boulitoplay

Bonjour, c'est d'accor pour la prochaine fois, le sujet sera à mon nom. Donc là je n'ai plus rien à faire, le PC est de nouveau fonctionnel à 100%? Merci encor et bonne continuation!!!

Bonsoir, voila les scans terminés voici mes log : Combofix : ComboFix 08-05-15.3 - Pauline 2008-05-17 19:29:26.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.257 [GMT 2:00] Endroit: C:\Documents and Settings\Pauline\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Pauline\Bureau\CFScript.txt * Création d'un nouveau point de restauration FILE :: C:\sqmdata04.sqm C:\sqmdata05.sqm C:\sqmnoopt04.sqm C:\sqmnoopt05.sqm J:\jfvkcsy.bat . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\Web Media Player C:\Program Files\Web Media Player\ComDlg32.oca C:\Program Files\Web Media Player\COMDLG32.OCX C:\Program Files\Web Media Player\Control.oca C:\Program Files\Web Media Player\Control.ocx C:\Program Files\Web Media Player\Favoris.log C:\Program Files\Web Media Player\images\-10.jpg C:\Program Files\Web Media Player\images\20h10pét.gif C:\Program Files\Web Media Player\images\6minutes_soir.jpg C:\Program Files\Web Media Player\images\about.gif C:\Program Files\Web Media Player\images\about.jpg C:\Program Files\Web Media Player\images\actualisation.jpg C:\Program Files\Web Media Player\images\actv.JPG C:\Program Files\Web Media Player\images\ado-fm.bmp C:\Program Files\Web Media Player\images\africa hit tv.jpg C:\Program Files\Web Media Player\images\aktiv radio.gif C:\Program Files\Web Media Player\images\alouette.jpg C:\Program Files\Web Media Player\images\alpes 1 grenoble.gif C:\Program Files\Web Media Player\images\alternantes.gif C:\Program Files\Web Media Player\images\antipode.jpg C:\Program Files\Web Media Player\images\arrow_se.gif C:\Program Files\Web Media Player\images\art channel.jpg C:\Program Files\Web Media Player\images\astrocenter.jpg C:\Program Files\Web Media Player\images\bbc.bmp C:\Program Files\Web Media Player\images\bbc.JPG C:\Program Files\Web Media Player\images\berbere.gif C:\Program Files\Web Media Player\images\bfm.JPG C:\Program Files\Web Media Player\images\bloomberg.gif C:\Program Files\Web Media Player\images\boardriders TV.JPG C:\Program Files\Web Media Player\images\boite_questions.jpg C:\Program Files\Web Media Player\images\booster.GIF C:\Program Files\Web Media Player\images\brf1.gif C:\Program Files\Web Media Player\images\calais tv.JPG C:\Program Files\Web Media Player\images\canal zoom.jpg C:\Program Files\Web Media Player\images\casque msn.JPG C:\Program Files\Web Media Player\images\catalogne.gif C:\Program Files\Web Media Player\images\check.gif C:\Program Files\Web Media Player\images\chériefm.JPG C:\Program Files\Web Media Player\images\ciel radio.jpg C:\Program Files\Web Media Player\images\cityradio.jpg C:\Program Files\Web Media Player\images\classic 21.jpg C:\Program Files\Web Media Player\images\clermont 1ere.jpg C:\Program Files\Web Media Player\images\clickrock.jpg C:\Program Files\Web Media Player\images\cnn.jpg C:\Program Files\Web Media Player\images\config.gif C:\Program Files\Web Media Player\images\config.jpg C:\Program Files\Web Media Player\images\contact.jpg C:\Program Files\Web Media Player\images\Copie de wmp.ico C:\Program Files\Web Media Player\images\crock fm.jpg C:\Program Files\Web Media Player\images\crooze fm.gif C:\Program Files\Web Media Player\images\cybertika.gif C:\Program Files\Web Media Player\images\dble fleche.gif C:\Program Files\Web Media Player\images\delta fm.gif C:\Program Files\Web Media Player\images\DIFE.JPG C:\Program Files\Web Media Player\images\direct8.jpg C:\Program Files\Web Media Player\images\discofunk.jpg C:\Program Files\Web Media Player\images\dj radio.gif C:\Program Files\Web Media Player\images\domino tv.JPG C:\Program Files\Web Media Player\images\drapeau espagnol.jpg C:\Program Files\Web Media Player\images\drapeau_anglais.jpg C:\Program Files\Web Media Player\images\drapeau_néerlandais.jpg C:\Program Files\Web Media Player\images\E_Music.gif C:\Program Files\Web Media Player\images\ecclesia.gif C:\Program Files\Web Media Player\images\ecn.gif C:\Program Files\Web Media Player\images\eng.jpg C:\Program Files\Web Media Player\images\equipetv.gif C:\Program Files\Web Media Player\images\espace fm.gif C:\Program Files\Web Media Player\images\euronews.JPG C:\Program Files\Web Media Player\images\Europe 2.gif C:\Program Files\Web Media Player\images\europe1.JPG C:\Program Files\Web Media Player\images\europe2 rock uk.gif C:\Program Files\Web Media Player\images\europe2 rock us.gif C:\Program Files\Web Media Player\images\europe2.JPG C:\Program Files\Web Media Player\images\eurosport.jpg C:\Program Files\Web Media Player\images\evasion fm.gif C:\Program Files\Web Media Player\images\explorer.jpg C:\Program Files\Web Media Player\images\FG-radio.gif C:\Program Files\Web Media Player\images\flash fm.gif C:\Program Files\Web Media Player\images\fleche bas (downnload).gif C:\Program Files\Web Media Player\images\fleche bas.GIF C:\Program Files\Web Media Player\images\fleche bas.JPG C:\Program Files\Web Media Player\images\fleche haut.gif C:\Program Files\Web Media Player\images\fleche haut.jpg C:\Program Files\Web Media Player\images\fleche lecture.jpg C:\Program Files\Web Media Player\images\fleche xp droite.gif C:\Program Files\Web Media Player\images\forum.JPG C:\Program Files\Web Media Player\images\fox news.jpg C:\Program Files\Web Media Player\images\fr2.jpg C:\Program Files\Web Media Player\images\fr2JT13h.JPG C:\Program Files\Web Media Player\images\fr2JT8h.JPG C:\Program Files\Web Media Player\images\fr2soirJT.JPG C:\Program Files\Web Media Player\images\fr3.jpg C:\Program Files\Web Media Player\images\fr3JTmidi.JPG C:\Program Files\Web Media Player\images\fr3JTsoir.JPG C:\Program Files\Web Media Player\images\france-info.JPG C:\Program Files\Web Media Player\images\france 24.jpg C:\Program Files\Web Media Player\images\france bleu nat.bmp C:\Program Files\Web Media Player\images\france culture.jpg C:\Program Files\Web Media Player\images\france2.gif C:\Program Files\Web Media Player\images\france3.jpg C:\Program Files\Web Media Player\images\franrock.gif C:\Program Files\Web Media Player\images\frbleu.JPG C:\Program Files\Web Media Player\images\frequence horizon.gif C:\Program Files\Web Media Player\images\frequence jazz.gif C:\Program Files\Web Media Player\images\frequence plus.gif C:\Program Files\Web Media Player\images\frequence3.jpg C:\Program Files\Web Media Player\images\frinter.JPG C:\Program Files\Web Media Player\images\fun.JPG C:\Program Files\Web Media Player\images\generation hit.jpg C:\Program Files\Web Media Player\images\germain fait sa télé.JPG C:\Program Files\Web Media Player\images\gignols.JPG C:\Program Files\Web Media Player\images\globe.gif C:\Program Files\Web Media Player\images\grd_journal.jpg C:\Program Files\Web Media Player\images\groland.JPG C:\Program Files\Web Media Player\images\groland2.jpg C:\Program Files\Web Media Player\images\Haut couleur.jpg C:\Program Files\Web Media Player\images\haut.GIF C:\Program Files\Web Media Player\images\haut.JPG C:\Program Files\Web Media Player\images\haut.PNG C:\Program Files\Web Media Player\images\help.gif C:\Program Files\Web Media Player\images\hit_sport_01.gif C:\Program Files\Web Media Player\images\hitmusicstation.jpg C:\Program Files\Web Media Player\images\hitwest.gif C:\Program Files\Web Media Player\images\hot radio.gif C:\Program Files\Web Media Player\images\hotmixradio.gif C:\Program Files\Web Media Player\images\ie.gif C:\Program Files\Web Media Player\images\IE.jpg C:\Program Files\Web Media Player\images\impactFM.gif C:\Program Files\Web Media Player\images\itele.jpg C:\Program Files\Web Media Player\images\journalsorties.gif C:\Program Files\Web Media Player\images\junior fm.bmp C:\Program Files\Web Media Player\images\KD2A.jpg C:\Program Files\Web Media Player\images\kif radio.gif C:\Program Files\Web Media Player\images\kissfm.JPG C:\Program Files\Web Media Player\images\ksonelogo.jpg C:\Program Files\Web Media Player\images\la radio de la mer.jpg C:\Program Files\Web Media Player\images\labelle tv.jpg C:\Program Files\Web Media Player\images\lagrosseradio.jpg C:\Program Files\Web Media Player\images\lci.jpg C:\Program Files\Web Media Player\images\lcp.jpg C:\Program Files\Web Media Player\images\letsgozik.gif C:\Program Files\Web Media Player\images\liberty tv.jpg C:\Program Files\Web Media Player\images\linas jazz.GIF C:\Program Files\Web Media Player\images\logo.bmp C:\Program Files\Web Media Player\images\logo.JPG C:\Program Files\Web Media Player\images\m6.jpg C:\Program Files\Web Media Player\images\madikera mix.jpg C:\Program Files\Web Media Player\images\mediatropical.jpg C:\Program Files\Web Media Player\images\meteo-fr2.jpg C:\Program Files\Web Media Player\images\meteo-fr3.jpg C:\Program Files\Web Media Player\images\meteo-tf1.jpg C:\Program Files\Web Media Player\images\meteo france.jpg C:\Program Files\Web Media Player\images\mfm.jpg C:\Program Files\Web Media Player\images\microphone.gif C:\Program Files\Web Media Player\images\min_blonde.jpg C:\Program Files\Web Media Player\images\minblode.JPG C:\Program Files\Web Media Player\images\ministery of sound.jpg C:\Program Files\Web Media Player\images\mint.jpg C:\Program Files\Web Media Player\images\mistral fm.gif C:\Program Files\Web Media Player\images\mizik tv.jpg C:\Program Files\Web Media Player\images\MTI.gif C:\Program Files\Web Media Player\images\NGTV.JPG C:\Program Files\Web Media Player\images\normandie fm.gif C:\Program Files\Web Media Player\images\normandie tv.JPG C:\Program Files\Web Media Player\images\nostalgie.JPG C:\Program Files\Web Media Player\images\note.gif C:\Program Files\Web Media Player\images\note.jpg C:\Program Files\Web Media Player\images\Nouveau Image bitmap.bmp C:\Program Files\Web Media Player\images\nova radio.jpg C:\Program Files\Web Media Player\images\nrj.JPG C:\Program Files\Web Media Player\images\NT1.jpg C:\Program Files\Web Media Player\images\ods radio.gif C:\Program Files\Web Media Player\images\Open.gif C:\Program Files\Web Media Player\images\options.gif C:\Program Files\Web Media Player\images\orleans tv.JPG C:\Program Files\Web Media Player\images\ouest fm.gif C:\Program Files\Web Media Player\images\ouifm.JPG C:\Program Files\Web Media Player\images\oxygene fm.GIF C:\Program Files\Web Media Player\images\paris cap.JPG C:\Program Files\Web Media Player\images\pas des anges.JPG C:\Program Files\Web Media Player\images\perpignan tv.JPG C:\Program Files\Web Media Player\images\plein air.jpg C:\Program Files\Web Media Player\images\pointroute.gif C:\Program Files\Web Media Player\images\ptroute.gif C:\Program Files\Web Media Player\images\public sante.gif C:\Program Files\Web Media Player\images\puls radio.gif C:\Program Files\Web Media Player\images\quartz.jpg C:\Program Files\Web Media Player\images\radio 74.gif C:\Program Files\Web Media Player\images\radio canut.jpg C:\Program Files\Web Media Player\images\radio city.jpg C:\Program Files\Web Media Player\images\radio contact.jpg C:\Program Files\Web Media Player\images\radio cote azur.jpg C:\Program Files\Web Media Player\images\radio courtoisie.gif C:\Program Files\Web Media Player\images\radio dreyeckland.gif C:\Program Files\Web Media Player\images\radio espace.gif C:\Program Files\Web Media Player\images\radio latina.gif C:\Program Files\Web Media Player\images\radio orient.gif C:\Program Files\Web Media Player\images\radio plus.jpg C:\Program Files\Web Media Player\images\radio scoop.jpg C:\Program Files\Web Media Player\images\radio si.gif C:\Program Files\Web Media Player\images\radio star marseille.gif C:\Program Files\Web Media Player\images\radio tempo.jpg C:\Program Files\Web Media Player\images\radio wave.gif C:\Program Files\Web Media Player\images\radio.gif C:\Program Files\Web Media Player\images\radiolatina.JPG C:\Program Files\Web Media Player\images\rado espace.gif C:\Program Files\Web Media Player\images\rap.JPG C:\Program Files\Web Media Player\images\refesh.jpg C:\Program Files\Web Media Player\images\refresh.gif C:\Program Files\Web Media Player\images\resonnance.gif C:\Program Files\Web Media Player\images\rfi.gif C:\Program Files\Web Media Player\images\rfm.JPG C:\Program Files\Web Media Player\images\RFO.JPG C:\Program Files\Web Media Player\images\rires.JPG C:\Program Files\Web Media Player\images\rmcinfo.JPG C:\Program Files\Web Media Player\images\rnb.JPG C:\Program Files\Web Media Player\images\rne.jpg C:\Program Files\Web Media Player\images\rock_fm_tr.gif C:\Program Files\Web Media Player\images\rtbf.gif C:\Program Files\Web Media Player\images\rtc.jpg C:\Program Files\Web Media Player\images\rtl.JPG C:\Program Files\Web Media Player\images\rtl2.JPG C:\Program Files\Web Media Player\images\rtv.jpg C:\Program Files\Web Media Player\images\rve.gif C:\Program Files\Web Media Player\images\saint malo tv.JPG C:\Program Files\Web Media Player\images\samantha.jpg C:\Program Files\Web Media Player\images\scoplia.jpg C:\Program Files\Web Media Player\images\seven tv.JPG C:\Program Files\Web Media Player\images\SkyNewsLogo130.gif C:\Program Files\Web Media Player\images\skyrock.JPG C:\Program Files\Web Media Player\images\soleiltv.jpg C:\Program Files\Web Media Player\images\sportFm.gif C:\Program Files\Web Media Player\images\st tropez webradio.gif C:\Program Files\Web Media Player\images\star radio.jpg C:\Program Files\Web Media Player\images\stop.jpg C:\Program Files\Web Media Player\images\stop2.gif C:\Program Files\Web Media Player\images\stop2.jpg C:\Program Files\Web Media Player\images\sudradio.JPG C:\Program Files\Web Media Player\images\sunvibz.gif C:\Program Files\Web Media Player\images\synergie.gif C:\Program Files\Web Media Player\images\synergie.jpg C:\Program Files\Web Media Player\images\systray.gif C:\Program Files\Web Media Player\images\teepik.jpg C:\Program Files\Web Media Player\images\tele essone.JPG C:\Program Files\Web Media Player\images\telebruxelles.gif C:\Program Files\Web Media Player\images\telesambre.jpg C:\Program Files\Web Media Player\images\telif.jpg C:\Program Files\Web Media Player\images\tf1-jt-13h.jpg C:\Program Files\Web Media Player\images\tf1-jt-20h.jpg C:\Program Files\Web Media Player\images\TF1%20PERNAUD.jpg C:\Program Files\Web Media Player\images\tf1.jpg C:\Program Files\Web Media Player\images\Tf1_13h.JPG C:\Program Files\Web Media Player\images\tf1_jt_20h.jpg C:\Program Files\Web Media Player\images\the lol tv.JPG C:\Program Files\Web Media Player\images\title.bmp C:\Program Files\Web Media Player\images\title.gif C:\Program Files\Web Media Player\images\tlm.gif C:\Program Files\Web Media Player\images\TLM.jpg C:\Program Files\Web Media Player\images\top music.gif C:\Program Files\Web Media Player\images\trafic.JPG C:\Program Files\Web Media Player\images\tsr.gif C:\Program Files\Web Media Player\images\télé 102.JPG C:\Program Files\Web Media Player\images\tumbuktoo.JPG C:\Program Files\Web Media Player\images\tv alsace.JPG C:\Program Files\Web Media Player\images\tv caraibes.gif C:\Program Files\Web Media Player\images\tv grenoble.jpg C:\Program Files\Web Media Player\images\TV.gif C:\Program Files\Web Media Player\images\TV2.gif C:\Program Files\Web Media Player\images\TV3.gif C:\Program Files\Web Media Player\images\tv8 mont blanc.jpg C:\Program Files\Web Media Player\images\tve.jpg C:\Program Files\Web Media Player\images\TVSF.JPG C:\Program Files\Web Media Player\images\vendredi pet.jpg C:\Program Files\Web Media Player\images\vibra.JPG C:\Program Files\Web Media Player\images\vibration.gif C:\Program Files\Web Media Player\images\villagesFM.JPG C:\Program Files\Web Media Player\images\vitamine.gif C:\Program Files\Web Media Player\images\vivacité.jpg C:\Program Files\Web Media Player\images\voltage.gif C:\Program Files\Web Media Player\images\vpro.jpg C:\Program Files\Web Media Player\images\vrai_journal.jpg C:\Program Files\Web Media Player\images\vraijournal.gif C:\Program Files\Web Media Player\images\vtm.jpg C:\Program Files\Web Media Player\images\web tv 1.gif C:\Program Files\Web Media Player\images\wmp.gif C:\Program Files\Web Media Player\images\wmp.jpg C:\Program Files\Web Media Player\images\wmp2.gif C:\Program Files\Web Media Player\images\x-stream80.jpg C:\Program Files\Web Media Player\images\xtreme.jpg C:\Program Files\Web Media Player\images\zapping.JPG C:\Program Files\Web Media Player\images\ziktubesradio.jpg C:\Program Files\Web Media Player\images\ZiOne.gif C:\Program Files\Web Media Player\License.txt C:\Program Files\Web Media Player\unins000.dat C:\Program Files\Web Media Player\unins000.exe C:\Program Files\Web Media Player\VB6FR.DLL C:\Program Files\Web Media Player\webMedia0.63b.exe C:\Program Files\Web Media Player\webMedia0.63b.url C:\Program Files\Web Media Player\webMedia0.64.1.exe C:\Program Files\Web Media Player\webMedia0.64.1.url C:\Program Files\Web Media Player\wheel.ctl C:\Program Files\Web Media Player\wmpdatabase.wmedia C:\Program Files\Web Media Player\wmpdatabase2.wmedia C:\Program Files\Web Media Player\wmppref.log . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-17 to 2008-05-17 )))))))))))))))))))))))))))))))))))) . 2008-05-17 17:44 . 2008-05-17 17:44 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\SUPERAntiSpyware.com 2008-05-17 17:33 . 2008-05-17 19:19 <REP> d-------- C:\Program Files\SUPERAntiSpyware 2008-05-17 17:33 . 2008-05-17 19:20 <REP> d-------- C:\Documents and Settings\Pauline\Application Data\SUPERAntiSpyware.com 2008-05-17 17:33 . 2008-05-17 17:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-05-17 13:06 . 2008-05-17 13:06 396,288 --a------ C:\Program Files\HijackThis.exe 2008-05-16 23:01 . 2008-05-16 23:01 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Grisoft 2008-05-08 21:32 . 2008-05-08 21:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-05-07 21:32 . 2008-05-07 21:32 <REP> d-------- C:\Documents and Settings\Pauline\Application Data\FlagPart 2008-05-06 18:27 . 2008-05-06 18:28 <REP> d-------- C:\Documents and Settings\Perrine\Application Data\FlagPart 2008-05-06 18:27 . 2008-05-06 18:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Readme Live Axis Tons . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-17 15:20 --------- d-----w C:\Program Files\Fichiers communs\Real 2008-05-07 19:26 --------- d-----w C:\Program Files\MSN Messenger 2008-04-30 18:35 --------- d-----w C:\Program Files\eMule 2008-04-13 13:26 --------- d-----w C:\Documents and Settings\Perrine\Application Data\Sonic 2008-04-13 13:25 --------- d-----w C:\Documents and Settings\Perrine\Application Data\Leadertech 2008-04-08 10:22 --------- d-----w C:\Documents and Settings\Perrine\Application Data\AdobeUM 2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:51 621,344 ------w C:\WINDOWS\system32\dllcache\mswstr10.dll 2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-25 04:51 194,144 ------w C:\WINDOWS\system32\dllcache\msjint40.dll 2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys 2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\dllcache\win32k.sys 2008-03-17 19:31 --------- d-----w C:\Documents and Settings\Pauline\Application Data\dvdcss 2008-03-01 16:28 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll 2008-02-29 08:57 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe 2008-02-29 08:56 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe 2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll 2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll 2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll 2008-02-20 05:35 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll 2008-02-20 05:35 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll 2007-10-22 15:52 13 ---h--w C:\Documents and Settings\All Users\Application Data\1ÌØ13.sys . ((((((((((((((((((((((((((((( snapshot@2008-05-17_14.04.23,40 ))))))))))))))))))))))))))))))))))))))))) . - 2008-05-17 11:51:33 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-17 17:32:15 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-17 17:32:27 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_448.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-12 21:10 339968] "BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 15:37 40960] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3acm"= l3codecp.acm [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hp psc 2000 Series.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hp psc 2000 Series.lnk backup=C:\WINDOWS\pss\hp psc 2000 Series.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware] C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd] --a------ 2004-09-15 11:20 2557952 C:\WINDOWS\ALCWZRD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AXIS TONS THE MP3] --a------ 2008-05-17 18:56 4243456 C:\Documents and Settings\All Users\Application Data\Readme Live Axis Tons\army corn.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] --a------ 2004-08-05 14:00 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1] --a------ 2004-08-05 14:00 208952 C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odebit Multimedia V3] C:\Program Files\Odebit Multimédia\V3\Odebit.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odebit Multimedia V3 - Services] C:\Program Files\Odebit Multimédia\V3\Odebit.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] --a------ 2004-10-08 03:14 81920 c:\Apps\Powercinema\PCMService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A] --a------ 2004-08-05 14:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync] --a------ 2004-08-05 14:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2004-10-22 00:07 98304 C:\Program Files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio] --a------ 2004-03-17 15:10 61952 C:\WINDOWS\system32\Hdaudpropshortcut.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] --a------ 2004-09-10 18:29 77824 C:\WINDOWS\SoundMan.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2004-10-22 00:11 180269 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "SymWSC"=2 (0x2) "SNDSrvc"=3 (0x3) "SAVScan"=3 (0x3) "navapsvc"=2 (0x2) "ccSetMgr"=2 (0x2) "ccPwdSvc"=3 (0x3) "ccProxy"=2 (0x2) "ccEvtMgr"=2 (0x2) "AOL ACS"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%ProgramFiles%\\AOL 9.0\\aol.exe"= "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"= "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\APPS\\Inventime\\my.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\microsoft office\\Office12\\OUTLOOK.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "21660:TCP"= 21660:TCP:BitComet 21660 TCP "21660:UDP"= 21660:UDP:BitComet 21660 UDP R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35] R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08] S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58] S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS [] . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-05-17 17:00:00 C:\WINDOWS\Tasks\A3E03AEF9197B803.job" - c:\docume~1\perrine\applic~1\flagpart\SOAP SAFE POKE.exe "2008-04-19 20:24:21 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1205011408.job" - C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-17 19:33:02 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MysqlInventime] "ImagePath"="c:\mysql\bin\mysqld-nt MysqlInventime" . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe . ************************************************************************** . Temps d'accomplissement: 2008-05-17 19:35:20 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-17 17:35:17 Pre-Run: 69,886,001,152 octets libres Post-Run: 69,888,516,096 octets libres 488 --- E O F --- 2008-05-17 11:13:51 Et mbam : Malwarebytes' Anti-Malware 1.12 Version de la base de données: 760 Type de recherche: Examen complet (C:\|) Eléments examinés: 97777 Temps écoulé: 19 minute(s), 5 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\QooBox\Quarantine\C\WINDOWS\system32\scchk32.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP335\A0113743.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. PS : J'ai infecté l'ordinateur de ma copine avant d'avoir fait appel à vos services pour réparer le mien... Merci encore pour votre super boulo!!! Pour la rapidité à la quelle vous répondez aux membres de ce forum et pour la précision de vos messages!!! Merci beaucoup aux admins et plus particuliérement à toi PEAR!!

BOnjour tout le monde et plus particuliérement Pear Voila mon problème, il y a une semaine environ vous m'avez remarquablement bien aidé pour la résolution de mon virus (amvo) et sur mon PC je n'ai plus aucun souci!!! Merci encor Mais un nouveau problème a fait son apparition Sans le vouloir j'ai contaminé le PC de ma copine en lui métant quelques photos sur son pc avec ma clef USB. J'ai donc en toute logique, pris son PC pour lui enlever les petites bébétes qui nuisent à un surf normale... J'ai utilisé flashdesinfector et fait un scan avec combofix don voici le raport : ComboFix 08-05-15.3 - Pauline 2008-05-17 14:01:42.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.250 [GMT 2:00] Endroit: C:\Documents and Settings\Pauline\Bureau\ComboFix.exe * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\.protected C:\autorun.inf C:\Documents and Settings\All Users\Bureau\webmediaplayer.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\.protected C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Conditions générales.url C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Confidentialité.url C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Désinstaller.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\WebMediaPlayer.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Website.url C:\Documents and Settings\Pauline\Menu Démarrer\Programmes\Démarrage\.protected C:\Documents and Settings\Perrine\Local Settings\Application Data\taevaeo.dat C:\Documents and Settings\Perrine\Local Settings\Application Data\taevaeo_nav.dat C:\Documents and Settings\Perrine\Local Settings\Application Data\taevaeo_navps.dat C:\Program Files\GamesBar\oberontb.dll C:\Program Files\webmediaplayer C:\Program Files\webmediaplayer\resources\languages_v2.xml C:\Program Files\webmediaplayer\resources\webmedias C:\Program Files\webmediaplayer\skins\classic.skn C:\Program Files\webmediaplayer\sqlite3.dll C:\Program Files\webmediaplayer\uninst.exe C:\Program Files\webmediaplayer\WebMediaPlayer.exe C:\WINDOWS\.protected C:\WINDOWS\system32\_000006_.tmp.dll C:\WINDOWS\system32\drivers\etc\.protected C:\WINDOWS\system32\nvs2.inf C:\WINDOWS\system32\scchk32.exe . ((((((((((((((((((((((((((((( Fichiers créés 2008-04-17 to 2008-05-17 )))))))))))))))))))))))))))))))))))) . 2008-05-17 13:06 . 2008-05-17 13:06 396,288 --a------ C:\Program Files\HijackThis.exe 2008-05-16 23:01 . 2008-05-16 23:01 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Grisoft 2008-05-13 20:22 . 2008-05-13 20:22 268 --ah----- C:\sqmdata05.sqm 2008-05-13 20:22 . 2008-05-13 20:22 244 --ah----- C:\sqmnoopt05.sqm 2008-05-08 21:32 . 2008-05-08 21:32 <REP> d-------- C:\Documents and Settings\Pauline\Application Data\Grisoft 2008-05-08 21:32 . 2008-05-08 21:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-05-08 21:32 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2008-05-07 21:32 . 2008-05-07 21:32 <REP> d-------- C:\Documents and Settings\Pauline\Application Data\FlagPart 2008-05-06 18:27 . 2008-05-06 18:28 <REP> d-------- C:\Documents and Settings\Perrine\Application Data\FlagPart 2008-05-06 18:27 . 2008-05-06 18:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Readme Live Axis Tons 2008-05-06 18:02 . 2008-05-06 18:02 268 --ah----- C:\sqmdata04.sqm 2008-05-06 18:02 . 2008-05-06 18:02 172 --ah----- C:\sqmnoopt04.sqm . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-17 12:01 --------- d-----w C:\Program Files\GamesBar 2008-05-07 19:26 --------- d-----w C:\Program Files\MSN Messenger 2008-04-30 18:35 --------- d-----w C:\Program Files\eMule 2008-04-22 16:05 --------- d-----w C:\Program Files\Web Media Player 2008-04-13 13:26 --------- d-----w C:\Documents and Settings\Perrine\Application Data\Sonic 2008-04-13 13:25 --------- d-----w C:\Documents and Settings\Perrine\Application Data\Leadertech 2008-04-08 10:22 --------- d-----w C:\Documents and Settings\Perrine\Application Data\AdobeUM 2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:51 621,344 ------w C:\WINDOWS\system32\dllcache\mswstr10.dll 2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-25 04:51 194,144 ------w C:\WINDOWS\system32\dllcache\msjint40.dll 2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys 2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\dllcache\win32k.sys 2008-03-17 19:31 --------- d-----w C:\Documents and Settings\Pauline\Application Data\dvdcss 2008-03-01 16:28 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll 2008-02-29 08:57 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe 2008-02-29 08:56 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe 2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll 2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll 2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll 2008-02-20 05:35 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll 2008-02-20 05:35 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll 2007-10-22 15:52 13 ---h--w C:\Documents and Settings\All Users\Application Data\1ÌØ13.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360] "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [ ] "BitComet"="C:\Program Files\BitComet\BitComet.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 14:00 208952] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168] "Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 15:10 61952 C:\WINDOWS\system32\Hdaudpropshortcut.exe] "SoundMan"="SOUNDMAN.EXE" [2004-09-10 18:29 77824 C:\WINDOWS\SoundMan.exe] "AlcWzrd"="ALCWZRD.EXE" [2004-09-15 11:20 2557952 C:\WINDOWS\ALCWZRD.EXE] "ATIPTA"="C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-12 21:10 339968] "SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe" [ ] "PCMService"="c:\Apps\Powercinema\PCMService.exe" [2004-10-08 03:14 81920] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224] "BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 15:37 40960] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-10-22 00:07 98304] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-10-22 00:11 180269] "AXIS TONS THE MP3"="C:\Documents and Settings\All Users\Application Data\Readme Live Axis Tons\army corn.exe" [2008-05-17 13:56 4243456] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [2003-04-06 01:37:10 323646] hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 02:06:58 28672] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hggeebx] hggeebx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winuns32] winuns32.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3acm"= l3codecp.acm [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odebit Multimedia V3] --a------ 2006-09-09 21:11 1632768 C:\Program Files\Odebit Multimédia\V3\Odebit.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odebit Multimedia V3 - Services] --a------ 2006-09-09 21:11 1632768 C:\Program Files\Odebit Multimédia\V3\Odebit.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "SymWSC"=2 (0x2) "SNDSrvc"=3 (0x3) "SAVScan"=3 (0x3) "navapsvc"=2 (0x2) "ccSetMgr"=2 (0x2) "ccPwdSvc"=3 (0x3) "ccProxy"=2 (0x2) "ccEvtMgr"=2 (0x2) "AOL ACS"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%ProgramFiles%\\AOL 9.0\\aol.exe"= "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"= "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\APPS\\Inventime\\my.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\microsoft office\\Office12\\OUTLOOK.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\Program Files\\Odebit Multimédia\\V3\\Odebit.exe"= "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "21660:TCP"= 21660:TCP:BitComet 21660 TCP "21660:UDP"= 21660:UDP:BitComet 21660 UDP R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35] R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08] S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58] S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd4549d0-185b-11dd-a10e-00038a000015}] \Shell\AutoRun\command - J:\jfvkcsy.bat \Shell\explore\Command - J:\jfvkcsy.bat \Shell\open\Command - J:\jfvkcsy.bat *Newly Created Service* - CATCHME . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-05-17 12:00:00 C:\WINDOWS\Tasks\A3E03AEF9197B803.job" - c:\docume~1\perrine\applic~1\flagpart\SOAP SAFE POKE.exe "2008-04-19 20:24:21 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1205011408.job" - C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-17 14:03:57 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MysqlInventime] "ImagePath"="c:\mysql\bin\mysqld-nt MysqlInventime" . Temps d'accomplissement: 2008-05-17 14:04:38 ComboFix-quarantined-files.txt 2008-05-17 12:04:35 Pre-Run: 69,768,585,216 octets libres Post-Run: 70,006,693,888 octets libres 188 --- E O F --- 2008-05-17 11:13:51 Merci de bien vouloir m'indiquer la marche à suivre pour que son PC remarche aussi bien que le mien grâce à vous... Merci d'avance pour le boulo que vous ferez et pour ce que vous avez déjà fait. Cordialement Un petit UP s'impose.