ssiadmeze

Bonjur, ci joint rapport comme tu me l'as demandé, d'avance merci... SmitFraudFix v2.371 Rapport fait à 16:46:40,54, 31/10/2008 Executé à partir de C:\Documents and Settings\APOZEME\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DorcelCalendar\nclaunch.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\APOZEME\Bureau\SmitfraudFix\Policies.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts Fichier hosts corrompu ! 127.0.0.1 legal-at-spybot.info 127.0.0.1 www.legal-at-spybot.info »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

Bonjour, ok, voilà le rapport combofix, je te remercie de l'intérêt que tu portes à mon soucis... ComboFix 08-10-29.06 - APOZEME 2008-10-29 14:28:20.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.596 [GMT 1:00] Lancé depuis: C:\Documents and Settings\APOZEME\Bureau\ComboFix.exe Commutateurs utilisés :: C:\Documents and Settings\APOZEME\Bureau\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe * Un nouveau point de restauration a été créé . ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-28 au 2008-10-29 )))))))))))))))))))))))))))))))))))) . 2008-10-28 14:13 . 2008-10-28 14:13 <REP> d-------- C:\Program Files\Sun 2008-10-28 14:13 . 2008-10-28 14:13 410,976 --a------ C:\WINDOWS\system32\deploytk.dll 2008-10-24 08:56 . 2008-10-15 17:35 337,408 -----c--- C:\WINDOWS\system32\dllcache\netapi32.dll 2008-10-23 15:00 . 2008-10-23 15:00 <REP> d-------- C:\Program Files\LimeWire 2008-10-23 15:00 . 2008-10-28 15:15 <REP> d-------- C:\Documents and Settings\APOZEME\Application Data\LimeWire 2008-10-15 07:56 . 2008-09-08 11:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys 2008-10-15 07:55 . 2008-09-15 16:26 1,846,528 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys 2008-10-15 07:54 . 2008-08-14 14:23 2,191,232 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2008-10-15 07:54 . 2008-08-14 14:23 2,147,328 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe 2008-10-15 07:54 . 2008-08-14 14:23 2,068,096 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2008-10-15 07:54 . 2008-08-14 14:23 2,025,984 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe 2008-10-13 15:42 . 2008-10-13 15:46 <REP> d-------- C:\combo 2008-10-04 02:09 . 2008-04-11 20:05 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll 2008-10-04 02:09 . 2008-06-14 18:33 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-10-04 02:09 . 2008-05-08 15:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys 2008-10-03 22:43 . 2008-10-03 22:43 <REP> d-------- C:\WINDOWS\system32\fr 2008-10-03 22:43 . 2008-10-03 22:43 <REP> d-------- C:\WINDOWS\system32\bits 2008-10-03 22:43 . 2008-10-03 22:43 <REP> d-------- C:\WINDOWS\l2schemas 2008-10-03 22:40 . 2008-10-03 22:44 <REP> d-------- C:\WINDOWS\ServicePackFiles 2008-10-03 12:44 . 2008-10-24 12:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-10-03 12:44 . 2008-10-03 12:44 1,409 --a------ C:\WINDOWS\QTFont.for 2008-10-03 08:39 . 2008-10-03 10:14 <REP> d-------- C:\Documents and Settings\SOF\Application Data\EoRezo 2008-10-02 17:47 . 2008-10-02 17:47 2,117,632 --a------ C:\WINDOWS\system32\python25.dll 2008-10-02 17:47 . 2008-09-16 17:26 1,332,197 --a------ C:\WINDOWS\system32\pythondll.zip 2008-10-02 17:47 . 2008-10-02 17:47 339,968 --a------ C:\WINDOWS\system32\pythoncom25.dll 2008-10-02 17:47 . 2008-10-02 17:47 114,688 --a------ C:\WINDOWS\system32\pywintypes25.dll 2008-10-02 17:46 . 2008-10-02 17:47 <REP> d-------- C:\Program Files\AGI 2008-10-02 17:36 . 2008-10-02 17:36 <REP> d-------- C:\Documents and Settings\APOZEME\Application Data\GlarySoft 2008-10-02 16:53 . 2008-10-04 23:44 <REP> d-------- C:\Documents and Settings\agents ANAD\Application Data\EoRezo 2008-10-02 16:22 . 2008-10-04 23:44 <REP> d-------- C:\Program Files\EoRezo 2008-10-02 16:22 . 2008-10-04 00:54 <REP> d-------- C:\Documents and Settings\APOZEME\Application Data\EoRezo 2008-09-30 09:14 . 2008-09-30 09:14 <REP> d-------- C:\Documents and Settings\APOZEME\Application Data\Apple Computer 2008-09-30 07:12 . 2008-09-30 07:12 <REP> d-------- C:\Program Files\Fichiers communs\muvee Technologies 2008-09-30 07:11 . 2007-05-28 19:13 1,079,808 -ra------ C:\WINDOWS\system32\mfc80u.dll 2008-09-30 07:11 . 2007-05-28 19:14 626,688 -ra------ C:\WINDOWS\system32\msvcr80.dll 2008-09-30 07:11 . 2007-05-28 19:13 548,864 -ra------ C:\WINDOWS\system32\msvcp80.dll 2008-09-30 07:11 . 2007-05-28 19:13 95,744 -ra------ C:\WINDOWS\system32\atl80.dll 2008-09-30 07:09 . 2008-09-30 07:10 <REP> d-------- C:\Program Files\QuickTime 2008-09-30 07:09 . 2008-09-30 07:09 <REP> d-------- C:\Program Files\OLYMPUS 2008-09-30 07:09 . 2008-09-30 07:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-28 14:54 --------- d-----w C:\Program Files\eMule 2008-10-28 13:12 --------- d-----w C:\Program Files\Java 2008-10-04 22:46 --------- d-----w C:\Program Files\Unlocker 2008-10-02 16:35 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-10-02 16:35 --------- d-----w C:\Program Files\CyberLink 2008-10-02 16:31 --------- d-----w C:\Program Files\TuneUp Utilities 2008 2008-10-02 16:21 --------- d-----w C:\Program Files\AV9 2008-10-01 12:51 --------- d-----w C:\Program Files\Loto des Associations 2008-09-30 11:22 --------- d-----w C:\Program Files\LG PC Suite 2 2008-09-24 16:04 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-09-23 06:40 5,632 ----a-w C:\WINDOWS\system32\drivers\StarOpen.sys 2008-09-17 21:26 --------- d-----w C:\Program Files\orange 2008-09-15 15:26 1,846,528 ----a-w C:\WINDOWS\system32\win32k.sys 2008-09-11 09:18 --------- d-----w C:\Program Files\Fichiers communs\EPSON 2008-09-10 07:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys 2008-08-26 08:11 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-08-14 13:23 2,147,328 ----a-w C:\WINDOWS\system32\ntoskrnl.exe 2008-08-14 13:23 2,025,984 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe 2007-03-06 17:04 64,744 ----a-w C:\Documents and Settings\APOZEME\Application Data\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "nclaunch"="C:\Program Files\DorcelCalendar\nclaunch.exe" [2005-10-12 65536] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-31 68856] "OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-05-28 95800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 7700480] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 86016] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "BigDogPath"="C:\WINDOWS\VM_STI.EXE" [2004-06-09 40960] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 282624] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 C:\WINDOWS\system32\HdAShCut.exe] "nwiz"="nwiz.exe" [2006-10-22 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "BigDogPath"=C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "12050:TCP"= 12050:TCP:emule "10091:UDP"= 10091:UDP:emule "18054:TCP"= 18054:TCP:NortonAV "13510:TCP"= 13510:TCP:NortonAV "12716:TCP"= 12716:TCP:NortonAV "16017:TCP"= 16017:TCP:NortonAV "15063:TCP"= 15063:TCP:NortonAV "13039:TCP"= 13039:TCP:NortonAV "17615:TCP"= 17615:TCP:NortonAV "18866:TCP"= 18866:TCP:NortonAV R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 JavaQuickStarterService;Java Quick Starter;C:\Program Files\Java\jre6\bin\jqs.exe [2008-10-28 152984] R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 lgusbsmodem;LGE Mobile USB Modem;C:\WINDOWS\system32\DRIVERS\lgusbsmodem.sys [ ] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-07-11 355584] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \Shell\AutoRun\command - E:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{706e9056-2d53-11dd-b723-0018f399f2d8}] \Shell\AutoRun\command - tfk8.exe \Shell\explore\Command - tfk8.exe \Shell\open\Command - tfk8.exe *Newly Created Service* - JAVAQUICKSTARTERSERVICE . Contenu du dossier 'Tâches planifiées' 2008-10-27 C:\WINDOWS\Tasks\GlaryInitialize.job - C:\Program Files\Glary Utilities\initialize.exe [2008-04-09 12:22] 2008-10-29 C:\WINDOWS\Tasks\Maintenance en 1 clic.job - C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:23] 2008-10-29 C:\WINDOWS\Tasks\User_Feed_Synchronization-{7EA1E487-DEE5-4D28-AEC4-26C8DFCDBFA7}.job - C:\WINDOWS\system32\msfeedssync.exe [2006-10-17 12:58] . . ------- Examen supplémentaire ------- . FireFox -: Profile - C:\Documents and Settings\APOZEME\Application Data\Mozilla\Firefox\Profiles\j5nww2nn.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.lo.st . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-29 14:29:32 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2008-10-29 14:30:47 ComboFix-quarantined-files.txt 2008-10-29 13:30:36 ComboFix2.txt 2008-10-13 14:46:33 Avant-CF: 61,234,163,712 octets libres Après-CF: 61,290,381,312 octets libres 167 --- E O F --- 2008-10-25 01:01:01

oui, pa oui, pardon, j'ai renommé le fichier et tout est ok...voilà le rapport merci beaucoup pour ton aide ComboFix 08-10-12.01 - APOZEME 2008-10-13 16:43:40.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.672 [GMT 2:00] Lancé depuis: C:\Documents and Settings\APOZEME\Bureau\combo.exe * Un nouveau point de restauration a été créé AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\agents ANAD\ravmonlog C:\Documents and Settings\APOZEME\err.log C:\Documents and Settings\APOZEME\ravmonlog C:\Documents and Settings\SOF\err.log C:\Documents and Settings\SOF\ravmonlog C:\WINDOWS\system32\ieupdates.exe.tmp . ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-13 au 2008-10-13 )))))))))))))))))))))))))))))))))))) . 2008-10-04 03:09 . 2008-04-11 21:05 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll 2008-10-04 03:09 . 2008-06-14 19:33 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-10-04 03:09 . 2008-05-08 16:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys 2008-10-03 23:43 . 2008-10-03 23:43 <REP> d-------- C:\WINDOWS\system32\fr 2008-10-03 23:43 . 2008-10-03 23:43 <REP> d-------- C:\WINDOWS\system32\bits 2008-10-03 23:43 . 2008-10-03 23:43 <REP> d-------- C:\WINDOWS\l2schemas 2008-10-03 23:40 . 2008-10-03 23:44 <REP> d-------- C:\WINDOWS\ServicePackFiles 2008-10-03 13:44 . 2008-10-13 11:54 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-10-03 13:44 . 2008-10-03 13:44 1,409 --a------ C:\WINDOWS\QTFont.for 2008-10-03 09:39 . 2008-10-03 11:14 <REP> d-------- C:\Documents and Settings\SOF\Application Data\EoRezo 2008-10-02 18:47 . 2008-10-02 18:47 2,117,632 --a------ C:\WINDOWS\system32\python25.dll 2008-10-02 18:47 . 2008-09-16 18:26 1,332,197 --a------ C:\WINDOWS\system32\pythondll.zip 2008-10-02 18:47 . 2008-10-02 18:47 339,968 --a------ C:\WINDOWS\system32\pythoncom25.dll 2008-10-02 18:47 . 2008-10-02 18:47 114,688 --a------ C:\WINDOWS\system32\pywintypes25.dll 2008-10-02 18:46 . 2008-10-02 18:47 <REP> d-------- C:\Program Files\AGI 2008-10-02 18:36 . 2008-10-02 18:36 <REP> d-------- C:\Documents and Settings\APOZEME\Application Data\GlarySoft 2008-10-02 17:53 . 2008-10-05 00:44 <REP> d-------- C:\Documents and Settings\agents ANAD\Application Data\EoRezo 2008-10-02 17:22 . 2008-10-05 00:44 <REP> d-------- C:\Program Files\EoRezo 2008-10-02 17:22 . 2008-10-04 01:54 <REP> d-------- C:\Documents and Settings\APOZEME\Application Data\EoRezo 2008-09-30 10:14 . 2008-09-30 10:14 <REP> d-------- C:\Documents and Settings\APOZEME\Application Data\Apple Computer 2008-09-30 08:12 . 2008-09-30 08:12 <REP> d-------- C:\Program Files\Fichiers communs\muvee Technologies 2008-09-30 08:11 . 2007-05-28 20:13 1,079,808 -ra------ C:\WINDOWS\system32\mfc80u.dll 2008-09-30 08:11 . 2007-05-28 20:14 626,688 -ra------ C:\WINDOWS\system32\msvcr80.dll 2008-09-30 08:11 . 2007-05-28 20:13 548,864 -ra------ C:\WINDOWS\system32\msvcp80.dll 2008-09-30 08:11 . 2007-05-28 20:13 95,744 -ra------ C:\WINDOWS\system32\atl80.dll 2008-09-30 08:09 . 2008-09-30 08:10 <REP> d-------- C:\Program Files\QuickTime 2008-09-30 08:09 . 2008-09-30 08:09 <REP> d-------- C:\Program Files\OLYMPUS 2008-09-30 08:09 . 2008-09-30 08:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-09-28 00:18 . 2008-10-01 14:51 <REP> d-------- C:\Program Files\Loto des Associations . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-04 22:46 --------- d-----w C:\Program Files\Unlocker 2008-10-02 16:35 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-10-02 16:35 --------- d-----w C:\Program Files\CyberLink 2008-10-02 16:31 --------- d-----w C:\Program Files\TuneUp Utilities 2008 2008-10-02 16:21 --------- d-----w C:\Program Files\AV9 2008-09-30 11:22 --------- d-----w C:\Program Files\LG PC Suite 2 2008-09-28 22:27 --------- d-----w C:\Program Files\eMule 2008-09-24 16:04 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-09-23 06:40 5,632 ----a-w C:\WINDOWS\system32\drivers\StarOpen.sys 2008-09-17 21:26 --------- d-----w C:\Program Files\orange 2008-09-11 09:18 --------- d-----w C:\Program Files\Fichiers communs\EPSON 2008-09-10 07:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2008-09-08 12:59 --------- d-----w C:\Program Files\Java 2008-08-27 03:59 --------- d-----w C:\Program Files\Photosynth 2008-08-14 13:17 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-08-14 09:49 --------- d-----w C:\Documents and Settings\APOZEME\Application Data\Playrix Entertainment 2008-08-14 09:46 --------- d-----w C:\Program Files\Fichiers communs\Oberon Media 2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll 2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll 2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR 2007-03-06 17:04 64,744 ----a-w C:\Documents and Settings\APOZEME\Application Data\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "nclaunch"="C:\Program Files\DorcelCalendar\nclaunch.exe" [2005-10-12 65536] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-31 68856] "OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-05-28 95800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 7700480] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 86016] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "BigDogPath"="C:\WINDOWS\VM_STI.EXE" [2004-06-09 40960] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 282624] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 C:\WINDOWS\system32\HdAShCut.exe] "nwiz"="nwiz.exe" [2006-10-22 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "BigDogPath"=C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "12050:TCP"= 12050:TCP:emule "10091:UDP"= 10091:UDP:emule "18054:TCP"= 18054:TCP:NortonAV "13510:TCP"= 13510:TCP:NortonAV "12716:TCP"= 12716:TCP:NortonAV "16017:TCP"= 16017:TCP:NortonAV "15063:TCP"= 15063:TCP:NortonAV "13039:TCP"= 13039:TCP:NortonAV "17615:TCP"= 17615:TCP:NortonAV "18866:TCP"= 18866:TCP:NortonAV R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 lgusbsmodem;LGE Mobile USB Modem;C:\WINDOWS\system32\DRIVERS\lgusbsmodem.sys [ ] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-07-11 355584] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{706e9056-2d53-11dd-b723-0018f399f2d8}] \Shell\AutoRun\command - tfk8.exe \Shell\explore\Command - tfk8.exe \Shell\open\Command - tfk8.exe . Contenu du dossier 'Tâches planifiées' 2008-10-13 C:\WINDOWS\Tasks\GlaryInitialize.job - C:\Program Files\Glary Utilities\initialize.exe [2008-04-09 13:22] 2008-10-13 C:\WINDOWS\Tasks\Maintenance en 1 clic.job - C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23] 2008-10-12 C:\WINDOWS\Tasks\User_Feed_Synchronization-{7EA1E487-DEE5-4D28-AEC4-26C8DFCDBFA7}.job - C:\WINDOWS\system32\msfeedssync.exe [2006-10-17 13:58] . . ------- Examen supplémentaire ------- . FireFox -: Profile - C:\Documents and Settings\APOZEME\Application Data\Mozilla\Firefox\Profiles\j5nww2nn.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.lo.st . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-13 16:45:22 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2008-10-13 16:46:32 ComboFix-quarantined-files.txt 2008-10-13 14:46:29 Avant-CF: 61 279 567 872 octets libres Après-CF: 61,363,806,208 octets libres 169 --- E O F --- 2008-10-05 01:02:09

je ne sais pas comment le renommer...peux-tu m'expliquer la procédure exacte? d'avance merci...janjac

@ chaques fois que j'execute, j'arrive sur le message à renommer...tu peux me donner la procédure exacte, je n'y arrive pas...

impossible de charger combofix,,il me marque Vous ne pouvez pas renomer combofix en veuillez choisir un autre nom, de préférence composé de caractères alphanumériques...

pppffff..impossible charger combofix par ce lien, ne l'accepte pas ...

Malwarebytes' Anti-Malware 1.20 Version de la base de données: 944 Windows 5.1.2600 Service Pack 2 16:22:53 02/10/2008 mbam-log-10-2-2008 (16-22-53).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 97534 Temps écoulé: 19 minute(s), 46 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Hello, pardon pour tout ce temps, mais on a eu des petits soucis merci pour l'intérêt que tu portes à mon soucis.. tu trouveras ci_joint, le rapport hjt....malewarebytes suit cordialement ssiadmeze Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:03:09, on 02/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! France R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-1409082233-1303643608-682003330-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'APOZEME') O4 - HKUS\S-1-5-21-1409082233-1303643608-682003330-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'APOZEME') O4 - HKUS\S-1-5-21-1409082233-1303643608-682003330-1003\..\Run: [09765169054650039276508379278604] C:\Program Files\AV9\av2009.exe (User 'APOZEME') O4 - HKUS\S-1-5-21-1409082233-1303643608-682003330-1003\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart (User 'APOZEME') O4 - HKUS\S-1-5-21-1409082233-1303643608-682003330-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SOF') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Search - ?p=ZCxdm451YYFR O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jd...ows-i586-jc.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F374FEED-06A6-402A-BC8A-77C2F246BBC4}: NameServer = 192.168.1.1 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 9628 bytes

Bonjour, pourais-je avoir de l'aide pour éradiquer plusieurs virus...@ priori, trojan dans le lot...ci-joint, rapport hjt.. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:50:00, on 08/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\System32\TuneUpDefragService.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\VM_STI.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! France R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-1409082233-1303643608-682003330-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'APOZEME') O4 - HKUS\S-1-5-21-1409082233-1303643608-682003330-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'APOZEME') O4 - HKUS\S-1-5-21-1409082233-1303643608-682003330-1003\..\Run: [09765169054650039276508379278604] C:\Program Files\AV9\av2009.exe (User 'APOZEME') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE D'avance merci, pat...