musico

Bonjour Apollo Voici le dernier rapport de javara J'espère ne pas avoir fait de mauvaises manip Encore une fois merci JavaRa 1.11 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Mon Oct 27 09:36:45 2008 Found and removed: D:\Program Files\Java\jre1.6.0_03 Found and removed: D:\Program Files\Java\jre1.6.0_05 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Classes\JavaPlugin.160_03 Found and removed: SOFTWARE\Classes\JavaPlugin.160_05 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050} Found and removed: Software\Classes\JavaPlugin.160_03 Found and removed: Software\Classes\JavaPlugin.160_05 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05 Found and removed: Software\JavaSoft\Java2D\1.6.0_03 Found and removed: Software\JavaSoft\Java2D\1.6.0_05 Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03 Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} ------------------------------------ Finished reporting.

BONSOIR vOICI LE DERNIER RAPPORT D HIJACKTHIS JE JOINT EGALEMENT LE DERNIER RAPPORT DE KASPERSKY Dans les correctifs je n'ai pas pu installer celui de Window Merci pour tout et bon Week End Musico Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:43:09, on 25/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\Explorer.EXE D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe D:\Program Files\Java\jre6\bin\jusched.exe D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe D:\Program Files\Microsoft Office\Office\OSA.EXE D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe D:\Program Files\Java\jre6\bin\jqs.exe D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe D:\WINDOWS\system32\wuauclt.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Documents and Settings\Admin.XPSP2-8246C1C43\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVP] "D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [AnyDVD] D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - Global Startup: Microsoft Recherche accélérée.lnk = D:\Program Files\Microsoft Office\Office\FINDFAST.EXE O4 - Global Startup: Démarrage d'Office.lnk = D:\Program Files\Microsoft Office\Office\OSA.EXE O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O15 - Trusted Zone: http://www.orange.fr O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1193861332750 O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe -- End of file - 5713 bytes Type : vulnérabilité (événements : 4) 25/10/2008 22:27:10 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/31010 D:\Program Files\Java\jre1.6.0_05\bin\java.exe Très dangereux 25/10/2008 22:26:41 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/31010 D:\Program Files\Java\jre1.6.0_03\bin\java.exe Très dangereux 25/10/2008 22:14:04 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/26027 D:\WINDOWS\SoftwareDistribution\Download\23ec66f2314a80d718b5483ab6e865af\flash.ocx Très dangereux 25/10/2008 21:58:15 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/11064 C:\Program Files\NetMeeting\CONF.EXE Très dangereux

Bonjour Apollo La nuit a été courte mais j'espère qu'on l'a eu ce Bagle Je t'envoie le rapport d'analyse de Kaspresky Encore une fois merci pour tout Type : vulnérabilité (événements : 87) 25/10/2008 02:47:20 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 d:\program files\quicktime\quicktimeplayer.exe Très dangereux 25/10/2008 02:48:02 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/31010 d:\windows\system32\java.exe Très dangereux 25/10/2008 03:08:24 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/11064 C:\Program Files\NetMeeting\CONF.EXE Très dangereux 25/10/2008 03:19:37 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\WINDOWS\system32\QuickTime.qts Très dangereux 25/10/2008 03:28:46 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/26027 D:\WINDOWS\SoftwareDistribution\Download\23ec66f2314a80d718b5483ab6e865af\flash.ocx Très dangereux 25/10/2008 03:40:18 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\PictureViewer.qtr Très dangereux 25/10/2008 03:40:18 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\da.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:40:19 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\de.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:40:24 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\en.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:40:29 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\es.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:40:32 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\fi.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:40:37 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\fr.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:40:41 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\it.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:40:46 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\ja.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:40:51 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\ko.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:40:53 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\nb.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:40:56 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\nl.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:40:58 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\pl.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:41:03 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\pt_PT.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:41:06 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\ru.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:41:07 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\sv.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:41:09 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\zh_CN.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:41:15 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\PictureViewer.Resources\zh_TW.lproj\PictureViewerLocalized.qtr Très dangereux 25/10/2008 03:41:25 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\CoreVideo.qtr Très dangereux 25/10/2008 03:41:25 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\da.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:25 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\de.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:26 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\en.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:26 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\es.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:26 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\fi.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:26 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\fr.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:26 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\it.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:27 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\ja.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:27 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\ko.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:27 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\nb.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:27 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\nl.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:27 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\pl.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:27 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\pt_PT.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:28 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\ru.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:28 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\sv.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:28 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\zh_CN.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:28 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\zh_TW.lproj\CoreVideoLocalized.qtr Très dangereux 25/10/2008 03:41:28 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\QuickTime3GPP.qtr Très dangereux 25/10/2008 03:41:28 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\da.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:29 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\de.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:29 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\en.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:29 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\es.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:29 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\fi.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:30 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\fr.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:30 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\it.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:30 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ja.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:31 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ko.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:31 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\nb.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:32 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\nl.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:34 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ru.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:34 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\pt_PT.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:34 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\pl.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:34 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\sv.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:34 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\zh_CN.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:35 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\zh_TW.lproj\QuickTime3GPPLocalized.qtr Très dangereux 25/10/2008 03:41:35 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\QuickTime3GPPAuthoring.qtr Très dangereux 25/10/2008 03:41:36 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\da.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:36 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\de.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:37 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\en.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:38 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\es.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:38 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\fi.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:38 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\fr.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:39 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\it.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:39 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\ja.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:39 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\ko.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:39 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\nb.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:39 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\nl.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:40 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\pl.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:40 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\pt_PT.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:40 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\ru.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:40 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\sv.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:40 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\zh_CN.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:41 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\zh_TW.lproj\QuickTime3GPPAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:43 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\QuickTimeAuthoring.qtr Très dangereux 25/10/2008 03:41:43 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\da.lproj\QuickTimeAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:43 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\de.lproj\QuickTimeAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:46 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\en.lproj\QuickTimeAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:50 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\es.lproj\QuickTimeAuthoringLocalized.qtr Très dangereux 25/10/2008 03:41:55 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\fi.lproj\QuickTimeAuthoringLocalized.qtr Très dangereux 25/10/2008 03:42:11 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\fr.lproj\QuickTimeAuthoringLocalized.qtr Très dangereux 25/10/2008 03:42:14 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\it.lproj\QuickTimeAuthoringLocalized.qtr Très dangereux 25/10/2008 03:42:18 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ja.lproj\QuickTimeAuthoringLocalized.qtr Très dangereux 25/10/2008 03:42:24 Détectés vulnérabilité http://www.viruslist.com/fr/advisories/29293 D:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ko.lproj\QuickTimeAuthoringLocalized.qtr Très dangereux

il n'y a pas les 2 rubriques que tu me cites Peut être faut il que je t'envoie tout le rapport de hijackthis? J'ai installé et mis à jour Kaspersky

Voilà j'espère que je n'ai pas fait de conneries Je te poste les 2 rapports pour info l'anti virus fire wall m'a été fourni par Orange pour lequel je paie un abonnement de 5e par mois les caractéristiques : anti-virus firewall PC Version 4.14 version 5.12 je n'ai pas trouvé autre choses Merci pour tout Malwarebytes' Anti-Malware 1.30 Version de la base de données: 1316 Windows 5.1.2600 Service Pack 2 25/10/2008 01:21:20 mbam-log-2008-10-25 (01-21-20).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 139232 Temps écoulé: 17 minute(s), 32 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 4 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\SystemInit (Trojan.FakeAlert) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\xdsfass (Trojan.FakeAlert) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): D:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:27:38, on 25/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\Explorer.EXE D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe D:\Program Files\Microsoft Office\Office\OSA.EXE D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe D:\WINDOWS\system32\wuauclt.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\WINDOWS\system32\NOTEPAD.EXE D:\Documents and Settings\Admin.XPSP2-8246C1C43\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "D:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [AnyDVD] D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - Global Startup: Microsoft Recherche accélérée.lnk = D:\Program Files\Microsoft Office\Office\FINDFAST.EXE O4 - Global Startup: Démarrage d'Office.lnk = D:\Program Files\Microsoft Office\Office\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O15 - Trusted Zone: http://www.orange.fr O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1193861332750 O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe -- End of file - 5051 bytes Excuse moi j'avais oublié les rapports merci

Voilà j'espère que je n'ai pas de conneries Je te poste les 2 rapports pour info l'anti virus fire wall m'a été fourni par Orange pour lequel je paie un abonnement de 5e par mois les caractéristiques : anti-virus firewall PC Version 4.14 version 5.12 je n'ai pas trouvé autre choses Merci pour tout

je ne parviens pas à installer kaperski il me dit chaque fois de supprimmer les autres anti virus mais je vais sur le panneau de config et il n'y en a aucun D'autre part tu sais je suis un peu "bleu"j'ai 57 balais, je sais ce que c'est qu'un crack mais un P2P?Comme mon pseudo l'indique je suis un vieux musico et c'est la 1ère fois que je voulais passer par e.mule pour télécharger Midi converter MP3 et j'ai chopé cette merde pour le moment je suis tanké sur l'installde Kaperski J'attends ta réponse Encore merci et excuse moi pour le mal que je te donne

VOILA LE RAPPORT ComboFix 08-10-24.02 - Admin 2008-10-24 23:02:46.7 - FAT32x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.270 [GMT 2:00] Lancé depuis: D:\Documents and Settings\Admin.XPSP2-8246C1C43\Bureau\combo-fix.exe Commutateurs utilisés :: D:\Documents and Settings\Admin.XPSP2-8246C1C43\Bureau\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe * Un nouveau point de restauration a été créé . ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-24 au 2008-10-24 )))))))))))))))))))))))))))))))))))) . 2008-10-24 21:46 . 2008-10-24 21:46 <REP> d--hs---- D:\FOUND.001 2008-10-21 20:00 . 2008-10-21 20:00 <REP> d--hs---- D:\FOUND.000 2008-10-06 22:20 . 2008-10-06 22:20 0 --a------ D:\WINDOWS\nsreg.dat 2008-10-06 21:34 . 2008-10-06 21:34 <REP> d-------- D:\Program Files\SAGEM 2008-10-06 21:33 . 2008-10-06 21:33 <REP> d-------- D:\Program Files\Securitoo 2008-10-05 21:00 . 2008-09-08 23:38 88,576 --a------ D:\WINDOWS\system32\AntiXPVSTFix.exe 2008-10-05 21:00 . 2008-10-01 15:51 87,552 --a------ D:\WINDOWS\system32\VACFix.exe 2008-10-05 21:00 . 2008-09-19 12:26 82,944 --a------ D:\WINDOWS\system32\o4Patch.exe 2008-10-05 21:00 . 2008-05-18 21:40 82,944 --a------ D:\WINDOWS\system32\IEDFix.exe 2008-10-05 21:00 . 2008-09-19 12:26 82,944 --a------ D:\WINDOWS\system32\IEDFix.C.exe 2008-10-05 21:00 . 2008-08-18 12:19 82,432 --a------ D:\WINDOWS\system32\404Fix.exe 2008-10-05 20:59 . 2007-09-06 00:22 289,144 --a------ D:\WINDOWS\system32\VCCLSID.exe 2008-10-05 20:59 . 2006-04-27 17:49 288,417 --a------ D:\WINDOWS\system32\SrchSTS.exe 2008-10-05 20:59 . 2003-06-05 21:13 53,248 --a------ D:\WINDOWS\system32\Process.exe 2008-10-05 20:59 . 2004-07-31 18:50 51,200 --a------ D:\WINDOWS\system32\dumphive.exe 2008-10-05 20:59 . 2007-10-04 00:36 25,600 --a------ D:\WINDOWS\system32\WS2Fix.exe 2008-10-05 20:31 . 2008-10-05 21:00 1,696 --a------ D:\WINDOWS\system32\tmp.reg 2008-10-02 13:07 . 2008-10-02 13:07 116,740 --a------ D:\WINDOWS\system32\msxml71.0ll 2008-09-26 11:31 . 2008-09-26 11:31 8 --a------ D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\usb.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-15 15:39 1,846,144 ----a-w D:\WINDOWS\system32\win32k.sys 2008-09-15 15:39 1,846,144 ------w D:\WINDOWS\system32\dllcache\win32k.sys 2008-08-28 10:04 333,056 ----a-w D:\WINDOWS\system32\drivers\srv.sys 2008-08-28 10:04 333,056 ------w D:\WINDOWS\system32\dllcache\srv.sys 2008-08-19 09:30 18,432 ------w D:\WINDOWS\system32\dllcache\iedw.exe 2008-08-14 13:44 2,182,400 ----a-w D:\WINDOWS\system32\ntoskrnl.exe 2008-08-14 13:44 2,182,400 ------w D:\WINDOWS\system32\dllcache\ntoskrnl.exe 2008-08-14 13:44 2,138,112 ------w D:\WINDOWS\system32\dllcache\ntkrnlmp.exe 2008-08-14 13:44 2,059,776 ----a-w D:\WINDOWS\system32\ntkrnlpa.exe 2008-08-14 13:44 2,059,776 ------w D:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2008-08-14 13:44 2,017,792 ------w D:\WINDOWS\system32\dllcache\ntkrpamp.exe 2008-08-14 09:51 138,368 ------w D:\WINDOWS\system32\dllcache\afd.sys 2008-06-01 16:49 44,614 ----a-w D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\mdb.bin 2008-03-18 17:15 3,858,985 ----a-w D:\Program Files\eMule0.48a-Installer.exe 2007-12-23 17:00 18,764,248 ----a-w D:\Program Files\setupfre.exe 2007-11-01 19:49 13,411,824 ----a-w D:\Program Files\Google_Earth_BZXD.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] "AnyDVD"="D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [2008-04-11 2075584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "F-Secure Manager"="D:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" [2008-10-24 176177] "F-Secure TNB"="D:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" [2008-10-24 733184] "QuickTime Task"="D:\Program Files\QuickTime\qttask.exe" [2008-01-31 385024] "Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] D:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Recherche acc‚l‚r‚e.lnk - D:\Program Files\Microsoft Office\Office\FINDFAST.EXE [1997-11-19 111376] D‚marrage d'Office.lnk - D:\Program Files\Microsoft Office\Office\OSA.EXE [1997-11-19 51984] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\beep.sys] @="beep" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Program Files\\eMule\\EMULE.EXE"= "D:\\Program Files\\iTunes\\iTunes.exe"= R3 SOFTXG;YAMAHA XG SoftSynthesizer;D:\WINDOWS\system32\drivers\sxgxgwdm.sys [2002-05-22 966784] S1 F-Secure HIPS;F-Secure HIPS;D:\Program Files\Orange\AntivirusFirewall\HIPS\fshs.sys [ ] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys [ ] S4 F-Secure Filter;F-Secure File System Filter;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [ ] S4 F-Secure Recognizer;F-Secure File System Recognizer;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [ ] S4 FSFW;F-Secure Firewall Driver;D:\WINDOWS\system32\drivers\fsdfw.sys [ ] . Contenu du dossier 'Tâches planifiées' 2008-10-03 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job - D:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57] . . ------- Examen supplémentaire ------- . FireFox -: Profile - D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\Mozilla\Firefox\Profiles\hr8abcv1.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.orange.fr/ FF -: plugin - D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll FF -: plugin - D:\Program Files\Yahoo!\Common\npyaxmpb.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-24 23:04:04 Windows 5.1.2600 Service Pack 2 FAT NTAPI Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2008-10-24 23:04:54 ComboFix3.txt 2008-06-16 16:40:48 ComboFix-quarantined-files.txt 2008-10-24 21:04:54 ComboFix2.txt 2008-10-24 20:43:44 Avant-CF: 8 541 601 792 octets libres Après-CF: 8,532,320,256 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect C:\="Microsoft Windows" 133 --- E O F --- 2008-10-16 06:51:48

ComboFix 08-10-24.02 - Admin 2008-10-24 22:39:53.6 - FAT32x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.367 [GMT 2:00] AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\data.oct D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\flec006.exe D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\list.oct D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\123_DVD_Converter_4.6.1.6.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Able Web Editor Demo 1.0.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\AblePayments Suite for AbleCommerce 1.5.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\abylon SHAREDDRIVE 6.5.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\ACID Music Studio 7.0a build 157.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\AlphaButton 2.2.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Auto-Mate_Add-in_for_Outlook_1.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Awesome_Cloudscapes_Screen_Saver_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Barcode_Prime_Image_Generator_for_Codabar_1.1_Patch.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Beep 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Bibble_Professional_4.90d.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\BirthdayRemember_6.3.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Blog_Auto_Machine_2.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Commandos_Strike_Force_demo.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\CoolPSettings_3.0g.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Create_Ringtone_4.93.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Crossword_Challenge_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\CVP_optimizer_1.0.6_Patch.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\CZ Print Deleter 1.0 (Crack).zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Dark Nature Screensaver 1.01.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\DesktopPlayer 2.12.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Digital_Alarm_Clock_2.11.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Directory Update 1.1 [With Crack].zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Directory_Compare_and_Synchronize_2.5.7.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Doom_95_demo.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Dr.Windows_1.04.01.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Dr_Parse_VIP_1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\DriverMAGIC_1.1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Dunnabyte Alarm 2008 3.01.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\DVD_Ripper_to_MPEG_2.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\ECalcPad_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\eDrum_MIDI_Mapper_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Email_Control_Center_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Envisioneer Express 3.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\EquTranslator 2.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Europe_2000.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\EZ_Wizard_3.02.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Fancy Fish 1.0 (With Crack).zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Fast_Recorder_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Firearms_Collection_Manager_1.0.25.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Focus Photoeditor 5.1.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Friend_Blaster_Pro_4.1_Key+Serial.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\FusionCoder 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Generic_Game_Engine_1.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Gravit_0.4.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\H&H_Korea2Go_Talking_Phrase_Book_3.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\HS_COM_1.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\HTML_Markdown_2.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\httpZip 3.8.4.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Hyperball Racing demo.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\i5_iSeries_Solution_Sales_V5R3_Practice_Exam_Questions_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Ideal_Browser_Firefox_Edition_2.4.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\IE_Registry_Manager_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Ini_Files_Manager_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Insult Generator 2.3.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Internet_Business_Promoter_(IBP)_9.7.1_[serial].zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\IPTunnelManager 1.4.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\ISO Commander 1.6 build 043.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Kaspersky.Antivirus.5.0.388.Personal.Pro.Key.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Keyboard Extensions 1.0 build 53.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Life Organizer 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\LingvoSoft_Talking_Dictionary_2007_Spanish_-_Korean_4.0.22_(Serial).zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\LogCleaner 5.8.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Magic_Calendar_Maker_2.6.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\MailCrawl_1.17.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\MB Free Egyptian Astrology 1.85.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Memorizer_eXP_5.5_Cracked.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Mercedes Benz W221 Screensaver 1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Military_Sokoban_1.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\mNewsCenter_1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Movkit_DVD_to_PSP_Ripper_4.0_build_20070318.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\MySQL_Delete_(Remove)_Duplicate_Entries_Software_7.0_Cracked.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\NagMe 1.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\NestedQuote Remover 0.7.18.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Norpath_Elements_Designer_3.2_build_390.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Novell_GroupWise_Messenger_3.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Okoker RM to AVI DIVX WMV MPEG VCD DVD Converter & Burner 3.7 Cracked.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\PageHelper 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\PasteItIn 1.2 [Key].zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\PDF Vista Workstation Edition 6.0.0.6200.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\PengYou Word Bin 1.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\PhotoSelector_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\PlasticSniffer_1.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Probability Calculator 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Program Booster 1.0.7.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Promosoft Software Submitter 1.2.1 (Crack).zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Protect EXE 0.4a Beta.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\ReadCheck_1.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Receipt_Book_Manager_6.8.4.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Roman_Numeral_Convertor_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Scales and Chords 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Scrape_to_PDF_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Script Sentry 2.7.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\SearchMulti 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Security_Department_1.9_Serial.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Setup_Builder_6.03_[Key+Serial].zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Silentnight Inspector 3.3.19.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\SimW_1.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\SmartVersion_1.15_RC_beta.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Speed DVD Creator 4.0.42.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\StorageSafe_1.2.0.1210_(Serial).zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Taango_2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\TabMail_2.7.18.17_KeyGen.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Tangram 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\TCAD for Delphi 2006.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Texas Hold'em Calculator 2.6.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\The_Gadgetbar_Toolbar_for_Firefox_1.5.0.12.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\The_Sims_2_Mommy's_Lipstick_skin.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\TimeLogger 1.0.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Tiper_1.6.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Tom_Clancy's_Splinter_Cell_patch_(European)_1.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Travel Dictionary Spanish HPC 2.7.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\TrayIcon_Pro_1.4.127_SR1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\TremorSkimmer 1.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Unreal_Tournament_2004_DOM_Parallel_map.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\US_and_Counties_Map_Locator_1.0_KeyGen.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\V-NewsTicker_2.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\VAlarm_1.0_(Patch).zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Video to WMV Redactor 1.02.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Vocal_Imitation_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\VrmlPad 2.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Weather Underground Vista Gadget 1.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\WebCollect_Toolbar_1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Windows Password Cracker 3.04.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Wizardbrush_6.7.3.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\XBC_Xbox_Connect_5.1.5.293.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Xilisoft AVI to DVD Converter 3.0.36.0502.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\srvlist.oct D:\WINDOWS\system32\ban_list.txt D:\WINDOWS\system32\drivers\downld D:\WINDOWS\system32\drivers\downld\100140.exe D:\WINDOWS\system32\drivers\downld\100203.exe D:\WINDOWS\system32\drivers\downld\100765.exe D:\WINDOWS\system32\drivers\downld\102218.exe D:\WINDOWS\system32\drivers\downld\102640.exe D:\WINDOWS\system32\drivers\downld\105265.exe D:\WINDOWS\system32\drivers\downld\107562.exe D:\WINDOWS\system32\drivers\downld\110296.exe D:\WINDOWS\system32\drivers\downld\111109.exe D:\WINDOWS\system32\drivers\downld\111640.exe D:\WINDOWS\system32\drivers\downld\11271953.exe D:\WINDOWS\system32\drivers\downld\113375.exe D:\WINDOWS\system32\drivers\downld\11346343.exe D:\WINDOWS\system32\drivers\downld\11347953.exe D:\WINDOWS\system32\drivers\downld\11379640.exe D:\WINDOWS\system32\drivers\downld\11382906.exe D:\WINDOWS\system32\drivers\downld\113875.exe D:\WINDOWS\system32\drivers\downld\11401046.exe D:\WINDOWS\system32\drivers\downld\11420875.exe D:\WINDOWS\system32\drivers\downld\11424203.exe D:\WINDOWS\system32\drivers\downld\11476218.exe D:\WINDOWS\system32\drivers\downld\115125.exe D:\WINDOWS\system32\drivers\downld\11559671.exe D:\WINDOWS\system32\drivers\downld\11567968.exe D:\WINDOWS\system32\drivers\downld\116640.exe D:\WINDOWS\system32\drivers\downld\117390.exe D:\WINDOWS\system32\drivers\downld\119265.exe D:\WINDOWS\system32\drivers\downld\120671.exe D:\WINDOWS\system32\drivers\downld\122000.exe D:\WINDOWS\system32\drivers\downld\122187.exe D:\WINDOWS\system32\drivers\downld\124000.exe D:\WINDOWS\system32\drivers\downld\124203.exe D:\WINDOWS\system32\drivers\downld\124687.exe D:\WINDOWS\system32\drivers\downld\127203.exe D:\WINDOWS\system32\drivers\downld\145578.exe D:\WINDOWS\system32\drivers\downld\14812828.exe D:\WINDOWS\system32\drivers\downld\14816109.exe D:\WINDOWS\system32\drivers\downld\14821015.exe D:\WINDOWS\system32\drivers\downld\14822593.exe D:\WINDOWS\system32\drivers\downld\14832281.exe D:\WINDOWS\system32\drivers\downld\14834671.exe D:\WINDOWS\system32\drivers\downld\14835671.exe D:\WINDOWS\system32\drivers\downld\14853531.exe D:\WINDOWS\system32\drivers\downld\14854531.exe D:\WINDOWS\system32\drivers\downld\14857562.exe D:\WINDOWS\system32\drivers\downld\14872562.exe D:\WINDOWS\system32\drivers\downld\14872609.exe D:\WINDOWS\system32\drivers\downld\14875296.exe D:\WINDOWS\system32\drivers\downld\14912093.exe D:\WINDOWS\system32\drivers\downld\14926546.exe D:\WINDOWS\system32\drivers\downld\14947843.exe D:\WINDOWS\system32\drivers\downld\14952156.exe D:\WINDOWS\system32\drivers\downld\14955421.exe D:\WINDOWS\system32\drivers\downld\15005562.exe D:\WINDOWS\system32\drivers\downld\15012062.exe D:\WINDOWS\system32\drivers\downld\15021437.exe D:\WINDOWS\system32\drivers\downld\151390.exe D:\WINDOWS\system32\drivers\downld\151500.exe D:\WINDOWS\system32\drivers\downld\15153625.exe D:\WINDOWS\system32\drivers\downld\15164562.exe D:\WINDOWS\system32\drivers\downld\153656.exe D:\WINDOWS\system32\drivers\downld\154484.exe D:\WINDOWS\system32\drivers\downld\157109.exe D:\WINDOWS\system32\drivers\downld\159546.exe D:\WINDOWS\system32\drivers\downld\160500.exe D:\WINDOWS\system32\drivers\downld\160859.exe D:\WINDOWS\system32\drivers\downld\162437.exe D:\WINDOWS\system32\drivers\downld\162984.exe D:\WINDOWS\system32\drivers\downld\163796.exe D:\WINDOWS\system32\drivers\downld\164406.exe D:\WINDOWS\system32\drivers\downld\165250.exe D:\WINDOWS\system32\drivers\downld\167203.exe D:\WINDOWS\system32\drivers\downld\167609.exe D:\WINDOWS\system32\drivers\downld\169187.exe D:\WINDOWS\system32\drivers\downld\170171.exe D:\WINDOWS\system32\drivers\downld\171468.exe D:\WINDOWS\system32\drivers\downld\173828.exe D:\WINDOWS\system32\drivers\downld\179375.exe D:\WINDOWS\system32\drivers\downld\190000.exe D:\WINDOWS\system32\drivers\downld\193031.exe D:\WINDOWS\system32\drivers\downld\194750.exe D:\WINDOWS\system32\drivers\downld\198765.exe D:\WINDOWS\system32\drivers\downld\201031.exe D:\WINDOWS\system32\drivers\downld\201187.exe D:\WINDOWS\system32\drivers\downld\203093.exe D:\WINDOWS\system32\drivers\downld\205015.exe D:\WINDOWS\system32\drivers\downld\206156.exe D:\WINDOWS\system32\drivers\downld\207125.exe D:\WINDOWS\system32\drivers\downld\211921.exe D:\WINDOWS\system32\drivers\downld\212859.exe D:\WINDOWS\system32\drivers\downld\213531.exe D:\WINDOWS\system32\drivers\downld\216812.exe D:\WINDOWS\system32\drivers\downld\220265.exe D:\WINDOWS\system32\drivers\downld\220625.exe D:\WINDOWS\system32\drivers\downld\224890.exe D:\WINDOWS\system32\drivers\downld\250156.exe D:\WINDOWS\system32\drivers\downld\254250.exe D:\WINDOWS\system32\drivers\downld\260953.exe D:\WINDOWS\system32\drivers\downld\29639484.exe D:\WINDOWS\system32\drivers\downld\29648031.exe D:\WINDOWS\system32\drivers\downld\29650062.exe D:\WINDOWS\system32\drivers\downld\29679703.exe D:\WINDOWS\system32\drivers\downld\29683468.exe D:\WINDOWS\system32\drivers\downld\296984.exe D:\WINDOWS\system32\drivers\downld\29718234.exe D:\WINDOWS\system32\drivers\downld\29753484.exe D:\WINDOWS\system32\drivers\downld\29757687.exe D:\WINDOWS\system32\drivers\downld\29760765.exe D:\WINDOWS\system32\drivers\downld\29827546.exe D:\WINDOWS\system32\drivers\downld\299125.exe D:\WINDOWS\system32\drivers\downld\29960437.exe D:\WINDOWS\system32\drivers\downld\29974453.exe D:\WINDOWS\system32\drivers\downld\300765.exe D:\WINDOWS\system32\drivers\downld\302296.exe D:\WINDOWS\system32\drivers\downld\303000.exe D:\WINDOWS\system32\drivers\downld\304359.exe D:\WINDOWS\system32\drivers\downld\308828.exe D:\WINDOWS\system32\drivers\downld\309140.exe D:\WINDOWS\system32\drivers\downld\310375.exe D:\WINDOWS\system32\drivers\downld\310671.exe D:\WINDOWS\system32\drivers\downld\313843.exe D:\WINDOWS\system32\drivers\downld\322343.exe D:\WINDOWS\system32\drivers\downld\334796.exe D:\WINDOWS\system32\drivers\downld\343828.exe D:\WINDOWS\system32\drivers\downld\345312.exe D:\WINDOWS\system32\drivers\downld\349062.exe D:\WINDOWS\system32\drivers\downld\352718.exe D:\WINDOWS\system32\drivers\downld\355234.exe D:\WINDOWS\system32\drivers\downld\356453.exe D:\WINDOWS\system32\drivers\downld\357781.exe D:\WINDOWS\system32\drivers\downld\359750.exe D:\WINDOWS\system32\drivers\downld\364437.exe D:\WINDOWS\system32\drivers\downld\366125.exe D:\WINDOWS\system32\drivers\downld\366250.exe D:\WINDOWS\system32\drivers\downld\369703.exe D:\WINDOWS\system32\drivers\downld\371859.exe D:\WINDOWS\system32\drivers\downld\372078.exe D:\WINDOWS\system32\drivers\downld\379843.exe D:\WINDOWS\system32\drivers\downld\460312.exe D:\WINDOWS\system32\drivers\downld\480203.exe D:\WINDOWS\system32\drivers\downld\483015.exe D:\WINDOWS\system32\drivers\downld\55937.exe D:\WINDOWS\system32\drivers\downld\57687.exe D:\WINDOWS\system32\drivers\downld\58609.exe D:\WINDOWS\system32\drivers\downld\60218.exe D:\WINDOWS\system32\drivers\downld\634359.exe D:\WINDOWS\system32\drivers\downld\63812.exe D:\WINDOWS\system32\drivers\downld\643265.exe D:\WINDOWS\system32\drivers\downld\64703.exe D:\WINDOWS\system32\drivers\downld\64765.exe D:\WINDOWS\system32\drivers\downld\66031.exe D:\WINDOWS\system32\drivers\downld\66437.exe D:\WINDOWS\system32\drivers\downld\66718.exe D:\WINDOWS\system32\drivers\downld\69906.exe D:\WINDOWS\system32\drivers\downld\70812.exe D:\WINDOWS\system32\drivers\downld\71437.exe D:\WINDOWS\system32\drivers\downld\72031.exe D:\WINDOWS\system32\drivers\downld\72062.exe D:\WINDOWS\system32\drivers\downld\72875.exe D:\WINDOWS\system32\drivers\downld\75828.exe D:\WINDOWS\system32\drivers\downld\75937.exe D:\WINDOWS\system32\drivers\downld\76000.exe D:\WINDOWS\system32\drivers\downld\76890.exe D:\WINDOWS\system32\drivers\downld\77500.exe D:\WINDOWS\system32\drivers\downld\78640.exe D:\WINDOWS\system32\drivers\downld\79015.exe D:\WINDOWS\system32\drivers\downld\79093.exe D:\WINDOWS\system32\drivers\downld\79750.exe D:\WINDOWS\system32\drivers\downld\80109.exe D:\WINDOWS\system32\drivers\downld\80640.exe D:\WINDOWS\system32\drivers\downld\80718.exe D:\WINDOWS\system32\drivers\downld\82265.exe D:\WINDOWS\system32\drivers\downld\82375.exe D:\WINDOWS\system32\drivers\downld\82828.exe D:\WINDOWS\system32\drivers\downld\83328.exe D:\WINDOWS\system32\drivers\downld\83890.exe D:\WINDOWS\system32\drivers\downld\83921.exe D:\WINDOWS\system32\drivers\downld\84328.exe D:\WINDOWS\system32\drivers\downld\84703.exe D:\WINDOWS\system32\drivers\downld\86718.exe D:\WINDOWS\system32\drivers\downld\87296.exe D:\WINDOWS\system32\drivers\downld\88937.exe D:\WINDOWS\system32\drivers\downld\89390.exe D:\WINDOWS\system32\drivers\downld\89968.exe D:\WINDOWS\system32\drivers\downld\90500.exe D:\WINDOWS\system32\drivers\downld\91515.exe D:\WINDOWS\system32\drivers\downld\92562.exe D:\WINDOWS\system32\drivers\downld\92843.exe D:\WINDOWS\system32\drivers\downld\93000.exe D:\WINDOWS\system32\drivers\downld\93500.exe D:\WINDOWS\system32\drivers\downld\93687.exe D:\WINDOWS\system32\drivers\downld\94359.exe D:\WINDOWS\system32\drivers\downld\94921.exe D:\WINDOWS\system32\drivers\downld\95000.exe D:\WINDOWS\system32\drivers\downld\95828.exe D:\WINDOWS\system32\drivers\downld\95875.exe D:\WINDOWS\system32\drivers\downld\98296.exe D:\WINDOWS\system32\drivers\srosa.sys D:\WINDOWS\system32\drivers\winfilse.exe D:\WINDOWS\system32\mdelk.exe D:\WINDOWS\system32\wintems.exe F:\autorun.inf F:\nideiect.com G:\autorun.inf G:\nideiect.com . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_SROSA -------\Legacy_SROSA ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-24 au 2008-10-24 )))))))))))))))))))))))))))))))))))) . 2008-10-24 21:46 . 2008-10-24 21:46 <REP> d--hs---- D:\FOUND.001 2008-10-21 20:00 . 2008-10-21 20:00 <REP> d--hs---- D:\FOUND.000 2008-10-06 22:20 . 2008-10-06 22:20 0 --a------ D:\WINDOWS\nsreg.dat 2008-10-06 21:34 . 2008-10-06 21:34 <REP> d-------- D:\Program Files\SAGEM 2008-10-06 21:33 . 2008-10-06 21:33 <REP> d-------- D:\Program Files\Securitoo 2008-10-05 21:00 . 2008-09-08 23:38 88,576 --a------ D:\WINDOWS\system32\AntiXPVSTFix.exe 2008-10-05 21:00 . 2008-10-01 15:51 87,552 --a------ D:\WINDOWS\system32\VACFix.exe 2008-10-05 21:00 . 2008-09-19 12:26 82,944 --a------ D:\WINDOWS\system32\o4Patch.exe 2008-10-05 21:00 . 2008-05-18 21:40 82,944 --a------ D:\WINDOWS\system32\IEDFix.exe 2008-10-05 21:00 . 2008-09-19 12:26 82,944 --a------ D:\WINDOWS\system32\IEDFix.C.exe 2008-10-05 21:00 . 2008-08-18 12:19 82,432 --a------ D:\WINDOWS\system32\404Fix.exe 2008-10-05 20:59 . 2007-09-06 00:22 289,144 --a------ D:\WINDOWS\system32\VCCLSID.exe 2008-10-05 20:59 . 2006-04-27 17:49 288,417 --a------ D:\WINDOWS\system32\SrchSTS.exe 2008-10-05 20:59 . 2003-06-05 21:13 53,248 --a------ D:\WINDOWS\system32\Process.exe 2008-10-05 20:59 . 2004-07-31 18:50 51,200 --a------ D:\WINDOWS\system32\dumphive.exe 2008-10-05 20:59 . 2007-10-04 00:36 25,600 --a------ D:\WINDOWS\system32\WS2Fix.exe 2008-10-05 20:31 . 2008-10-05 21:00 1,696 --a------ D:\WINDOWS\system32\tmp.reg 2008-10-02 13:07 . 2008-10-02 13:07 116,740 --a------ D:\WINDOWS\system32\msxml71.0ll 2008-09-26 11:31 . 2008-09-26 11:31 8 --a------ D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\usb.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-15 15:39 1,846,144 ----a-w D:\WINDOWS\system32\win32k.sys 2008-09-15 15:39 1,846,144 ------w D:\WINDOWS\system32\dllcache\win32k.sys 2008-08-28 10:04 333,056 ----a-w D:\WINDOWS\system32\drivers\srv.sys 2008-08-28 10:04 333,056 ------w D:\WINDOWS\system32\dllcache\srv.sys 2008-08-19 09:30 18,432 ------w D:\WINDOWS\system32\dllcache\iedw.exe 2008-08-14 13:44 2,182,400 ----a-w D:\WINDOWS\system32\ntoskrnl.exe 2008-08-14 13:44 2,182,400 ------w D:\WINDOWS\system32\dllcache\ntoskrnl.exe 2008-08-14 13:44 2,138,112 ------w D:\WINDOWS\system32\dllcache\ntkrnlmp.exe 2008-08-14 13:44 2,059,776 ----a-w D:\WINDOWS\system32\ntkrnlpa.exe 2008-08-14 13:44 2,059,776 ------w D:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2008-08-14 13:44 2,017,792 ------w D:\WINDOWS\system32\dllcache\ntkrpamp.exe 2008-08-14 09:51 138,368 ------w D:\WINDOWS\system32\dllcache\afd.sys 2008-06-01 16:49 44,614 ----a-w D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\mdb.bin 2008-03-18 17:15 3,858,985 ----a-w D:\Program Files\eMule0.48a-Installer.exe 2007-12-23 17:00 18,764,248 ----a-w D:\Program Files\setupfre.exe 2007-11-01 19:49 13,411,824 ----a-w D:\Program Files\Google_Earth_BZXD.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] "AnyDVD"="D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [2008-04-11 2075584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "F-Secure Manager"="D:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" [2008-10-24 176177] "F-Secure TNB"="D:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" [2008-10-24 733184] "QuickTime Task"="D:\Program Files\QuickTime\qttask.exe" [2008-01-31 385024] "Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] D:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Recherche acc‚l‚r‚e.lnk - D:\Program Files\Microsoft Office\Office\FINDFAST.EXE [1997-11-19 111376] D‚marrage d'Office.lnk - D:\Program Files\Microsoft Office\Office\OSA.EXE [1997-11-19 51984] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\beep.sys] @="beep" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Program Files\\eMule\\EMULE.EXE"= "D:\\Program Files\\iTunes\\iTunes.exe"= R3 SOFTXG;YAMAHA XG SoftSynthesizer;D:\WINDOWS\system32\drivers\sxgxgwdm.sys [2002-05-22 966784] S1 F-Secure HIPS;F-Secure HIPS;D:\Program Files\Orange\AntivirusFirewall\HIPS\fshs.sys [ ] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys [ ] S4 F-Secure Filter;F-Secure File System Filter;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [ ] S4 F-Secure Recognizer;F-Secure File System Recognizer;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [ ] S4 FSFW;F-Secure Firewall Driver;D:\WINDOWS\system32\drivers\fsdfw.sys [ ] . Contenu du dossier 'Tâches planifiées' 2008-10-03 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job - D:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57] . - - - - ORPHELINS SUPPRIMES - - - - ShellExecuteHooks-{9C0ADB68-353A-61DD-ED09-1D8003A611CB} - (no file) Notify-WgaLogon - (no file) MSConfigStartUp-WOOKIT - D:\PROGRA~1\WANADOO\Shell.exe MSConfigStartUp-WOOTASKBARICON - D:\PROGRA~1\WANADOO\GestMaj.exe MSConfigStartUp-WOOWATCH - D:\PROGRA~1\WANADOO\Watch.exe . ------- Examen supplémentaire ------- . FireFox -: Profile - D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\Mozilla\Firefox\Profiles\hr8abcv1.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.orange.fr/ FF -: plugin - D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll FF -: plugin - D:\Program Files\Yahoo!\Common\npyaxmpb.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-24 22:42:29 Windows 5.1.2600 Service Pack 2 FAT NTAPI Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\srosa] . Heure de fin: 2008-10-24 22:43:40 ComboFix2.txt 2008-06-16 16:40:48 ComboFix-quarantined-files.txt 2008-10-24 20:43:40 Avant-CF: 8,552,824,832 octets libres Après-CF: 8,586,805,248 octets libres 475 --- E O F --- 2008-10-16 06:51:48

ComboFix 08-10-24.02 - Admin 2008-10-24 22:39:53.6 - FAT32x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.367 [GMT 2:00] AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\data.oct D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\flec006.exe D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\list.oct D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\123_DVD_Converter_4.6.1.6.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Able Web Editor Demo 1.0.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\AblePayments Suite for AbleCommerce 1.5.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\abylon SHAREDDRIVE 6.5.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\ACID Music Studio 7.0a build 157.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\AlphaButton 2.2.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Auto-Mate_Add-in_for_Outlook_1.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Awesome_Cloudscapes_Screen_Saver_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Barcode_Prime_Image_Generator_for_Codabar_1.1_Patch.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Beep 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Bibble_Professional_4.90d.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\BirthdayRemember_6.3.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Blog_Auto_Machine_2.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Commandos_Strike_Force_demo.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\CoolPSettings_3.0g.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Create_Ringtone_4.93.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Crossword_Challenge_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\CVP_optimizer_1.0.6_Patch.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\CZ Print Deleter 1.0 (Crack).zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Dark Nature Screensaver 1.01.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\DesktopPlayer 2.12.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Digital_Alarm_Clock_2.11.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Directory Update 1.1 [With Crack].zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Directory_Compare_and_Synchronize_2.5.7.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Doom_95_demo.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Dr.Windows_1.04.01.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Dr_Parse_VIP_1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\DriverMAGIC_1.1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Dunnabyte Alarm 2008 3.01.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\DVD_Ripper_to_MPEG_2.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\ECalcPad_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\eDrum_MIDI_Mapper_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Email_Control_Center_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Envisioneer Express 3.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\EquTranslator 2.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Europe_2000.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\EZ_Wizard_3.02.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Fancy Fish 1.0 (With Crack).zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Fast_Recorder_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Firearms_Collection_Manager_1.0.25.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Focus Photoeditor 5.1.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Friend_Blaster_Pro_4.1_Key+Serial.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\FusionCoder 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Generic_Game_Engine_1.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Gravit_0.4.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\H&H_Korea2Go_Talking_Phrase_Book_3.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\HS_COM_1.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\HTML_Markdown_2.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\httpZip 3.8.4.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Hyperball Racing demo.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\i5_iSeries_Solution_Sales_V5R3_Practice_Exam_Questions_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Ideal_Browser_Firefox_Edition_2.4.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\IE_Registry_Manager_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Ini_Files_Manager_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Insult Generator 2.3.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Internet_Business_Promoter_(IBP)_9.7.1_[serial].zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\IPTunnelManager 1.4.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\ISO Commander 1.6 build 043.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Kaspersky.Antivirus.5.0.388.Personal.Pro.Key.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Keyboard Extensions 1.0 build 53.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Life Organizer 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\LingvoSoft_Talking_Dictionary_2007_Spanish_-_Korean_4.0.22_(Serial).zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\LogCleaner 5.8.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Magic_Calendar_Maker_2.6.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\MailCrawl_1.17.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\MB Free Egyptian Astrology 1.85.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Memorizer_eXP_5.5_Cracked.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Mercedes Benz W221 Screensaver 1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Military_Sokoban_1.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\mNewsCenter_1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Movkit_DVD_to_PSP_Ripper_4.0_build_20070318.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\MySQL_Delete_(Remove)_Duplicate_Entries_Software_7.0_Cracked.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\NagMe 1.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\NestedQuote Remover 0.7.18.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Norpath_Elements_Designer_3.2_build_390.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Novell_GroupWise_Messenger_3.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Okoker RM to AVI DIVX WMV MPEG VCD DVD Converter & Burner 3.7 Cracked.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\PageHelper 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\PasteItIn 1.2 [Key].zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\PDF Vista Workstation Edition 6.0.0.6200.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\PengYou Word Bin 1.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\PhotoSelector_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\PlasticSniffer_1.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Probability Calculator 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Program Booster 1.0.7.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Promosoft Software Submitter 1.2.1 (Crack).zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Protect EXE 0.4a Beta.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\ReadCheck_1.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Receipt_Book_Manager_6.8.4.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Roman_Numeral_Convertor_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Scales and Chords 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Scrape_to_PDF_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Script Sentry 2.7.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\SearchMulti 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Security_Department_1.9_Serial.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Setup_Builder_6.03_[Key+Serial].zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Silentnight Inspector 3.3.19.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\SimW_1.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\SmartVersion_1.15_RC_beta.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Speed DVD Creator 4.0.42.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\StorageSafe_1.2.0.1210_(Serial).zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Taango_2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\TabMail_2.7.18.17_KeyGen.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Tangram 1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\TCAD for Delphi 2006.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Texas Hold'em Calculator 2.6.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\The_Gadgetbar_Toolbar_for_Firefox_1.5.0.12.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\The_Sims_2_Mommy's_Lipstick_skin.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\TimeLogger 1.0.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Tiper_1.6.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Tom_Clancy's_Splinter_Cell_patch_(European)_1.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Travel Dictionary Spanish HPC 2.7.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\TrayIcon_Pro_1.4.127_SR1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\TremorSkimmer 1.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Unreal_Tournament_2004_DOM_Parallel_map.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\US_and_Counties_Map_Locator_1.0_KeyGen.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\V-NewsTicker_2.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\VAlarm_1.0_(Patch).zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Video to WMV Redactor 1.02.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Vocal_Imitation_1.0.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\VrmlPad 2.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Weather Underground Vista Gadget 1.1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\WebCollect_Toolbar_1.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Windows Password Cracker 3.04.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Wizardbrush_6.7.3.2.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\XBC_Xbox_Connect_5.1.5.293.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\shared\Xilisoft AVI to DVD Converter 3.0.36.0502.zip D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\m\srvlist.oct D:\WINDOWS\system32\ban_list.txt D:\WINDOWS\system32\drivers\downld D:\WINDOWS\system32\drivers\downld\100140.exe D:\WINDOWS\system32\drivers\downld\100203.exe D:\WINDOWS\system32\drivers\downld\100765.exe D:\WINDOWS\system32\drivers\downld\102218.exe D:\WINDOWS\system32\drivers\downld\102640.exe D:\WINDOWS\system32\drivers\downld\105265.exe D:\WINDOWS\system32\drivers\downld\107562.exe D:\WINDOWS\system32\drivers\downld\110296.exe D:\WINDOWS\system32\drivers\downld\111109.exe D:\WINDOWS\system32\drivers\downld\111640.exe D:\WINDOWS\system32\drivers\downld\11271953.exe D:\WINDOWS\system32\drivers\downld\113375.exe D:\WINDOWS\system32\drivers\downld\11346343.exe D:\WINDOWS\system32\drivers\downld\11347953.exe D:\WINDOWS\system32\drivers\downld\11379640.exe D:\WINDOWS\system32\drivers\downld\11382906.exe D:\WINDOWS\system32\drivers\downld\113875.exe D:\WINDOWS\system32\drivers\downld\11401046.exe D:\WINDOWS\system32\drivers\downld\11420875.exe D:\WINDOWS\system32\drivers\downld\11424203.exe D:\WINDOWS\system32\drivers\downld\11476218.exe D:\WINDOWS\system32\drivers\downld\115125.exe D:\WINDOWS\system32\drivers\downld\11559671.exe D:\WINDOWS\system32\drivers\downld\11567968.exe D:\WINDOWS\system32\drivers\downld\116640.exe D:\WINDOWS\system32\drivers\downld\117390.exe D:\WINDOWS\system32\drivers\downld\119265.exe D:\WINDOWS\system32\drivers\downld\120671.exe D:\WINDOWS\system32\drivers\downld\122000.exe D:\WINDOWS\system32\drivers\downld\122187.exe D:\WINDOWS\system32\drivers\downld\124000.exe D:\WINDOWS\system32\drivers\downld\124203.exe D:\WINDOWS\system32\drivers\downld\124687.exe D:\WINDOWS\system32\drivers\downld\127203.exe D:\WINDOWS\system32\drivers\downld\145578.exe D:\WINDOWS\system32\drivers\downld\14812828.exe D:\WINDOWS\system32\drivers\downld\14816109.exe D:\WINDOWS\system32\drivers\downld\14821015.exe D:\WINDOWS\system32\drivers\downld\14822593.exe D:\WINDOWS\system32\drivers\downld\14832281.exe D:\WINDOWS\system32\drivers\downld\14834671.exe D:\WINDOWS\system32\drivers\downld\14835671.exe D:\WINDOWS\system32\drivers\downld\14853531.exe D:\WINDOWS\system32\drivers\downld\14854531.exe D:\WINDOWS\system32\drivers\downld\14857562.exe D:\WINDOWS\system32\drivers\downld\14872562.exe D:\WINDOWS\system32\drivers\downld\14872609.exe D:\WINDOWS\system32\drivers\downld\14875296.exe D:\WINDOWS\system32\drivers\downld\14912093.exe D:\WINDOWS\system32\drivers\downld\14926546.exe D:\WINDOWS\system32\drivers\downld\14947843.exe D:\WINDOWS\system32\drivers\downld\14952156.exe D:\WINDOWS\system32\drivers\downld\14955421.exe D:\WINDOWS\system32\drivers\downld\15005562.exe D:\WINDOWS\system32\drivers\downld\15012062.exe D:\WINDOWS\system32\drivers\downld\15021437.exe D:\WINDOWS\system32\drivers\downld\151390.exe D:\WINDOWS\system32\drivers\downld\151500.exe D:\WINDOWS\system32\drivers\downld\15153625.exe D:\WINDOWS\system32\drivers\downld\15164562.exe D:\WINDOWS\system32\drivers\downld\153656.exe D:\WINDOWS\system32\drivers\downld\154484.exe D:\WINDOWS\system32\drivers\downld\157109.exe D:\WINDOWS\system32\drivers\downld\159546.exe D:\WINDOWS\system32\drivers\downld\160500.exe D:\WINDOWS\system32\drivers\downld\160859.exe D:\WINDOWS\system32\drivers\downld\162437.exe D:\WINDOWS\system32\drivers\downld\162984.exe D:\WINDOWS\system32\drivers\downld\163796.exe D:\WINDOWS\system32\drivers\downld\164406.exe D:\WINDOWS\system32\drivers\downld\165250.exe D:\WINDOWS\system32\drivers\downld\167203.exe D:\WINDOWS\system32\drivers\downld\167609.exe D:\WINDOWS\system32\drivers\downld\169187.exe D:\WINDOWS\system32\drivers\downld\170171.exe D:\WINDOWS\system32\drivers\downld\171468.exe D:\WINDOWS\system32\drivers\downld\173828.exe D:\WINDOWS\system32\drivers\downld\179375.exe D:\WINDOWS\system32\drivers\downld\190000.exe D:\WINDOWS\system32\drivers\downld\193031.exe D:\WINDOWS\system32\drivers\downld\194750.exe D:\WINDOWS\system32\drivers\downld\198765.exe D:\WINDOWS\system32\drivers\downld\201031.exe D:\WINDOWS\system32\drivers\downld\201187.exe D:\WINDOWS\system32\drivers\downld\203093.exe D:\WINDOWS\system32\drivers\downld\205015.exe D:\WINDOWS\system32\drivers\downld\206156.exe D:\WINDOWS\system32\drivers\downld\207125.exe D:\WINDOWS\system32\drivers\downld\211921.exe D:\WINDOWS\system32\drivers\downld\212859.exe D:\WINDOWS\system32\drivers\downld\213531.exe D:\WINDOWS\system32\drivers\downld\216812.exe D:\WINDOWS\system32\drivers\downld\220265.exe D:\WINDOWS\system32\drivers\downld\220625.exe D:\WINDOWS\system32\drivers\downld\224890.exe D:\WINDOWS\system32\drivers\downld\250156.exe D:\WINDOWS\system32\drivers\downld\254250.exe D:\WINDOWS\system32\drivers\downld\260953.exe D:\WINDOWS\system32\drivers\downld\29639484.exe D:\WINDOWS\system32\drivers\downld\29648031.exe D:\WINDOWS\system32\drivers\downld\29650062.exe D:\WINDOWS\system32\drivers\downld\29679703.exe D:\WINDOWS\system32\drivers\downld\29683468.exe D:\WINDOWS\system32\drivers\downld\296984.exe D:\WINDOWS\system32\drivers\downld\29718234.exe D:\WINDOWS\system32\drivers\downld\29753484.exe D:\WINDOWS\system32\drivers\downld\29757687.exe D:\WINDOWS\system32\drivers\downld\29760765.exe D:\WINDOWS\system32\drivers\downld\29827546.exe D:\WINDOWS\system32\drivers\downld\299125.exe D:\WINDOWS\system32\drivers\downld\29960437.exe D:\WINDOWS\system32\drivers\downld\29974453.exe D:\WINDOWS\system32\drivers\downld\300765.exe D:\WINDOWS\system32\drivers\downld\302296.exe D:\WINDOWS\system32\drivers\downld\303000.exe D:\WINDOWS\system32\drivers\downld\304359.exe D:\WINDOWS\system32\drivers\downld\308828.exe D:\WINDOWS\system32\drivers\downld\309140.exe D:\WINDOWS\system32\drivers\downld\310375.exe D:\WINDOWS\system32\drivers\downld\310671.exe D:\WINDOWS\system32\drivers\downld\313843.exe D:\WINDOWS\system32\drivers\downld\322343.exe D:\WINDOWS\system32\drivers\downld\334796.exe D:\WINDOWS\system32\drivers\downld\343828.exe D:\WINDOWS\system32\drivers\downld\345312.exe D:\WINDOWS\system32\drivers\downld\349062.exe D:\WINDOWS\system32\drivers\downld\352718.exe D:\WINDOWS\system32\drivers\downld\355234.exe D:\WINDOWS\system32\drivers\downld\356453.exe D:\WINDOWS\system32\drivers\downld\357781.exe D:\WINDOWS\system32\drivers\downld\359750.exe D:\WINDOWS\system32\drivers\downld\364437.exe D:\WINDOWS\system32\drivers\downld\366125.exe D:\WINDOWS\system32\drivers\downld\366250.exe D:\WINDOWS\system32\drivers\downld\369703.exe D:\WINDOWS\system32\drivers\downld\371859.exe D:\WINDOWS\system32\drivers\downld\372078.exe D:\WINDOWS\system32\drivers\downld\379843.exe D:\WINDOWS\system32\drivers\downld\460312.exe D:\WINDOWS\system32\drivers\downld\480203.exe D:\WINDOWS\system32\drivers\downld\483015.exe D:\WINDOWS\system32\drivers\downld\55937.exe D:\WINDOWS\system32\drivers\downld\57687.exe D:\WINDOWS\system32\drivers\downld\58609.exe D:\WINDOWS\system32\drivers\downld\60218.exe D:\WINDOWS\system32\drivers\downld\634359.exe D:\WINDOWS\system32\drivers\downld\63812.exe D:\WINDOWS\system32\drivers\downld\643265.exe D:\WINDOWS\system32\drivers\downld\64703.exe D:\WINDOWS\system32\drivers\downld\64765.exe D:\WINDOWS\system32\drivers\downld\66031.exe D:\WINDOWS\system32\drivers\downld\66437.exe D:\WINDOWS\system32\drivers\downld\66718.exe D:\WINDOWS\system32\drivers\downld\69906.exe D:\WINDOWS\system32\drivers\downld\70812.exe D:\WINDOWS\system32\drivers\downld\71437.exe D:\WINDOWS\system32\drivers\downld\72031.exe D:\WINDOWS\system32\drivers\downld\72062.exe D:\WINDOWS\system32\drivers\downld\72875.exe D:\WINDOWS\system32\drivers\downld\75828.exe D:\WINDOWS\system32\drivers\downld\75937.exe D:\WINDOWS\system32\drivers\downld\76000.exe D:\WINDOWS\system32\drivers\downld\76890.exe D:\WINDOWS\system32\drivers\downld\77500.exe D:\WINDOWS\system32\drivers\downld\78640.exe D:\WINDOWS\system32\drivers\downld\79015.exe D:\WINDOWS\system32\drivers\downld\79093.exe D:\WINDOWS\system32\drivers\downld\79750.exe D:\WINDOWS\system32\drivers\downld\80109.exe D:\WINDOWS\system32\drivers\downld\80640.exe D:\WINDOWS\system32\drivers\downld\80718.exe D:\WINDOWS\system32\drivers\downld\82265.exe D:\WINDOWS\system32\drivers\downld\82375.exe D:\WINDOWS\system32\drivers\downld\82828.exe D:\WINDOWS\system32\drivers\downld\83328.exe D:\WINDOWS\system32\drivers\downld\83890.exe D:\WINDOWS\system32\drivers\downld\83921.exe D:\WINDOWS\system32\drivers\downld\84328.exe D:\WINDOWS\system32\drivers\downld\84703.exe D:\WINDOWS\system32\drivers\downld\86718.exe D:\WINDOWS\system32\drivers\downld\87296.exe D:\WINDOWS\system32\drivers\downld\88937.exe D:\WINDOWS\system32\drivers\downld\89390.exe D:\WINDOWS\system32\drivers\downld\89968.exe D:\WINDOWS\system32\drivers\downld\90500.exe D:\WINDOWS\system32\drivers\downld\91515.exe D:\WINDOWS\system32\drivers\downld\92562.exe D:\WINDOWS\system32\drivers\downld\92843.exe D:\WINDOWS\system32\drivers\downld\93000.exe D:\WINDOWS\system32\drivers\downld\93500.exe D:\WINDOWS\system32\drivers\downld\93687.exe D:\WINDOWS\system32\drivers\downld\94359.exe D:\WINDOWS\system32\drivers\downld\94921.exe D:\WINDOWS\system32\drivers\downld\95000.exe D:\WINDOWS\system32\drivers\downld\95828.exe D:\WINDOWS\system32\drivers\downld\95875.exe D:\WINDOWS\system32\drivers\downld\98296.exe D:\WINDOWS\system32\drivers\srosa.sys D:\WINDOWS\system32\drivers\winfilse.exe D:\WINDOWS\system32\mdelk.exe D:\WINDOWS\system32\wintems.exe F:\autorun.inf F:\nideiect.com G:\autorun.inf G:\nideiect.com . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_SROSA -------\Legacy_SROSA ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-24 au 2008-10-24 )))))))))))))))))))))))))))))))))))) . 2008-10-24 21:46 . 2008-10-24 21:46 <REP> d--hs---- D:\FOUND.001 2008-10-21 20:00 . 2008-10-21 20:00 <REP> d--hs---- D:\FOUND.000 2008-10-06 22:20 . 2008-10-06 22:20 0 --a------ D:\WINDOWS\nsreg.dat 2008-10-06 21:34 . 2008-10-06 21:34 <REP> d-------- D:\Program Files\SAGEM 2008-10-06 21:33 . 2008-10-06 21:33 <REP> d-------- D:\Program Files\Securitoo 2008-10-05 21:00 . 2008-09-08 23:38 88,576 --a------ D:\WINDOWS\system32\AntiXPVSTFix.exe 2008-10-05 21:00 . 2008-10-01 15:51 87,552 --a------ D:\WINDOWS\system32\VACFix.exe 2008-10-05 21:00 . 2008-09-19 12:26 82,944 --a------ D:\WINDOWS\system32\o4Patch.exe 2008-10-05 21:00 . 2008-05-18 21:40 82,944 --a------ D:\WINDOWS\system32\IEDFix.exe 2008-10-05 21:00 . 2008-09-19 12:26 82,944 --a------ D:\WINDOWS\system32\IEDFix.C.exe 2008-10-05 21:00 . 2008-08-18 12:19 82,432 --a------ D:\WINDOWS\system32\404Fix.exe 2008-10-05 20:59 . 2007-09-06 00:22 289,144 --a------ D:\WINDOWS\system32\VCCLSID.exe 2008-10-05 20:59 . 2006-04-27 17:49 288,417 --a------ D:\WINDOWS\system32\SrchSTS.exe 2008-10-05 20:59 . 2003-06-05 21:13 53,248 --a------ D:\WINDOWS\system32\Process.exe 2008-10-05 20:59 . 2004-07-31 18:50 51,200 --a------ D:\WINDOWS\system32\dumphive.exe 2008-10-05 20:59 . 2007-10-04 00:36 25,600 --a------ D:\WINDOWS\system32\WS2Fix.exe 2008-10-05 20:31 . 2008-10-05 21:00 1,696 --a------ D:\WINDOWS\system32\tmp.reg 2008-10-02 13:07 . 2008-10-02 13:07 116,740 --a------ D:\WINDOWS\system32\msxml71.0ll 2008-09-26 11:31 . 2008-09-26 11:31 8 --a------ D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\usb.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-15 15:39 1,846,144 ----a-w D:\WINDOWS\system32\win32k.sys 2008-09-15 15:39 1,846,144 ------w D:\WINDOWS\system32\dllcache\win32k.sys 2008-08-28 10:04 333,056 ----a-w D:\WINDOWS\system32\drivers\srv.sys 2008-08-28 10:04 333,056 ------w D:\WINDOWS\system32\dllcache\srv.sys 2008-08-19 09:30 18,432 ------w D:\WINDOWS\system32\dllcache\iedw.exe 2008-08-14 13:44 2,182,400 ----a-w D:\WINDOWS\system32\ntoskrnl.exe 2008-08-14 13:44 2,182,400 ------w D:\WINDOWS\system32\dllcache\ntoskrnl.exe 2008-08-14 13:44 2,138,112 ------w D:\WINDOWS\system32\dllcache\ntkrnlmp.exe 2008-08-14 13:44 2,059,776 ----a-w D:\WINDOWS\system32\ntkrnlpa.exe 2008-08-14 13:44 2,059,776 ------w D:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2008-08-14 13:44 2,017,792 ------w D:\WINDOWS\system32\dllcache\ntkrpamp.exe 2008-08-14 09:51 138,368 ------w D:\WINDOWS\system32\dllcache\afd.sys 2008-06-01 16:49 44,614 ----a-w D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\mdb.bin 2008-03-18 17:15 3,858,985 ----a-w D:\Program Files\eMule0.48a-Installer.exe 2007-12-23 17:00 18,764,248 ----a-w D:\Program Files\setupfre.exe 2007-11-01 19:49 13,411,824 ----a-w D:\Program Files\Google_Earth_BZXD.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] "AnyDVD"="D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [2008-04-11 2075584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "F-Secure Manager"="D:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" [2008-10-24 176177] "F-Secure TNB"="D:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" [2008-10-24 733184] "QuickTime Task"="D:\Program Files\QuickTime\qttask.exe" [2008-01-31 385024] "Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] D:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Recherche acc‚l‚r‚e.lnk - D:\Program Files\Microsoft Office\Office\FINDFAST.EXE [1997-11-19 111376] D‚marrage d'Office.lnk - D:\Program Files\Microsoft Office\Office\OSA.EXE [1997-11-19 51984] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\beep.sys] @="beep" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Program Files\\eMule\\EMULE.EXE"= "D:\\Program Files\\iTunes\\iTunes.exe"= R3 SOFTXG;YAMAHA XG SoftSynthesizer;D:\WINDOWS\system32\drivers\sxgxgwdm.sys [2002-05-22 966784] S1 F-Secure HIPS;F-Secure HIPS;D:\Program Files\Orange\AntivirusFirewall\HIPS\fshs.sys [ ] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys [ ] S4 F-Secure Filter;F-Secure File System Filter;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [ ] S4 F-Secure Recognizer;F-Secure File System Recognizer;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [ ] S4 FSFW;F-Secure Firewall Driver;D:\WINDOWS\system32\drivers\fsdfw.sys [ ] . Contenu du dossier 'Tâches planifiées' 2008-10-03 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job - D:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57] . - - - - ORPHELINS SUPPRIMES - - - - ShellExecuteHooks-{9C0ADB68-353A-61DD-ED09-1D8003A611CB} - (no file) Notify-WgaLogon - (no file) MSConfigStartUp-WOOKIT - D:\PROGRA~1\WANADOO\Shell.exe MSConfigStartUp-WOOTASKBARICON - D:\PROGRA~1\WANADOO\GestMaj.exe MSConfigStartUp-WOOWATCH - D:\PROGRA~1\WANADOO\Watch.exe . ------- Examen supplémentaire ------- . FireFox -: Profile - D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\Mozilla\Firefox\Profiles\hr8abcv1.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.orange.fr/ FF -: plugin - D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll FF -: plugin - D:\Program Files\Yahoo!\Common\npyaxmpb.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-24 22:42:29 Windows 5.1.2600 Service Pack 2 FAT NTAPI Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\srosa] . Heure de fin: 2008-10-24 22:43:40 ComboFix2.txt 2008-06-16 16:40:48 ComboFix-quarantined-files.txt 2008-10-24 20:43:40 Avant-CF: 8,552,824,832 octets libres Après-CF: 8,586,805,248 octets libres 475 --- E O F --- 2008-10-16 06:51:48

Re bonsoir En fait j'ai parlé trops vite Antivir ne s'installe pas!Il me demande systématiquement de faire un reboot et de le réinstaller mais ça plante toujours au même point! Merci Re bonsoir En fait j'ai parlé trops vite Antivir ne s'installe pas!Il me demande systématiquement de faire un reboot et de le réinstaller mais ça plante toujours au même point! Merci

Bonsoir Effectivement j'ai ce message Win 32 n'est pas une application valide. D'autre j'ai acces au démarrage mode sans échec mais je ne sais pas faire;et enfin j'ai acces au panneau de configuration et au poste de travail mais faut être patient ça rame beaucoup Apparemment j'ai pu télécharger Antivir En attente de votre réponse merci beaucoup

Bonjour, J'ai un gros problème : je n'ai plus l'icone de mon antivirus (Firewall) et si je veux analyser mes dossiers, Firewall ne répond pas. De plus, lorsque je clique sur les icônes du bureau (Ccleaner et Hisjaksis), cela ne répond pas ; j'ai tenté de les télécharger et de les réinstaller : impossible. Pouvez vous m'aider, Avec mes remerciements, Musico

Voila le navigateur Orange est désinstallé Que dois je faire ensuite? Merci

SmitFraudFix v2.356 Rapport fait à 21:00:34,71, 05/10/2008 Executé à partir de D:\Documents and Settings\Admin.XPSP2-8246C1C43\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\Explorer.EXE D:\Program Files\Orange\Systray\SystrayApp.exe D:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE D:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE D:\PROGRA~1\WANADOO\TaskBarIcon.exe D:\Program Files\Orange\Launcher\Launcher.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe D:\PROGRA~1\WANADOO\GestionnaireInternet.exe D:\PROGRA~1\WANADOO\ComComp.exe D:\PROGRA~1\WANADOO\Toaster.exe D:\PROGRA~1\WANADOO\Inactivity.exe D:\PROGRA~1\WANADOO\PollingModule.exe D:\Program Files\Microsoft Office\Office\OSA.EXE D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe D:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE D:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe D:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE D:\WINDOWS\system32\svchost.exe D:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE D:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe D:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe D:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe D:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe D:\PROGRA~1\WANADOO\Watch.exe D:\Program Files\internet explorer\iexplore.exe D:\WINDOWS\system32\wuauclt.exe D:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» D:\ »»»»»»»»»»»»»»»»»»»»»»»» D:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» D:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» D:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» D:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» D:\Documents and Settings\Admin.XPSP2-8246C1C43 »»»»»»»»»»»»»»»»»»»»»»»» D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» D:\DOCUME~1\ADMIN~1.XPS\FAVORIS »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» D:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! AntiXPVSTFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="D:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Intel® PRO/100 VE Network Connection - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{04C40AF3-1AA0-443B-B7AC-529C29CC3C2A}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{04C40AF3-1AA0-443B-B7AC-529C29CC3C2A}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{04C40AF3-1AA0-443B-B7AC-529C29CC3C2A}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Bonsoir voici le 2ème rapport après redemarrage mode sans echec j'espère que je n'ai pas fait de mauvaise manip!Merci beaucoup

SmitFraudFix v2.356 Rapport fait à 20:31:12,28, 05/10/2008 Executé à partir de D:\Documents and Settings\Admin.XPSP2-8246C1C43\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Orange\Systray\SystrayApp.exe D:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE D:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE D:\PROGRA~1\WANADOO\TaskBarIcon.exe D:\Program Files\Orange\Launcher\Launcher.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe D:\PROGRA~1\WANADOO\GestionnaireInternet.exe D:\PROGRA~1\WANADOO\ComComp.exe D:\PROGRA~1\WANADOO\Toaster.exe D:\PROGRA~1\WANADOO\Inactivity.exe D:\PROGRA~1\WANADOO\PollingModule.exe D:\Program Files\Microsoft Office\Office\OSA.EXE D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe D:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE D:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe D:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE D:\WINDOWS\system32\svchost.exe D:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe D:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE D:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe D:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe D:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe D:\PROGRA~1\WANADOO\Watch.exe D:\WINDOWS\system32\wuauclt.exe D:\Program Files\iPod\bin\iPodService.exe D:\Program Files\internet explorer\iexplore.exe D:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» D:\ »»»»»»»»»»»»»»»»»»»»»»»» D:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» D:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» D:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» D:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» D:\Documents and Settings\Admin.XPSP2-8246C1C43 »»»»»»»»»»»»»»»»»»»»»»»» D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» D:\DOCUME~1\ADMIN~1.XPS\FAVORIS »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» D:\Program Files D:\Program Files\sav\ PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! AntiXPVSTFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="D:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Intel® PRO/100 VE Network Connection - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{04C40AF3-1AA0-443B-B7AC-529C29CC3C2A}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{04C40AF3-1AA0-443B-B7AC-529C29CC3C2A}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{04C40AF3-1AA0-443B-B7AC-529C29CC3C2A}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

Bonjour Mon pc rame énormément (trojan?) pouvez vous m'aider? Ci joint le rapport hisjackthis En vous remerciant Cordialement Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:54:13, on 05/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Orange\Systray\SystrayApp.exe D:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE D:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE D:\PROGRA~1\WANADOO\TaskBarIcon.exe D:\Program Files\Orange\Launcher\Launcher.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe D:\PROGRA~1\WANADOO\GestionnaireInternet.exe D:\PROGRA~1\WANADOO\ComComp.exe D:\PROGRA~1\WANADOO\Toaster.exe D:\PROGRA~1\WANADOO\Inactivity.exe D:\PROGRA~1\WANADOO\PollingModule.exe D:\Program Files\Microsoft Office\Office\OSA.EXE D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe D:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE D:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe D:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE D:\WINDOWS\system32\svchost.exe D:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe D:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE D:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe D:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe D:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe D:\PROGRA~1\WANADOO\Watch.exe D:\WINDOWS\system32\wuauclt.exe D:\Program Files\internet explorer\iexplore.exe D:\Program Files\internet explorer\iexplore.exe D:\Program Files\iTunes\iTunes.exe D:\Program Files\iPod\bin\iPodService.exe D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe D:\Documents and Settings\Admin.XPSP2-8246C1C43\Bureau\hijackthis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - D:\PROGRA~1\WANADOO\SEARCH~1.DLL R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - D:\WINDOWS\system32\msxml71.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O3 - Toolbar: (no name) - {0939FF27-A717-4F67-96B5-555F9510F17F} - (no file) O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [systrayORAHSS] "D:\Program Files\Orange\Systray\SystrayApp.exe" O4 - HKLM\..\Run: [ORAHSSSessionManager] D:\Program Files\Orange\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [WOOWATCH] D:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] D:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "D:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [secureExpertCleanerDownloader] D:\Documents and Settings\Admin.XPSP2-8246C1C43\Local Settings\Temporary Internet Files\Content.IE5\2QE5DHGY\CleanerInstaller_fr[2].exe O4 - HKCU\..\Run: [WOOKIT] D:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [AnyDVD] D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe O4 - HKCU\..\Run: [MSFox] D:\DOCUME~1\ADMIN~1.XPS\LOCALS~1\Temp\video232.cfg.exe O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - Global Startup: Microsoft Recherche accélérée.lnk = D:\Program Files\Microsoft Office\Office\FINDFAST.EXE O4 - Global Startup: Démarrage d'Office.lnk = D:\Program Files\Microsoft Office\Office\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Humour Toolbar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file) O9 - Extra 'Tools' menuitem: Humour Toolbar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file) O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O15 - Trusted Zone: http://www.orange.fr O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1193861332750 O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - D:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - D:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe -- End of file - 8487 bytes

BONJOUR VOICI LE RAPPORT DEMANDE MERCI ENCORE Search Navipromo version 3.5.8 commencé le 17/06/2008 à 7:27:35,53 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis D:\Program Files\navilog1 Session actuelle : "Admin" Mise à jour le 06.06.2008 à 18h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 6.0.2900.2180 Système de fichiers : FAT32 Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "D:\WINDOWS" *** *** Recherche dossiers dans "D:\Program Files" *** *** Recherche dossiers dans "d:\docume~1\alluse~1.win\applic~1" *** *** Recherche dossiers dans "d:\docume~1\alluse~1.win\menudÉ~1\progra~1" *** *** Recherche dossiers dans "D:\Documents and Settings\Admin.XPSP2-8246C1C43\applic~1" *** *** Recherche dossiers dans "D:\DOCUME~1\PROPRI~1\applic~1" *** *** Recherche dossiers dans "D:\Documents and Settings\Admin.XPSP2-8246C1C43\locals~1\applic~1" *** *** Recherche dossiers dans "D:\DOCUME~1\PROPRI~1\locals~1\applic~1" *** *** Recherche dossiers dans "D:\Documents and Settings\Admin.XPSP2-8246C1C43\menud+~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Aucun Fichier trouvé *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "D:\WINDOWS\system32" * * Recherche dans "D:\Documents and Settings\Admin.XPSP2-8246C1C43\locals~1\applic~1" * * Recherche dans "D:\DOCUME~1\PROPRI~1\locals~1\applic~1" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "D:\WINDOWS\system32" : * Dans "D:\Documents and Settings\Admin.XPSP2-8246C1C43\locals~1\applic~1" : * Dans "D:\DOCUME~1\PROPRI~1\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup absent ! Certificat Electronic-Group trouvé ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 17/06/2008 à 7:30:25,59 ***

BONSOIR VOICI LE RAPPORT MOVE IT EN ESPERANT QUE CA MARCHERA! ENCORE MERCI File/Folder Code not found. D:\WINDOWS\system32\wvUlmmjH.0ll moved successfully. D:\WINDOWS\system32\jkkLDVNH.0ll moved successfully. D:\WINDOWS\system32\2742944188.dat moved successfully. D:\WINDOWS\system32\dcenysqq.0ll moved successfully. D:\WINDOWS\system32\xxyATJdD.0ll moved successfully. D:\WINDOWS\system32\ieupdates.exe.tmp moved successfully. D:\WINDOWS\xkefqtgs.0ll moved successfully. D:\WINDOWS\rtsplgob.0ll moved successfully. D:\WINDOWS\esrt.0xe moved successfully. D:\WINDOWS\pebgkxwq.0xe moved successfully. File move failed. D:\WINDOWS\S90016F46.tmp scheduled to be moved on reboot. < EmptyTemp > File delete failed. D:\DOCUME~1\ADMIN~1.XPS\LOCALS~1\Temp\~DF4D6C.tmp scheduled to be deleted on reboot. File delete failed. D:\WINDOWS\temp\nvcbin.def.AB37B891.TMP scheduled to be deleted on reboot. Temp folders emptied. IE temp folders emptied. OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06162008_233457 Files moved on Reboot... File move failed. D:\WINDOWS\S90016F46.tmp scheduled to be moved on reboot. D:\DOCUME~1\ADMIN~1.XPS\LOCALS~1\Temp\~DF4D6C.tmp moved successfully. D:\WINDOWS\temp\nvcbin.def.AB37B891.TMP moved successfully.

BONSOIR J AI REFAIT LA MEME OPERATION EN ESPERANT QUE CETTE FOIS CA MARCHERA ENCORE MERCI VOICI LE RAPPORT ComboFix 08-06-12.2 - Admin 2008-06-16 18:35:55.5 - FAT32x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.307 [GMT 2:00] Endroit: D:\Documents and Settings\Admin.XPSP2-8246C1C43\Bureau\combofix.exe Command switches used :: C:\CFScript[1].txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-16 to 2008-06-16 )))))))))))))))))))))))))))))))))))) . 2008-06-15 23:43 . 2008-06-15 23:46 1,374 --a------ D:\WINDOWS\imsins.BAK 2008-06-15 11:31 . 2008-04-14 17:52 272,768 --------- D:\WINDOWS\system32\drivers\bthport.sys 2008-06-15 11:31 . 2008-04-14 17:52 272,768 --------- D:\WINDOWS\system32\dllcache\bthport.sys 2008-06-15 11:30 . 2008-06-15 11:30 <REP> d-------- D:\Documents and Settings\Propriétaire 2008-06-15 11:30 . <REP> D:\Documents and Settings\PropriÚtaire\Local Settings 2008-06-14 11:18 . 2008-06-14 11:18 400 --a------ D:\WINDOWS\RPCD.ini 2008-06-13 21:00 . 2008-06-13 21:27 51,072 --a------ D:\WINDOWS\system32\drivers\fsdfw.sys 2008-06-13 21:00 . 2008-06-13 21:27 30,016 --a------ D:\WINDOWS\system32\drivers\fsndis5.sys 2008-06-13 20:58 . 2008-06-13 20:58 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\F-Secure 2008-06-13 20:54 . 2008-06-13 20:54 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\fssg 2008-06-13 20:48 . 2008-06-13 20:48 32 --a-s---- D:\WINDOWS\system32\2742944188.dat 2008-06-13 12:09 . 2008-06-13 12:09 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion 2008-06-13 11:47 . 2008-06-13 11:47 <REP> d-------- D:\Program Files\Yahoo! 2008-06-13 11:46 . 2008-06-13 11:46 <REP> d-------- D:\Program Files\CCleaner 2008-06-13 09:59 . 2008-06-13 09:59 93,056 --a------ D:\WINDOWS\system32\dcenysqq.0ll 2008-06-13 00:11 . 2008-06-13 00:11 <REP> d-------- D:\WINDOWS\system32\AlertModule 2008-06-12 23:22 . 2007-09-25 19:31 65,536 --a------ D:\WINDOWS\system32\Autodial2000.dll 2008-06-12 23:21 . 2008-06-12 23:21 <REP> d-------- D:\Program Files\Orange 2008-06-12 23:21 . 2003-09-23 11:38 34,688 --a------ D:\WINDOWS\system32\pcampr5.sys 2008-06-12 23:20 . 2008-06-12 23:20 <REP> d-------- D:\Program Files\Fichiers communs\France Telecom 2008-06-12 23:20 . 2003-03-19 04:05 89,088 --a------ D:\WINDOWS\system32\atl71.dll 2008-06-12 23:16 . 2008-06-12 23:16 <REP> d-------- D:\Program Files\SAGEM 2008-06-10 20:07 . 2008-06-10 20:07 322,432 --a------ D:\WINDOWS\system32\xxyATJdD.0ll 2008-06-10 16:11 . 2008-06-12 06:11 0 --a------ D:\WINDOWS\system32\ieupdates.exe.tmp 2008-06-10 15:22 . 2008-06-10 15:22 <REP> d-------- D:\Program Files\AbsoluteTransfer 2008-06-10 14:11 . 2008-06-10 14:11 <REP> d-------- D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\Nero 2008-06-10 13:39 . 2008-06-10 03:28 315,392 --a------ D:\WINDOWS\xkefqtgs.0ll 2008-06-10 13:39 . 2008-06-10 03:28 188,416 --a------ D:\WINDOWS\rtsplgob.0ll 2008-06-10 13:39 . 2008-06-10 03:28 176,128 --a------ D:\WINDOWS\esrt.0xe 2008-06-10 13:39 . 2008-06-10 03:28 143,360 --a------ D:\WINDOWS\pebgkxwq.0xe 2008-06-10 13:39 . 2008-06-10 13:39 29,312 --a------ D:\WINDOWS\system32\wvUlmmjH.0ll 2008-06-10 13:39 . 2008-06-10 13:40 29,312 --a------ D:\WINDOWS\system32\jkkLDVNH.0ll 2008-06-01 18:40 . 2008-06-01 18:40 <REP> d-------- D:\Program Files\PHOTOCITE Collection 2008-06-01 18:40 . 2008-06-01 18:49 44,614 --a------ D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\mdb.bin 2008-05-26 18:19 . 2008-05-26 18:19 <REP> d-------- D:\Program Files\eMule 2008-05-25 08:35 . 2008-06-16 18:21 182 --a------ D:\WINDOWS\NeroDigital.ini 2008-05-24 23:27 . 2008-05-24 23:27 <REP> d-------- D:\Program Files\MSXML 4.0 2008-05-23 22:56 . 2008-05-23 22:56 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\Elaborate Bytes 2008-05-23 15:52 . 2008-05-23 15:52 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\SlySoft 2008-05-23 15:50 . 2008-05-23 15:50 <REP> d-------- D:\Program Files\SlySoft 2008-05-23 15:46 . 2008-05-23 15:46 72 ---hs---- D:\WINDOWS\S90016F46.tmp 2008-05-23 15:45 . 2008-05-23 15:45 <REP> d-------- D:\Program Files\Elaborate Bytes 2008-05-23 15:16 . 2008-05-23 15:16 <REP> d-------- D:\Program Files\Nero 2008-05-23 15:16 . 2008-05-23 15:16 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\Nero 2008-05-20 20:03 . 2008-05-20 20:03 <REP> d-------- D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\vlc 2008-05-20 19:31 . 2008-05-20 19:31 <REP> d-------- D:\Program Files\VideoLAN . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-08 12:28 202,752 ----a-w D:\WINDOWS\system32\drivers\RMCast.sys 2008-05-08 12:28 202,752 ------w D:\WINDOWS\system32\dllcache\rmcast.sys 2008-05-07 05:15 1,293,824 ----a-w D:\WINDOWS\system32\quartz.dll 2008-05-07 05:15 1,293,824 ------w D:\WINDOWS\system32\dllcache\quartz.dll 2008-04-19 20:38 --------- d-----w D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\ItsLabel 2008-04-19 05:56 --------- d-----w D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\EoRezo 2008-04-17 10:52 18,432 ------w D:\WINDOWS\system32\dllcache\iedw.exe 2008-03-25 04:51 621,344 ----a-w D:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:51 621,344 ------w D:\WINDOWS\system32\dllcache\mswstr10.dll 2008-03-25 04:51 194,144 ----a-w D:\WINDOWS\system32\msjint40.dll 2008-03-25 04:51 194,144 ------w D:\WINDOWS\system32\dllcache\msjint40.dll 2008-03-20 08:09 1,845,376 ----a-w D:\WINDOWS\system32\win32k.sys 2008-03-20 08:09 1,845,376 ------w D:\WINDOWS\system32\dllcache\win32k.sys 2008-03-18 17:15 3,858,985 ----a-w D:\Program Files\eMule0.48a-Installer.exe 2007-12-23 17:00 18,764,248 ----a-w D:\Program Files\setupfre.exe 2007-11-21 10:41 2,044,091 ----a-w D:\Program Files\LimeWireAccelerationPatch_installer.exe 2007-11-01 19:49 13,411,824 ----a-w D:\Program Files\Google_Earth_BZXD.exe . ------- Sigcheck ------- 2007-10-30 18:20 360064 ecf02439fd31bbd0dbc2ec05600cf08a D:\WINDOWS\system32\drivers\tcpip.sys 2007-10-30 18:20 360064 ecf02439fd31bbd0dbc2ec05600cf08a D:\WINDOWS\system32\dllcache\tcpip.sys 2006-04-20 13:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 D:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys 2007-10-30 17:53 360832 64798ecfa43d78c7178375fcdd16d8c8 D:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys . ((((((((((((((((((((((((((((( snapshot_2008-06-16_15.49.11.39 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-16 13:47:10 2,048 --s-a-w D:\WINDOWS\bootstat.dat + 2008-06-16 16:38:10 2,048 --s-a-w D:\WINDOWS\bootstat.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"="D:\PROGRA~1\WANADOO\Shell.exe" [2004-08-23 14:50 122880] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872] "AnyDVD"="D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [2008-04-11 07:42 2075584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SystrayORAHSS"="D:\Program Files\Orange\Systray\SystrayApp.exe" [2007-09-25 20:08 94208] "ORAHSSSessionManager"="D:\Program Files\Orange\SessionManager\SessionManager.exe" [2007-09-25 19:10 102400] "WOOWATCH"="D:\PROGRA~1\WANADOO\Watch.exe" [2004-08-23 14:49 20480] "WOOTASKBARICON"="D:\PROGRA~1\WANADOO\GestMaj.exe" [2004-10-14 16:55 32768] "F-Secure Manager"="D:\Program Files\Orange\AntivirusFirewall\Common\FSM32.exe" [2007-06-13 15:58 176177] "F-Secure TNB"="D:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" [2007-06-13 15:57 733184] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Program Files\\eMule\\EMULE.EXE"= "D:\\Program Files\\iTunes\\iTunes.exe"= "D:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"= R0 FSFW;F-Secure Firewall Driver;D:\WINDOWS\system32\drivers\fsdfw.sys [2008-06-13 21:27] R1 F-Secure HIPS;F-Secure HIPS;D:\Program Files\Orange\AntivirusFirewall\HIPS\fshs.sys [2008-06-13 21:24] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys [2007-06-13 15:58] R3 SOFTXG;YAMAHA XG SoftSynthesizer;D:\WINDOWS\system32\drivers\sxgxgwdm.sys [2002-05-22 08:34] S4 F-Secure Filter;F-Secure File System Filter;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [2007-06-13 15:58] S4 F-Secure Recognizer;F-Secure File System Recognizer;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [2007-06-13 15:58] . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-06-06 05:34:10 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - D:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-16 18:38:34 Windows 5.1.2600 Service Pack 2 FAT NTAPI Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . D:\PROGRAM FILES\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSGK32ST.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FSMA32.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSGK32.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\FRANCE TELECOM\SHARED MODULES\FTRTSVC\0\FTRTSVC.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\LIGHTSCRIBE\LSSRVC.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FSMB32.EXE D:\PROGRAM FILES\WANADOO\TASKBARICON.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FCH32.EXE D:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE D:\WINDOWS\SYSTEM32\WDFMGR.EXE D:\PROGRAM FILES\ORANGE\LAUNCHER\LAUNCHER.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSQH.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FAMEH32.EXE D:\WINDOWS\SYSTEM32\ALERTMODULE\ALERTM~1.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FSGUI\FSGUIDLL.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FSAUA\PROGRAM\FSAUA.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\AHEAD\LIB\NMINDEXINGSERVICE.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSSM32.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FWES\PROGRAM\FSDFWD.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\AHEAD\LIB\NMINDEXSTORESVR.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FSAUA\PROGRAM\FSUS.EXE D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe . ************************************************************************** . Temps d'accomplissement: 2008-06-16 18:40:46 - machine was rebooted ComboFix-quarantined-files.txt 2008-06-16 16:40:40 ComboFix5.txt 2008-06-15 09:30:48 ComboFix4.txt 2008-06-15 14:05:00 ComboFix3.txt 2008-06-16 13:49:46 ComboFix2.txt 2008-06-16 14:04:06 Pre-Run: 8,152,907,776 octets libres Post-Run: 8,166,727,680 octets libres 188 --- E O F --- 2008-06-15 21:48:25

SALUT MERCI POUR VOTRE REPONSE VOICI LE DERNIER RAPPORT DE CF SCRIPT ComboFix 08-06-12.2 - Admin 2008-06-16 15:59:16.4 - FAT32x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.330 [GMT 2:00] Endroit: D:\Documents and Settings\Admin.XPSP2-8246C1C43\Bureau\combofix.exe Command switches used :: D:\Documents and Settings\Admin.XPSP2-8246C1C43\Bureau\CFScript[1].txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-16 to 2008-06-16 )))))))))))))))))))))))))))))))))))) . 2008-06-15 23:43 . 2008-06-15 23:46 1,374 --a------ D:\WINDOWS\imsins.BAK 2008-06-15 11:31 . 2008-04-14 17:52 272,768 --------- D:\WINDOWS\system32\drivers\bthport.sys 2008-06-15 11:31 . 2008-04-14 17:52 272,768 --------- D:\WINDOWS\system32\dllcache\bthport.sys 2008-06-15 11:30 . 2008-06-15 11:30 <REP> d-------- D:\Documents and Settings\Propriétaire 2008-06-15 11:30 . <REP> D:\Documents and Settings\PropriÚtaire\Local Settings 2008-06-14 11:18 . 2008-06-14 11:18 400 --a------ D:\WINDOWS\RPCD.ini 2008-06-13 21:00 . 2008-06-13 21:27 51,072 --a------ D:\WINDOWS\system32\drivers\fsdfw.sys 2008-06-13 21:00 . 2008-06-13 21:27 30,016 --a------ D:\WINDOWS\system32\drivers\fsndis5.sys 2008-06-13 20:58 . 2008-06-13 20:58 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\F-Secure 2008-06-13 20:54 . 2008-06-13 20:54 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\fssg 2008-06-13 20:48 . 2008-06-13 20:48 32 --a-s---- D:\WINDOWS\system32\2742944188.dat 2008-06-13 12:09 . 2008-06-13 12:09 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion 2008-06-13 11:47 . 2008-06-13 11:47 <REP> d-------- D:\Program Files\Yahoo! 2008-06-13 11:46 . 2008-06-13 11:46 <REP> d-------- D:\Program Files\CCleaner 2008-06-13 09:59 . 2008-06-13 09:59 93,056 --a------ D:\WINDOWS\system32\dcenysqq.0ll 2008-06-13 00:11 . 2008-06-13 00:11 <REP> d-------- D:\WINDOWS\system32\AlertModule 2008-06-12 23:22 . 2007-09-25 19:31 65,536 --a------ D:\WINDOWS\system32\Autodial2000.dll 2008-06-12 23:21 . 2008-06-12 23:21 <REP> d-------- D:\Program Files\Orange 2008-06-12 23:21 . 2003-09-23 11:38 34,688 --a------ D:\WINDOWS\system32\pcampr5.sys 2008-06-12 23:20 . 2008-06-12 23:20 <REP> d-------- D:\Program Files\Fichiers communs\France Telecom 2008-06-12 23:20 . 2003-03-19 04:05 89,088 --a------ D:\WINDOWS\system32\atl71.dll 2008-06-12 23:16 . 2008-06-12 23:16 <REP> d-------- D:\Program Files\SAGEM 2008-06-10 20:07 . 2008-06-10 20:07 322,432 --a------ D:\WINDOWS\system32\xxyATJdD.0ll 2008-06-10 16:11 . 2008-06-12 06:11 0 --a------ D:\WINDOWS\system32\ieupdates.exe.tmp 2008-06-10 15:22 . 2008-06-10 15:22 <REP> d-------- D:\Program Files\AbsoluteTransfer 2008-06-10 14:11 . 2008-06-10 14:11 <REP> d-------- D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\Nero 2008-06-10 13:39 . 2008-06-10 03:28 315,392 --a------ D:\WINDOWS\xkefqtgs.0ll 2008-06-10 13:39 . 2008-06-10 03:28 188,416 --a------ D:\WINDOWS\rtsplgob.0ll 2008-06-10 13:39 . 2008-06-10 03:28 176,128 --a------ D:\WINDOWS\esrt.0xe 2008-06-10 13:39 . 2008-06-10 03:28 143,360 --a------ D:\WINDOWS\pebgkxwq.0xe 2008-06-10 13:39 . 2008-06-10 13:39 29,312 --a------ D:\WINDOWS\system32\wvUlmmjH.0ll 2008-06-10 13:39 . 2008-06-10 13:40 29,312 --a------ D:\WINDOWS\system32\jkkLDVNH.0ll 2008-06-01 18:40 . 2008-06-01 18:40 <REP> d-------- D:\Program Files\PHOTOCITE Collection 2008-06-01 18:40 . 2008-06-01 18:49 44,614 --a------ D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\mdb.bin 2008-05-26 18:19 . 2008-05-26 18:19 <REP> d-------- D:\Program Files\eMule 2008-05-25 08:35 . 2008-06-12 22:05 182 --a------ D:\WINDOWS\NeroDigital.ini 2008-05-24 23:27 . 2008-05-24 23:27 <REP> d-------- D:\Program Files\MSXML 4.0 2008-05-23 22:56 . 2008-05-23 22:56 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\Elaborate Bytes 2008-05-23 15:52 . 2008-05-23 15:52 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\SlySoft 2008-05-23 15:50 . 2008-05-23 15:50 <REP> d-------- D:\Program Files\SlySoft 2008-05-23 15:46 . 2008-05-23 15:46 72 ---hs---- D:\WINDOWS\S90016F46.tmp 2008-05-23 15:45 . 2008-05-23 15:45 <REP> d-------- D:\Program Files\Elaborate Bytes 2008-05-23 15:16 . 2008-05-23 15:16 <REP> d-------- D:\Program Files\Nero 2008-05-23 15:16 . 2008-05-23 15:16 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\Nero 2008-05-20 20:03 . 2008-05-20 20:03 <REP> d-------- D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\vlc 2008-05-20 19:31 . 2008-05-20 19:31 <REP> d-------- D:\Program Files\VideoLAN . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-08 12:28 202,752 ----a-w D:\WINDOWS\system32\drivers\RMCast.sys 2008-05-08 12:28 202,752 ------w D:\WINDOWS\system32\dllcache\rmcast.sys 2008-05-07 05:15 1,293,824 ----a-w D:\WINDOWS\system32\quartz.dll 2008-05-07 05:15 1,293,824 ------w D:\WINDOWS\system32\dllcache\quartz.dll 2008-04-19 20:38 --------- d-----w D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\ItsLabel 2008-04-19 05:56 --------- d-----w D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\EoRezo 2008-04-17 10:52 18,432 ------w D:\WINDOWS\system32\dllcache\iedw.exe 2008-03-25 04:51 621,344 ----a-w D:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:51 621,344 ------w D:\WINDOWS\system32\dllcache\mswstr10.dll 2008-03-25 04:51 194,144 ----a-w D:\WINDOWS\system32\msjint40.dll 2008-03-25 04:51 194,144 ------w D:\WINDOWS\system32\dllcache\msjint40.dll 2008-03-20 08:09 1,845,376 ----a-w D:\WINDOWS\system32\win32k.sys 2008-03-20 08:09 1,845,376 ------w D:\WINDOWS\system32\dllcache\win32k.sys 2008-03-18 17:15 3,858,985 ----a-w D:\Program Files\eMule0.48a-Installer.exe 2007-12-23 17:00 18,764,248 ----a-w D:\Program Files\setupfre.exe 2007-11-21 10:41 2,044,091 ----a-w D:\Program Files\LimeWireAccelerationPatch_installer.exe 2007-11-01 19:49 13,411,824 ----a-w D:\Program Files\Google_Earth_BZXD.exe . ------- Sigcheck ------- 2007-10-30 18:20 360064 ecf02439fd31bbd0dbc2ec05600cf08a D:\WINDOWS\system32\drivers\tcpip.sys 2007-10-30 18:20 360064 ecf02439fd31bbd0dbc2ec05600cf08a D:\WINDOWS\system32\dllcache\tcpip.sys 2006-04-20 13:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 D:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys 2007-10-30 17:53 360832 64798ecfa43d78c7178375fcdd16d8c8 D:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys . ((((((((((((((((((((((((((((( snapshot_2008-06-16_15.49.11.39 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-16 13:47:10 2,048 --s-a-w D:\WINDOWS\bootstat.dat + 2008-06-16 14:01:32 2,048 --s-a-w D:\WINDOWS\bootstat.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"="D:\PROGRA~1\WANADOO\Shell.exe" [2004-08-23 14:50 122880] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872] "AnyDVD"="D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [2008-04-11 07:42 2075584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SystrayORAHSS"="D:\Program Files\Orange\Systray\SystrayApp.exe" [2007-09-25 20:08 94208] "ORAHSSSessionManager"="D:\Program Files\Orange\SessionManager\SessionManager.exe" [2007-09-25 19:10 102400] "WOOWATCH"="D:\PROGRA~1\WANADOO\Watch.exe" [2004-08-23 14:49 20480] "WOOTASKBARICON"="D:\PROGRA~1\WANADOO\GestMaj.exe" [2004-10-14 16:55 32768] "F-Secure Manager"="D:\Program Files\Orange\AntivirusFirewall\Common\FSM32.exe" [2007-06-13 15:58 176177] "F-Secure TNB"="D:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" [2007-06-13 15:57 733184] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Program Files\\eMule\\EMULE.EXE"= "D:\\Program Files\\iTunes\\iTunes.exe"= "D:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"= R0 FSFW;F-Secure Firewall Driver;D:\WINDOWS\system32\drivers\fsdfw.sys [2008-06-13 21:27] R1 F-Secure HIPS;F-Secure HIPS;D:\Program Files\Orange\AntivirusFirewall\HIPS\fshs.sys [2008-06-13 21:24] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys [2007-06-13 15:58] R3 SOFTXG;YAMAHA XG SoftSynthesizer;D:\WINDOWS\system32\drivers\sxgxgwdm.sys [2002-05-22 08:34] S4 F-Secure Filter;F-Secure File System Filter;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [2007-06-13 15:58] S4 F-Secure Recognizer;F-Secure File System Recognizer;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [2007-06-13 15:58] . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-06-06 05:34:10 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - D:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-16 16:01:55 Windows 5.1.2600 Service Pack 2 FAT NTAPI Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . D:\PROGRAM FILES\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSGK32ST.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSGK32.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FSMA32.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\FRANCE TELECOM\SHARED MODULES\FTRTSVC\0\FTRTSVC.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FSMB32.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\LIGHTSCRIBE\LSSRVC.EXE D:\PROGRAM FILES\WANADOO\TASKBARICON.EXE D:\WINDOWS\SYSTEM32\ALERTMODULE\ALERTM~1.EXE D:\PROGRAM FILES\ORANGE\LAUNCHER\LAUNCHER.EXE D:\PROGRAM FILES\WANADOO\GESTIONNAIREINTERNET.EXE D:\PROGRAM FILES\WANADOO\COMCOMP.EXE D:\PROGRAM FILES\WANADOO\TOASTER.EXE D:\PROGRAM FILES\WANADOO\INACTIVITY.EXE D:\PROGRAM FILES\WANADOO\POLLINGMODULE.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FCH32.EXE D:\WINDOWS\SYSTEM32\WDFMGR.EXE D:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FAMEH32.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSQH.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FSGUI\FSGUIDLL.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\AHEAD\LIB\NMINDEXINGSERVICE.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FSAUA\PROGRAM\FSAUA.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSSM32.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FWES\PROGRAM\FSDFWD.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\AHEAD\LIB\NMINDEXSTORESVR.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FSAUA\PROGRAM\FSUS.EXE D:\PROGRAM FILES\WANADOO\WATCH.EXE D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe . ************************************************************************** . Temps d'accomplissement: 2008-06-16 16:04:04 - machine was rebooted ComboFix-quarantined-files.txt 2008-06-16 14:04:00 ComboFix4.txt 2008-06-15 09:30:48 ComboFix3.txt 2008-06-15 14:05:00 ComboFix2.txt 2008-06-16 13:49:46 Pre-Run: 8,211,865,600 octets libres Post-Run: 8,211,488,768 octets libres 193 --- E O F --- 2008-06-15 21:48:25

Salut, voici les deux rapports que vous m' avez demandés: Le rapport Combofix ComboFix 08-06-12.2 - Admin 2008-06-15 15:59:36.2 - FAT32x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.314 [GMT 2:00] Endroit: D:\Documents and Settings\Admin.XPSP2-8246C1C43\Bureau\combofix.exe Command switches used :: D:\Documents and Settings\Admin.XPSP2-8246C1C43\Bureau\CFScript.txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . D:\FOUND.012 D:\FOUND.012\FILE0000.CHK D:\FOUND.012\FILE0001.CHK D:\FOUND.012\FILE0002.CHK D:\FOUND.012\FILE0003.CHK D:\FOUND.012\FILE0004.CHK D:\FOUND.012\FILE0005.CHK D:\FOUND.012\FILE0006.CHK D:\FOUND.012\FILE0007.CHK D:\FOUND.012\FILE0008.CHK D:\FOUND.012\FILE0009.CHK D:\FOUND.012\FILE0010.CHK D:\FOUND.012\FILE0011.CHK D:\FOUND.012\FILE0012.CHK D:\FOUND.012\FILE0013.CHK D:\FOUND.012\FILE0014.CHK D:\FOUND.012\FILE0015.CHK D:\FOUND.012\FILE0016.CHK D:\FOUND.012\FILE0017.CHK D:\FOUND.012\FILE0018.CHK D:\FOUND.013 D:\FOUND.013\FILE0000.CHK D:\FOUND.013\FILE0001.CHK D:\FOUND.013\FILE0002.CHK D:\FOUND.013\FILE0003.CHK D:\FOUND.013\FILE0004.CHK D:\Program Files\AskTBar D:\Program Files\AskTBar\bar\Cache\00072950 D:\Program Files\AskTBar\bar\Cache\003E286A.bin D:\Program Files\AskTBar\bar\Cache\003E2AFA.bin D:\Program Files\AskTBar\bar\Cache\003E2CFE.bin D:\Program Files\AskTBar\bar\Cache\files.ini D:\Program Files\AskTBar\bar\History\search2 D:\Program Files\AskTBar\bar\Settings\prevcfg2.htm D:\Program Files\AskTBar\PopSwatr\History\allowed D:\Program Files\AskTBar\PopSwatr\History\notallow D:\Program Files\EoRezo D:\Program Files\EoRezo\EoAdv\eoAdv.url D:\WINDOWS\temp-rp D:\WINDOWS\temp-rp\RPCD.conf . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-15 to 2008-06-15 )))))))))))))))))))))))))))))))))))) . 2008-06-15 11:30 . 2008-06-15 11:30 <REP> d-------- D:\Documents and Settings\Propriétaire 2008-06-15 11:30 . <REP> D:\Documents and Settings\PropriÚtaire\Local Settings 2008-06-14 11:18 . 2008-06-14 11:18 400 --a------ D:\WINDOWS\RPCD.ini 2008-06-13 21:00 . 2008-06-13 21:27 51,072 --a------ D:\WINDOWS\system32\drivers\fsdfw.sys 2008-06-13 21:00 . 2008-06-13 21:27 30,016 --a------ D:\WINDOWS\system32\drivers\fsndis5.sys 2008-06-13 20:58 . 2008-06-13 20:58 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\F-Secure 2008-06-13 20:54 . 2008-06-13 20:54 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\fssg 2008-06-13 20:48 . 2008-06-13 20:48 32 --a-s---- D:\WINDOWS\system32\2742944188.dat 2008-06-13 12:09 . 2008-06-13 12:09 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion 2008-06-13 11:47 . 2008-06-13 11:47 <REP> d-------- D:\Program Files\Yahoo! 2008-06-13 11:46 . 2008-06-13 11:46 <REP> d-------- D:\Program Files\CCleaner 2008-06-13 09:59 . 2008-06-13 09:59 93,056 --a------ D:\WINDOWS\system32\dcenysqq.0ll 2008-06-13 00:11 . 2008-06-13 00:11 <REP> d-------- D:\WINDOWS\system32\AlertModule 2008-06-12 23:22 . 2007-09-25 19:31 65,536 --a------ D:\WINDOWS\system32\Autodial2000.dll 2008-06-12 23:21 . 2008-06-12 23:21 <REP> d-------- D:\Program Files\Orange 2008-06-12 23:21 . 2003-09-23 11:38 34,688 --a------ D:\WINDOWS\system32\pcampr5.sys 2008-06-12 23:20 . 2008-06-12 23:20 <REP> d-------- D:\Program Files\Fichiers communs\France Telecom 2008-06-12 23:20 . 2003-03-19 04:05 89,088 --a------ D:\WINDOWS\system32\atl71.dll 2008-06-12 23:16 . 2008-06-12 23:16 <REP> d-------- D:\Program Files\SAGEM 2008-06-10 20:07 . 2008-06-10 20:07 322,432 --a------ D:\WINDOWS\system32\xxyATJdD.0ll 2008-06-10 16:11 . 2008-06-12 06:11 0 --a------ D:\WINDOWS\system32\ieupdates.exe.tmp 2008-06-10 15:22 . 2008-06-10 15:22 <REP> d-------- D:\Program Files\AbsoluteTransfer 2008-06-10 14:11 . 2008-06-10 14:11 <REP> d-------- D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\Nero 2008-06-10 13:39 . 2008-06-10 03:28 315,392 --a------ D:\WINDOWS\xkefqtgs.0ll 2008-06-10 13:39 . 2008-06-10 03:28 188,416 --a------ D:\WINDOWS\rtsplgob.0ll 2008-06-10 13:39 . 2008-06-10 03:28 176,128 --a------ D:\WINDOWS\esrt.0xe 2008-06-10 13:39 . 2008-06-10 03:28 143,360 --a------ D:\WINDOWS\pebgkxwq.0xe 2008-06-10 13:39 . 2008-06-10 13:39 29,312 --a------ D:\WINDOWS\system32\wvUlmmjH.0ll 2008-06-10 13:39 . 2008-06-10 13:40 29,312 --a------ D:\WINDOWS\system32\jkkLDVNH.0ll 2008-06-01 18:40 . 2008-06-01 18:40 <REP> d-------- D:\Program Files\PHOTOCITE Collection 2008-06-01 18:40 . 2008-06-01 18:49 44,614 --a------ D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\mdb.bin 2008-05-26 18:19 . 2008-05-26 18:19 <REP> d-------- D:\Program Files\eMule 2008-05-25 08:35 . 2008-06-12 22:05 182 --a------ D:\WINDOWS\NeroDigital.ini 2008-05-24 23:27 . 2008-05-24 23:27 <REP> d-------- D:\Program Files\MSXML 4.0 2008-05-23 22:56 . 2008-05-23 22:56 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\Elaborate Bytes 2008-05-23 15:52 . 2008-05-23 15:52 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\SlySoft 2008-05-23 15:50 . 2008-05-23 15:50 <REP> d-------- D:\Program Files\SlySoft 2008-05-23 15:46 . 2008-05-23 15:46 72 ---hs---- D:\WINDOWS\S90016F46.tmp 2008-05-23 15:45 . 2008-05-23 15:45 <REP> d-------- D:\Program Files\Elaborate Bytes 2008-05-23 15:16 . 2008-05-23 15:16 <REP> d-------- D:\Program Files\Nero 2008-05-23 15:16 . 2008-05-23 15:16 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\Nero 2008-05-20 20:03 . 2008-05-20 20:03 <REP> d-------- D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\vlc 2008-05-20 19:31 . 2008-05-20 19:31 <REP> d-------- D:\Program Files\VideoLAN . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-19 20:38 --------- d-----w D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\ItsLabel 2008-04-19 05:56 --------- d-----w D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\EoRezo 2008-03-25 04:51 621,344 ----a-w D:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:51 621,344 ------w D:\WINDOWS\system32\dllcache\mswstr10.dll 2008-03-25 04:51 194,144 ----a-w D:\WINDOWS\system32\msjint40.dll 2008-03-25 04:51 194,144 ------w D:\WINDOWS\system32\dllcache\msjint40.dll 2008-03-20 08:09 1,845,376 ----a-w D:\WINDOWS\system32\win32k.sys 2008-03-20 08:09 1,845,376 ------w D:\WINDOWS\system32\dllcache\win32k.sys 2008-03-18 17:15 3,858,985 ----a-w D:\Program Files\eMule0.48a-Installer.exe 2007-12-23 17:00 18,764,248 ----a-w D:\Program Files\setupfre.exe 2007-11-21 10:41 2,044,091 ----a-w D:\Program Files\LimeWireAccelerationPatch_installer.exe 2007-11-01 19:49 13,411,824 ----a-w D:\Program Files\Google_Earth_BZXD.exe . ------- Sigcheck ------- 2007-10-30 18:20 360064 ecf02439fd31bbd0dbc2ec05600cf08a D:\WINDOWS\system32\drivers\tcpip.sys 2007-10-30 18:20 360064 ecf02439fd31bbd0dbc2ec05600cf08a D:\WINDOWS\system32\dllcache\tcpip.sys 2006-04-20 13:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 D:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys 2007-10-30 17:53 360832 64798ecfa43d78c7178375fcdd16d8c8 D:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys . ((((((((((((((((((((((((((((( snapshot@2008-06-15_11.30.19.65 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-15 09:28:24 2,048 --s-a-w D:\WINDOWS\bootstat.dat + 2008-06-15 14:02:20 2,048 --s-a-w D:\WINDOWS\bootstat.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"="D:\PROGRA~1\WANADOO\Shell.exe" [2004-08-23 14:50 122880] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872] "AnyDVD"="D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [2008-04-11 07:42 2075584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SystrayORAHSS"="D:\Program Files\Orange\Systray\SystrayApp.exe" [2007-09-25 20:08 94208] "ORAHSSSessionManager"="D:\Program Files\Orange\SessionManager\SessionManager.exe" [2007-09-25 19:10 102400] "WOOWATCH"="D:\PROGRA~1\WANADOO\Watch.exe" [2004-08-23 14:49 20480] "WOOTASKBARICON"="D:\PROGRA~1\WANADOO\GestMaj.exe" [2004-10-14 16:55 32768] "F-Secure Manager"="D:\Program Files\Orange\AntivirusFirewall\Common\FSM32.exe" [2007-06-13 15:58 176177] "F-Secure TNB"="D:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" [2007-06-13 15:57 733184] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Program Files\\eMule\\EMULE.EXE"= "D:\\Program Files\\iTunes\\iTunes.exe"= "D:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"= R0 FSFW;F-Secure Firewall Driver;D:\WINDOWS\system32\drivers\fsdfw.sys [2008-06-13 21:27] R1 F-Secure HIPS;F-Secure HIPS;D:\Program Files\Orange\AntivirusFirewall\HIPS\fshs.sys [2008-06-13 21:24] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys [2007-06-13 15:58] R3 SOFTXG;YAMAHA XG SoftSynthesizer;D:\WINDOWS\system32\drivers\sxgxgwdm.sys [2002-05-22 08:34] S4 F-Secure Filter;F-Secure File System Filter;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [2007-06-13 15:58] S4 F-Secure Recognizer;F-Secure File System Recognizer;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [2007-06-13 15:58] . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-06-06 05:34:10 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - D:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-15 16:02:47 Windows 5.1.2600 Service Pack 2 FAT NTAPI Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . D:\PROGRAM FILES\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSGK32ST.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSGK32.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FSMA32.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\FRANCE TELECOM\SHARED MODULES\FTRTSVC\0\FTRTSVC.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FSMB32.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\LIGHTSCRIBE\LSSRVC.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FCH32.EXE D:\WINDOWS\SYSTEM32\WDFMGR.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FAMEH32.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSQH.EXE D:\PROGRAM FILES\WANADOO\TASKBARICON.EXE D:\PROGRAM FILES\ORANGE\LAUNCHER\LAUNCHER.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FSGUI\FSGUIDLL.EXE D:\WINDOWS\SYSTEM32\ALERTMODULE\ALERTM~1.EXE D:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FSAUA\PROGRAM\FSAUA.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FWES\PROGRAM\FSDFWD.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSSM32.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\AHEAD\LIB\NMINDEXINGSERVICE.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\AHEAD\LIB\NMINDEXSTORESVR.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FSAUA\PROGRAM\FSUS.EXE D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe . ************************************************************************** . Temps d'accomplissement: 2008-06-15 16:04:57 - machine was rebooted ComboFix-quarantined-files.txt 2008-06-15 14:04:50 ComboFix2.txt 2008-06-15 09:30:48 Pre-Run: 9,760,448,512 octets libres Post-Run: 9,813,778,432 octets libres Le rapport Kaspersky -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Sunday, June 15, 2008 Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Sunday, June 15, 2008 14:57:52 Records in database: 867406 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: A:\ C:\ D:\ E:\ Scan statistics: Files scanned: 91264 Threat name: 12 Infected objects: 63 Suspicious objects: 0 Duration of the scan: 01:14:31 File name / Threat name / Threats count D:\WINDOWS\system32\wvUlmmjH.0ll Infected: Trojan.Win32.Monderb.gen 1 D:\WINDOWS\system32\dcenysqq.0ll Infected: Trojan.Win32.Monderb.gen 1 D:\WINDOWS\system32\jkkLDVNH.0ll Infected: Trojan.Win32.Monderb.gen 1 D:\WINDOWS\system32\xxyATJdD.0ll Infected: Trojan.Win32.Monderb.gen 1 D:\WINDOWS\rtsplgob.0ll Infected: Trojan.Win32.Vapsup.goh 1 D:\WINDOWS\xkefqtgs.0ll Infected: Trojan.Win32.Vapsup.gkq 1 D:\WINDOWS\esrt.0xe Infected: Trojan.Win32.Vapsup.glt 1 D:\WINDOWS\pebgkxwq.0xe Infected: Trojan.Win32.Vapsup.glu 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP191\A0039826.0ll Infected: Trojan-Downloader.Win32.Mutant.aea 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP192\snapshot\MFEX-1.DAT Infected: Trojan-Downloader.Win32.Mutant.aea 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP193\A0039872.0ll Infected: Trojan-Downloader.Win32.Mutant.aea 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP193\A0039885.0ll Infected: Trojan-Downloader.Win32.Mutant.aea 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP193\A0039908.0ll Infected: Trojan-Downloader.Win32.Mutant.aea 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP193\A0040908.0ll Infected: Trojan-Downloader.Win32.Mutant.aea 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP193\A0041908.0ll Infected: Trojan-Downloader.Win32.Mutant.aea 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP193\A0042002.0ll Infected: Trojan-Downloader.Win32.Mutant.aea 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP193\A0042036.0ll Infected: Trojan-Downloader.Win32.Mutant.aea 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP193\A0042049.0ll Infected: Trojan-Downloader.Win32.Mutant.aea 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP193\A0042060.0ll Infected: Trojan-Downloader.Win32.Mutant.aea 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP193\A0043060.0ll Infected: Trojan-Downloader.Win32.Mutant.afj 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP193\A0043124.0ll Infected: Trojan-Downloader.Win32.Mutant.afj 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP193\A0043125.0LL Infected: Trojan.Win32.Monderb.gen 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP193\A0043154.0ys Infected: Trojan-Dropper.Win32.Agent.son 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP195\A0043217.0ll Infected: Trojan.Win32.Monderb.gen 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP195\A0043218.0ll Infected: Trojan-Downloader.Win32.Mutant.aea 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP196\A0045846.0ys Infected: Trojan-Dropper.Win32.Agent.son 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP196\A0045865.0ll Infected: Trojan-Downloader.Win32.Mutant.afm 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP196\A0045866.0LL Infected: Trojan.Win32.Monderb.gen 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP196\A0045881.0ys Infected: Trojan-Dropper.Win32.Agent.son 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP196\A0046865.0ll Infected: Trojan-Downloader.Win32.Mutant.afm 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP196\A0046873.0ys Infected: Trojan-Dropper.Win32.Agent.son 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP196\A0046887.0ll Infected: Trojan-Downloader.Win32.Mutant.aea 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP196\A0046896.0ys Infected: Trojan-Dropper.Win32.Agent.son 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP196\A0047887.0ll Infected: Trojan.Win32.Monderb.gen 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP196\A0047888.0ll Infected: Trojan-Downloader.Win32.Mutant.afm 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP196\A0048894.0ys Infected: Trojan-Dropper.Win32.Agent.son 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP196\A0049371.0ll Infected: Trojan-Downloader.Win32.Mutant.afm 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP196\A0049377.0ys Infected: Trojan-Dropper.Win32.Agent.son 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\snapshot\MFEX-1.DAT Infected: Trojan-Downloader.Win32.Mutant.agh 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0049522.dll Infected: Trojan-Downloader.Win32.Mutant.agh 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0049550.0ys Infected: Trojan-Dropper.Win32.Agent.son 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050522.dll Infected: Trojan-Downloader.Win32.Mutant.agh 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050530.0ys Infected: Trojan-Dropper.Win32.Agent.son 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050624.0LL Infected: Trojan.Win32.Monderb.gen 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050630.0ll Infected: Trojan-Downloader.Win32.Mutant.aea 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050635.0ys Infected: Trojan-Dropper.Win32.Agent.son 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050645.0ll Infected: Trojan.Win32.Vapsup.goh 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050651.dll Infected: Trojan.Win32.Vapsup.gkq 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050652.exe Infected: Trojan.Win32.Vapsup.glt 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050653.exe Infected: Trojan.Win32.Vapsup.glu 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050654.dll Infected: Trojan.Win32.Monderb.gen 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050655.exe Infected: not-a-virus:FraudTool.Win32.WinSpywareProtect.u 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050656.exe Infected: not-a-virus:RiskTool.Win32.HideWindows 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050663.dll Infected: Trojan-Downloader.Win32.Mutant.agh 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050668.sys Infected: Trojan-Dropper.Win32.Agent.son 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP197\A0050700.dll Infected: Trojan-Downloader.Win32.Mutant.agh 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP198\snapshot\MFEX-1.DAT Infected: Trojan-Downloader.Win32.Mutant.agh 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP198\A0050726.dll Infected: Trojan-Downloader.Win32.Mutant.agh 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP199\snapshot\MFEX-1.DAT Infected: Trojan-Downloader.Win32.Mutant.agh 1 D:\System Volume Information\_restore{767B9DC2-1E20-4405-9DDA-F0F073E0221C}\RP199\A0050777.dll Infected: Trojan-Downloader.Win32.Mutant.agh 1 D:\QooBox\Quarantine\D\WINDOWS\system32\WinCtrl32.dl_.vir Infected: Trojan-Downloader.Win32.Mutant.agh 1 D:\QooBox\Quarantine\D\WINDOWS\system32\WinCtrl32.dll.vir Infected: Trojan-Downloader.Win32.Mutant.agh 1 D:\QooBox\Quarantine\catchme2008-06-15_112633,65.zip Infected: Trojan-Dropper.Win32.Agent.son 1 The selected area was scanned. 220 --- E O F --- 2008-05-24 21:28:02 Merci de votre aide