-----w C:\Program Files\Fichiers communs\Teleca Shared 2008-06-07 20:36 --------- d-----w C:\Documents and Settings\Josselin\Application Data\Megaupload 2008-06-07 15:10 --------- d-----w C:\Program Files\Registry Easy 2008-06-01 16:58 344,636 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2008-06-01 16:58 29,317,152 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2008-06-01 13:18 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2008-05-31 12:36 --------- d-----w C:\Program Files\QuickTime 2008-05-31 12:25 --------- d-----w C:\Program Files\ArcSoft 2008-05-30 19:30 --------- d-----w C:\Program Files\Lavasoft 2008-05-30 19:30 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft 2008-05-29 07:35 86,528 ----a-w C:\WINDOWS\system32\VACFix.exe 2008-05-16 19:11 164 -c--a-w C:\install.dat 2008-05-15 09:31 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE 2008-05-15 09:29 249,856 ------w C:\WINDOWS\Setup1.exe 2008-05-09 10:55 90,112 ----a-w C:\WINDOWS\system32\wshext.dll 2008-05-09 10:55 430,080 ----a-w C:\WINDOWS\system32\vbscript.dll 2008-05-09 10:55 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll 2008-05-09 10:55 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll 2008-05-08 11:24 155,648 ----a-w C:\WINDOWS\system32\wscript.exe 2008-05-07 09:07 135,168 ----a-w C:\WINDOWS\system32\cscript.exe 2008-05-07 05:11 1,294,336 ----a-w C:\WINDOWS\system32\quartz.dll 2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2005-01-23 16:21 56 --sha-r C:\WINDOWS\system32\A18476FBCA.sys 2005-01-23 16:21 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( snapshot@2008-07-12_14.40.30.20 ))))))))))))))))))))))))))))))))))))))))) . + 2008-06-30 08:39:58 128,256 ----a-w C:\WINDOWS\Downloaded Program Files\as2stubie.dll + 2008-06-20 11:40:08 138,496 -c----w C:\WINDOWS\system32\dllcache\afd.sys + 2008-05-07 09:07:23 135,168 -c----w C:\WINDOWS\system32\dllcache\cscript.exe + 2008-06-20 17:47:22 147,968 -c----w C:\WINDOWS\system32\dllcache\dnsapi.dll + 2008-05-09 10:55:00 512,000 -c----w C:\WINDOWS\system32\dllcache\jscript.dll + 2008-06-20 17:47:22 247,808 -c----w C:\WINDOWS\system32\dllcache\mswsock.dll + 2008-05-09 10:55:00 180,224 -c----w C:\WINDOWS\system32\dllcache\scrobj.dll + 2008-05-09 10:55:00 172,032 -c----w C:\WINDOWS\system32\dllcache\scrrun.dll + 2008-06-20 11:51:12 361,600 -c----w C:\WINDOWS\system32\dllcache\tcpip.sys + 2008-06-20 11:08:27 225,856 -c----w C:\WINDOWS\system32\dllcache\tcpip6.sys + 2008-05-09 10:55:00 430,080 -c----w C:\WINDOWS\system32\dllcache\vbscript.dll + 2008-05-08 11:24:44 155,648 -c----w C:\WINDOWS\system32\dllcache\wscript.exe + 2008-05-09 10:55:00 90,112 -c----w C:\WINDOWS\system32\dllcache\wshext.dll - 2008-04-13 17:33:24 147,968 ----a-w C:\WINDOWS\system32\dnsapi.dll + 2008-06-20 17:47:22 147,968 ----a-w C:\WINDOWS\system32\dnsapi.dll - 2008-03-04 11:28:53 79,424 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys + 2008-07-18 13:10:01 75,072 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys - 2008-04-13 17:33:28 512,000 ----a-w C:\WINDOWS\system32\jscript.dll + 2008-05-09 10:55:00 512,000 ----a-w C:\WINDOWS\system32\jscript.dll - 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe + 2008-06-25 07:15:48 17,972,344 ----a-w C:\WINDOWS\system32\MRT.exe - 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll + 2007-11-30 12:39:29 18,296 ------w C:\WINDOWS\system32\spmsg.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:34 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2003-10-08 13:40 159744] "HPHmon05"="C:\WINDOWS\system32\hphmon05.exe" [2003-05-22 20:56 483328] "CaAvTray"="C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe" [2008-07-02 15:32 225280] "CAVRID"="C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe" [2008-07-02 15:32 180224] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-18 15:09 266497] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMBalloonTip"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll "msacm.ac3filter"= ac3filter.acm [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Bluetooth Manager.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Bluetooth Manager.lnk backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^BTTray.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\BTTray.lnk backup=C:\WINDOWS\pss\BTTray.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Desktop Manager.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Desktop Manager.lnk backup=C:\WINDOWS\pss\Desktop Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^hp psc 1000 series.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\hp psc 1000 series.lnk backup=C:\WINDOWS\pss\hp psc 1000 series.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^ZDWLan Utility.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\ZDWLan Utility.lnk backup=C:\WINDOWS\pss\ZDWLan Utility.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Josselin^Menu Démarrer^Programmes^Démarrage^MS Office - Démarrage accéléré.lnk] path=C:\Documents and Settings\Josselin\Menu Démarrer\Programmes\Démarrage\MS Office - Démarrage accéléré.lnk backup=C:\WINDOWS\pss\MS Office - Démarrage accéléré.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Josselin^Menu Démarrer^Programmes^Démarrage^MS Office - Recherche accélérée.lnk] path=C:\Documents and Settings\Josselin\Menu Démarrer\Programmes\Démarrage\MS Office - Recherche accélérée.lnk backup=C:\WINDOWS\pss\MS Office - Recherche accélérée.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupNotify HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Á³# Kh'þ9Óœ÷3rÅWC: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Á³# Kh'þ9Óœ÷3rÅWC:\Program Files HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Á³# Kh'þ9Óœ÷3rÅWC:\Program Files\ISTsvc [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection] --a------ 2005-01-20 20:47 79448 C:\PROGRA~1\FICHIE~1\AOL\AOLSPY~1\AOLSP Scheduler.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl] --a------ 2004-07-30 09:33 286720 C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a------ 2005-02-17 00:11 49152 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2008-03-30 10:36 267048 C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3] --a------ 2006-06-28 13:31 190024 C:\Program Files\MessengerPlus! 3\MsgPlus.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] --a------ 2007-01-19 13:55 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] --a------ 2005-01-14 15:15 26112 C:\Program Files\Real\RealPlayer\realplay.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] --a------ 2006-03-30 17:45 313472 C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] --a------ 2008-04-13 19:34 110592 C:\WINDOWS\system32\bthprops.cpl [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] -ra------ 2004-04-08 05:22 323584 C:\WINDOWS\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Apple Mobile Device"=2 (0x2) "AOLService"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\svchost.exe"= "C:\\Program Files\\Fichiers communs\\AOL\\System Information\\sinf.exe"= "C:\\Program Files\\Fichiers communs\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"= "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\WINDOWS\\system32\\mshta.exe"= "C:\\WINDOWS\\system32\\dpnsvr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [2008-06-19 17:24] R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-05-12 21:18] R2 Maxtor Sync Service;Maxtor Service;C:\Program Files\Maxtor\Sync\SyncServices.exe [2007-09-28 13:24] R3 RimSerPort;RIM Virtual Serial Port;C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2004-08-06 08:50] S1 lusbaudio;Logitech USB Microphone;C:\WINDOWS\system32\drivers\lvsound2.sys [2002-06-10 15:20] S3 BRGSp50;BRGSp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\BRGSp50.sys [2005-06-08 19:44] S3 mamotou;mamotou;C:\WINDOWS\system32\DRIVERS\mamotou.sys [2005-11-07 17:50] S3 QCEmerald;Logitech QuickCam Web(PID_0850);C:\WINDOWS\system32\DRIVERS\LVCE.sys [2002-06-10 15:20] S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-08-17 16:43] . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-07-03 09:21:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2008-07-22 17:20:00 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job" - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe "2008-04-23 17:20:01 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job" - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe . - - - - ORPHANS REMOVED - - - - MSConfigStartUp-istsvc - (no file) . ------- Supplementary Scan ------- . R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 R0 -: HKCU-Main,Start Page = hxxp://www.orange.fr/ O8 -: &eBay Search - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O8 -: Crawler Search - tbr:iemenu O8 -: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O16 -: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} - hxxp://minitelweb.minitel.com/imin_data/ocx/MDM.cab C:\WINDOWS\Downloaded Program Files\MDM.inf ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-23 14:12:55 Windows 5.1.2600 Service Pack 3 NTFS Balayage processus cachés ... C:\WINDOWS\explorer.exe [716] 0x8320FBB0 Balayage caché autostart entries ... Balayage des fichiers cachés ... ************************************************************************** . Temps d'accomplissement: 2008-07-23 14:16:20 ComboFix-quarantined-files.txt 2008-07-23 12:15:16 ComboFix2.txt 2008-07-13 12:27:00 ComboFix3.txt 2008-07-12 12:41:54 Pre-Run: 7,988,891,648 octets libres Post-Run: 8,126,406,656 octets libres 267 --- E O F --- 2008-07-14 17:55:00 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:17:54, on 23/07/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\dmadmin.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe C:\WINDOWS\explorer.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint2K\Apoint.exe" O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe" O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/...trolLite_EN.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1168171833640 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://orange.securitoo.com/ols/fscax.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\WINDOWS\System32\FTRTSVC.exe (file missing) O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe -- End of file - 8107 bytes encore merci de votre aide...