GREGO

Encore merci. Bonne soirée.

Bonsoir FALKRA, Le mal est éradiqué! On peut cloturer?

ok a demain. Bonne soirée.

Apparement c'est tout bon! Merci du boulot.

Le message apparaissant de facon aléatoire, je prend un peu de temps avant de te répondre.

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:13:58, on 06/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\carpserv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\MAISON\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\MAISON\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\MAISON\Mes documents\Télécharger\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\MAISON\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ? O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1207945939380 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1207947569712 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 6363 bytes

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:02:17, on 06/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Documents and Settings\All Users\Application Data\xspulitk\xkdyzivi.exe C:\WINDOWS\system32\carpserv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\MAISON\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\MAISON\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\MAISON\Mes documents\Télécharger\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ApiWinApl] C:\WINDOWS\system32\upkjojup.exe O4 - HKLM\..\Policies\Explorer\Run: [xzWdY96kaI] C:\Documents and Settings\All Users\Application Data\xspulitk\xkdyzivi.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\MAISON\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ? O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1207945939380 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1207947569712 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O21 - SSODL: srvwebmnt - {17FC2BCE-C668-D5C8-B25D-0530A7B91708} - C:\Program Files\xdaeptd\srvwebmnt.dll (file missing) O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 6616 bytes

--------------------\\ Lop S&D 4.2.4-1 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : mobile AMD Athlon XP2500+ ) BIOS : PhoenixBIOS 4.0 Release 6.0 USER : MAISON ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated) "C:\Lop SD" ( MAJ : 06-09-2008|22:02 ) Option : [4] ( 06/09/2008|22:53 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script Code C:\WINDOWS\system32\upkjojup.exe C:\Documents and Settings\All Users\Application Data\xspulitk C:\Program Files\xdaeptd \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\WINDOWS\system32\upkjojup.exe Supprime! - C:\Documents and Settings\All Users\Application Data\xspulitk Supprime! - C:\Program Files\xdaeptd Supprime! - C:\DOCUME~1\MAISON\LOCALS~1\Temp\nspA.tmp - [ Fichier Hosts ] .. Restaure! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [13/08/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [17/08/2008|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [01/09/2008|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU [02/05/2008|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM [02/05/2008|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail [15/08/2008|13:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files [10/08/2008|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier [10/08/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [20/04/2008|15:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [14/08/2008|03:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [13/08/2008|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [18/04/2008|17:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline [15/08/2008|14:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [06/09/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [26/04/2008|23:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software [29/08/2008|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TVU Networks [11/04/2008|22:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [25/08/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [11/04/2008|22:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [25/08/2008|18:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [20/04/2008|13:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [20/04/2008|23:03] C:\DOCUME~1\MAISON\APPLIC~1\Adobe [01/09/2008|22:49] C:\DOCUME~1\MAISON\APPLIC~1\AVS4YOU [15/08/2008|01:51] C:\DOCUME~1\MAISON\APPLIC~1\Comodo [29/08/2008|17:41] C:\DOCUME~1\MAISON\APPLIC~1\FileZilla [21/04/2008|21:29] C:\DOCUME~1\MAISON\APPLIC~1\Help [11/04/2008|22:16] C:\DOCUME~1\MAISON\APPLIC~1\Identities [11/04/2008|23:25] C:\DOCUME~1\MAISON\APPLIC~1\Macromedia [10/08/2008|15:39] C:\DOCUME~1\MAISON\APPLIC~1\Malwarebytes [13/04/2008|23:36] C:\DOCUME~1\MAISON\APPLIC~1\Media Player Classic [05/06/2008|18:35] C:\DOCUME~1\MAISON\APPLIC~1\Microsoft [26/04/2008|23:21] C:\DOCUME~1\MAISON\APPLIC~1\TuneUp Software [29/08/2008|13:47] C:\DOCUME~1\MAISON\APPLIC~1\TVU Networks [26/05/2008|00:38] C:\DOCUME~1\MAISON\APPLIC~1\Voxmobili [12/04/2008|11:26] C:\DOCUME~1\MAISON\APPLIC~1\Windows Desktop Search [11/04/2008|23:34] C:\DOCUME~1\MAISON\APPLIC~1\WinRAR [26/04/2008|21:32] C:\DOCUME~1\MAISON\APPLIC~1\wxMozze [15/04/2008|18:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [06/09/2008 22:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job [06/09/2008 21:34][--ah-----] C:\WINDOWS\tasks\SA.DAT [07/09/2002 02:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [12/08/2008|01:45] C:\Program Files\7-Zip [13/08/2008|20:23] C:\Program Files\Adobe [11/04/2008|23:13] C:\Program Files\Alwil Software [14/04/2008|19:57] C:\Program Files\ATI Technologies [17/08/2008|14:05] C:\Program Files\Avira [01/09/2008|08:14] C:\Program Files\AviSynth 2.5 [06/09/2008|22:06] C:\Program Files\AVS4YOU [01/09/2008|08:13] C:\Program Files\BatchDPG [10/08/2008|15:34] C:\Program Files\CCleaner [15/08/2008|01:51] C:\Program Files\COMODO [11/04/2008|22:00] C:\Program Files\ComPlus Applications [14/04/2008|18:25] C:\Program Files\CONEXANT [04/09/2008|22:16] C:\Program Files\eMule [26/04/2008|21:31] C:\Program Files\Evermore [01/09/2008|22:43] C:\Program Files\Fichiers communs [26/05/2008|00:37] C:\Program Files\InstallShield Installation Information [14/08/2008|03:03] C:\Program Files\Internet Explorer [16/08/2008|14:16] C:\Program Files\IZArc [13/08/2008|20:33] C:\Program Files\Java [13/04/2008|23:32] C:\Program Files\K-Lite Codec Pack [06/09/2008|22:20] C:\Program Files\Malwarebytes' Anti-Malware [13/04/2008|23:16] C:\Program Files\MediaInfo [03/09/2008|19:24] C:\Program Files\Messenger [11/04/2008|22:05] C:\Program Files\microsoft frontpage [12/04/2008|10:24] C:\Program Files\Microsoft Office [12/04/2008|10:24] C:\Program Files\Microsoft Visual Studio [12/04/2008|10:24] C:\Program Files\Microsoft Works [03/09/2008|19:23] C:\Program Files\Movie Maker [12/04/2008|10:24] C:\Program Files\MSBuild [11/04/2008|22:00] C:\Program Files\MSN [11/04/2008|21:59] C:\Program Files\MSN Gaming Zone [03/09/2008|19:15] C:\Program Files\NetMeeting [06/09/2008|22:07] C:\Program Files\Neuf [13/08/2008|20:39] C:\Program Files\NOS [26/05/2008|00:37] C:\Program Files\Orange [03/09/2008|20:03] C:\Program Files\Outlook Express [11/04/2008|22:00] C:\Program Files\Services en ligne [18/04/2008|17:39] C:\Program Files\Skyline [15/08/2008|14:00] C:\Program Files\Spybot - Search & Destroy [05/09/2008|19:53] C:\Program Files\TuneUp Utilities 2008 [11/04/2008|22:16] C:\Program Files\Uninstall Information [12/08/2008|22:35] C:\Program Files\vvfrauf [12/04/2008|11:24] C:\Program Files\Windows Desktop Search [22/04/2008|22:03] C:\Program Files\Windows Live [04/07/2008|11:59] C:\Program Files\Windows Live Safety Center [20/04/2008|12:58] C:\Program Files\Windows Media Connect 2 [03/09/2008|19:15] C:\Program Files\Windows Media Player [03/09/2008|19:15] C:\Program Files\Windows NT [11/04/2008|22:00] C:\Program Files\WindowsUpdate [11/04/2008|22:05] C:\Program Files\xerox --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [13/08/2008|20:24] C:\Program Files\Fichiers communs\Adobe [01/09/2008|22:44] C:\Program Files\Fichiers communs\AVSMedia [12/04/2008|10:24] C:\Program Files\Fichiers communs\DESIGNER [26/05/2008|00:33] C:\Program Files\Fichiers communs\InstallShield [13/08/2008|20:31] C:\Program Files\Fichiers communs\Java [01/09/2008|22:43] C:\Program Files\Fichiers communs\Microsoft Shared [11/04/2008|22:01] C:\Program Files\Fichiers communs\MSSoap [11/04/2008|20:53] C:\Program Files\Fichiers communs\ODBC [11/04/2008|22:01] C:\Program Files\Fichiers communs\Services [11/04/2008|20:53] C:\Program Files\Fichiers communs\SpeechEngines [03/09/2008|20:03] C:\Program Files\Fichiers communs\System [15/04/2008|10:44] C:\Program Files\Fichiers communs\WindowsLiveInstaller [26/04/2008|23:19] C:\Program Files\Fichiers communs\Wise Installation Wizard --------------------\\ Process ( 31 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-06 22:55:06 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 2 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:16][D:3]-> C:\DOCUME~1\MAISON\LOCALS~1\Temp [F:31][D:0]-> C:\DOCUME~1\MAISON\Cookies [F:891][D:8]-> C:\DOCUME~1\MAISON\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 06/09/2008|22:40 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 06/09/2008|22:56 - Option : [4] --------------------\\ Fin du rapport a 22:56:00

--------------------\\ Lop S&D 4.2.4-1 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : mobile AMD Athlon XP2500+ ) BIOS : PhoenixBIOS 4.0 Release 6.0 USER : MAISON ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated) "C:\Lop SD" ( MAJ : 06-09-2008|22:02 ) Option : [1] ( 06/09/2008|22:38 ) --------------------\\ Listing des dossiers dans APPLIC~1 [13/08/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [17/08/2008|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [01/09/2008|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU [02/05/2008|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM [02/05/2008|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail [15/08/2008|13:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files [10/08/2008|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier [10/08/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [20/04/2008|15:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [14/08/2008|03:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [13/08/2008|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [18/04/2008|17:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline [15/08/2008|14:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [06/09/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [26/04/2008|23:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software [29/08/2008|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TVU Networks [11/04/2008|22:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [25/08/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [04/09/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xspulitk [11/04/2008|22:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [25/08/2008|18:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [20/04/2008|13:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [20/04/2008|23:03] C:\DOCUME~1\MAISON\APPLIC~1\Adobe [01/09/2008|22:49] C:\DOCUME~1\MAISON\APPLIC~1\AVS4YOU [15/08/2008|01:51] C:\DOCUME~1\MAISON\APPLIC~1\Comodo [29/08/2008|17:41] C:\DOCUME~1\MAISON\APPLIC~1\FileZilla [21/04/2008|21:29] C:\DOCUME~1\MAISON\APPLIC~1\Help [11/04/2008|22:16] C:\DOCUME~1\MAISON\APPLIC~1\Identities [11/04/2008|23:25] C:\DOCUME~1\MAISON\APPLIC~1\Macromedia [10/08/2008|15:39] C:\DOCUME~1\MAISON\APPLIC~1\Malwarebytes [13/04/2008|23:36] C:\DOCUME~1\MAISON\APPLIC~1\Media Player Classic [05/06/2008|18:35] C:\DOCUME~1\MAISON\APPLIC~1\Microsoft [26/04/2008|23:21] C:\DOCUME~1\MAISON\APPLIC~1\TuneUp Software [29/08/2008|13:47] C:\DOCUME~1\MAISON\APPLIC~1\TVU Networks [26/05/2008|00:38] C:\DOCUME~1\MAISON\APPLIC~1\Voxmobili [12/04/2008|11:26] C:\DOCUME~1\MAISON\APPLIC~1\Windows Desktop Search [11/04/2008|23:34] C:\DOCUME~1\MAISON\APPLIC~1\WinRAR [26/04/2008|21:32] C:\DOCUME~1\MAISON\APPLIC~1\wxMozze [15/04/2008|18:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [06/09/2008 22:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job [06/09/2008 21:34][--ah-----] C:\WINDOWS\tasks\SA.DAT [07/09/2002 02:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [12/08/2008|01:45] C:\Program Files\7-Zip [13/08/2008|20:23] C:\Program Files\Adobe [11/04/2008|23:13] C:\Program Files\Alwil Software [14/04/2008|19:57] C:\Program Files\ATI Technologies [17/08/2008|14:05] C:\Program Files\Avira [01/09/2008|08:14] C:\Program Files\AviSynth 2.5 [06/09/2008|22:06] C:\Program Files\AVS4YOU [01/09/2008|08:13] C:\Program Files\BatchDPG [10/08/2008|15:34] C:\Program Files\CCleaner [15/08/2008|01:51] C:\Program Files\COMODO [11/04/2008|22:00] C:\Program Files\ComPlus Applications [14/04/2008|18:25] C:\Program Files\CONEXANT [04/09/2008|22:16] C:\Program Files\eMule [26/04/2008|21:31] C:\Program Files\Evermore [01/09/2008|22:43] C:\Program Files\Fichiers communs [26/05/2008|00:37] C:\Program Files\InstallShield Installation Information [14/08/2008|03:03] C:\Program Files\Internet Explorer [16/08/2008|14:16] C:\Program Files\IZArc [13/08/2008|20:33] C:\Program Files\Java [13/04/2008|23:32] C:\Program Files\K-Lite Codec Pack [06/09/2008|22:20] C:\Program Files\Malwarebytes' Anti-Malware [13/04/2008|23:16] C:\Program Files\MediaInfo [03/09/2008|19:24] C:\Program Files\Messenger [11/04/2008|22:05] C:\Program Files\microsoft frontpage [12/04/2008|10:24] C:\Program Files\Microsoft Office [12/04/2008|10:24] C:\Program Files\Microsoft Visual Studio [12/04/2008|10:24] C:\Program Files\Microsoft Works [03/09/2008|19:23] C:\Program Files\Movie Maker [12/04/2008|10:24] C:\Program Files\MSBuild [11/04/2008|22:00] C:\Program Files\MSN [11/04/2008|21:59] C:\Program Files\MSN Gaming Zone [03/09/2008|19:15] C:\Program Files\NetMeeting [06/09/2008|22:07] C:\Program Files\Neuf [13/08/2008|20:39] C:\Program Files\NOS [26/05/2008|00:37] C:\Program Files\Orange [03/09/2008|20:03] C:\Program Files\Outlook Express [11/04/2008|22:00] C:\Program Files\Services en ligne [18/04/2008|17:39] C:\Program Files\Skyline [15/08/2008|14:00] C:\Program Files\Spybot - Search & Destroy [05/09/2008|19:53] C:\Program Files\TuneUp Utilities 2008 [11/04/2008|22:16] C:\Program Files\Uninstall Information [12/08/2008|22:35] C:\Program Files\vvfrauf [12/04/2008|11:24] C:\Program Files\Windows Desktop Search [22/04/2008|22:03] C:\Program Files\Windows Live [04/07/2008|11:59] C:\Program Files\Windows Live Safety Center [20/04/2008|12:58] C:\Program Files\Windows Media Connect 2 [03/09/2008|19:15] C:\Program Files\Windows Media Player [03/09/2008|19:15] C:\Program Files\Windows NT [11/04/2008|22:00] C:\Program Files\WindowsUpdate [04/09/2008|23:10] C:\Program Files\xdaeptd [11/04/2008|22:05] C:\Program Files\xerox --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [13/08/2008|20:24] C:\Program Files\Fichiers communs\Adobe [01/09/2008|22:44] C:\Program Files\Fichiers communs\AVSMedia [12/04/2008|10:24] C:\Program Files\Fichiers communs\DESIGNER [26/05/2008|00:33] C:\Program Files\Fichiers communs\InstallShield [13/08/2008|20:31] C:\Program Files\Fichiers communs\Java [01/09/2008|22:43] C:\Program Files\Fichiers communs\Microsoft Shared [11/04/2008|22:01] C:\Program Files\Fichiers communs\MSSoap [11/04/2008|20:53] C:\Program Files\Fichiers communs\ODBC [11/04/2008|22:01] C:\Program Files\Fichiers communs\Services [11/04/2008|20:53] C:\Program Files\Fichiers communs\SpeechEngines [03/09/2008|20:03] C:\Program Files\Fichiers communs\System [15/04/2008|10:44] C:\Program Files\Fichiers communs\WindowsLiveInstaller [26/04/2008|23:19] C:\Program Files\Fichiers communs\Wise Installation Wizard --------------------\\ Process ( 35 Processes ) iexplore.exe ~ [PID:3964] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\MAISON\LOCALS~1\Temp\nspA.tmp --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-06 22:39:30 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 2 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:17][D:4]-> C:\DOCUME~1\MAISON\LOCALS~1\Temp [F:31][D:0]-> C:\DOCUME~1\MAISON\Cookies [F:798][D:8]-> C:\DOCUME~1\MAISON\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 06/09/2008|22:40 - Option : [1] --------------------\\ Fin du rapport a 22:40:32

RESULTAT: Malwarebytes' Anti-Malware 1.26 Version de la base de données: 1103 Windows 5.1.2600 Service Pack 3 06/09/2008 22:29:05 mbam-log-2008-09-06 (22-29-05).txt Type de recherche: Examen rapide Eléments examinés: 40462 Temps écoulé: 6 minute(s), 22 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 7 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\1.ico (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\2.ico (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully.

Bonsoir FALKRA, Voici le résultat: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:11:06, on 06/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Documents and Settings\All Users\Application Data\xspulitk\xkdyzivi.exe C:\WINDOWS\system32\carpserv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\upkjojup.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\MAISON\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\MAISON\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\upkjojup.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\MAISON\Mes documents\Télécharger\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ApiWinApl] C:\WINDOWS\system32\upkjojup.exe O4 - HKLM\..\Policies\Explorer\Run: [xzWdY96kaI] C:\Documents and Settings\All Users\Application Data\xspulitk\xkdyzivi.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\MAISON\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ? O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1207945939380 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1207947569712 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O21 - SSODL: srvwebmnt - {17FC2BCE-C668-D5C8-B25D-0530A7B91708} - C:\Program Files\xdaeptd\srvwebmnt.dll O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 6862 bytes

BONSOIR, Voici le message d'un virus que je n'arrive pas a éliminer: TROJAN-SPY.WIN32.GREENSCREEN Quelqu'un a-t-il la solution? Merci

Pour info après installation du pare feu que tu m'as conseillé, impossible de redémarrer. Il a fallu que je le désinstalle en mode sans échec pour redémarrer normalement. Je vais essayer de le réinstaller à nouveau.

Question supplémentaire: Quelle antivirus me conseilles tu?

Tout va bien et je te remercie du boulot effectué.