Zorgimus

Merci 1000 fois, le pc va nettement mieux... Je vais quand même le soumettre à l'optimisation et surtout suivre vos conseil concernant le surf.

Salut, Suite: -->- Recherche: C:\TB.txt: trouvé ! C:\SDFIX: trouvé ! C:\Toolbar SD: trouvé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé ! C:\Documents and Settings\SAM\Bureau\SdFix.exe: trouvé ! C:\Documents and Settings\SAM\Bureau\HijackThis.lnk: trouvé ! C:\Documents and Settings\SAM\Bureau\Msnfix.zip: trouvé ! C:\Documents and Settings\SAM\Bureau\HJTInstall.exe: trouvé ! C:\Documents and Settings\SAM\Bureau\ToolBarSD.exe: trouvé ! C:\Documents and Settings\SAM\Bureau\film olive\MsnFix: trouvé ! C:\Documents and Settings\SAM\DoctorWeb\Quarantine\SdFix.exe: trouvé ! C:\Documents and Settings\SAM\Recent\MSNFix.lnk: trouvé ! C:\Documents and Settings\SAM\Recent\HijackThis.lnk: trouvé ! C:\Program Files\Trend Micro\HijackThis: trouvé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé ! C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé ! C:\WINDOWS\msnfix.txt: trouvé ! --------------------------------- -->- Suppression: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé ! C:\Documents and Settings\SAM\Bureau\SdFix.exe: supprimé ! C:\Documents and Settings\SAM\Bureau\HijackThis.lnk: supprimé ! C:\Documents and Settings\SAM\Bureau\Msnfix.zip: supprimé ! C:\Documents and Settings\SAM\Bureau\HJTInstall.exe: supprimé ! C:\Documents and Settings\SAM\Bureau\ToolBarSD.exe: supprimé ! C:\Documents and Settings\SAM\DoctorWeb\Quarantine\SdFix.exe: supprimé ! C:\Documents and Settings\SAM\Recent\MSNFix.lnk: supprimé ! C:\Documents and Settings\SAM\Recent\HijackThis.lnk: supprimé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé ! C:\TB.txt: supprimé ! C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé ! C:\WINDOWS\msnfix.txt: supprimé ! C:\SDFIX: supprimé ! C:\Toolbar SD: supprimé ! C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé ! C:\Documents and Settings\SAM\Bureau\film olive\MsnFix: supprimé ! C:\Program Files\Trend Micro\HijackThis: supprimé ! Corbeille vidée! Fichiers temporaires nettoyés ! Point de restauration crée !

Merci je vais le faire, ainsi que ce que tu as préconisé dans d'autres messages. A+ Bonne nuit

Bonsoir , le résultat demandé: Fichier IncrediMail_Install.exe reçu le 2008.10.14 23:21:00 (CET) Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.10.15.0 2008.10.14 - AntiVir 7.8.1.34 2008.10.14 - Authentium 5.1.0.4 2008.10.14 - Avast 4.8.1248.0 2008.10.14 - AVG 8.0.0.161 2008.10.14 - BitDefender 7.2 2008.10.14 - CAT-QuickHeal 9.50 2008.10.14 Downloader.ImLoader.e (Not a Virus) ClamAV 0.93.1 2008.10.14 - DrWeb 4.44.0.09170 2008.10.14 - eSafe 7.0.17.0 2008.10.12 - eTrust-Vet 31.6.6147 2008.10.14 - Ewido 4.0 2008.10.14 Not-A-Virus.Downloader.Win32.ImLoader.e F-Prot 4.4.4.56 2008.10.14 - F-Secure 8.0.14332.0 2008.10.14 Downloader.Win32.ImLoader.e Fortinet 3.113.0.0 2008.10.14 - GData 19 2008.10.14 - Ikarus T3.1.1.34.0 2008.10.14 - K7AntiVirus 7.10.493 2008.10.14 not-a-virus:Downloader.Win32.ImLoader.e Kaspersky 7.0.0.125 2008.10.14 not-a-virus:Downloader.Win32.ImLoader.e McAfee 5405 2008.10.14 Generic Downloader.x Microsoft 1.4005 2008.10.14 - NOD32 3522 2008.10.14 probably a variant of Win32/TrojanDownloader.Agent Norman 5.80.02 2008.10.14 - Panda 9.0.0.4 2008.10.14 - PCTools 4.4.2.0 2008.10.14 - Prevx1 V2 2008.10.14 - Rising 20.66.12.00 2008.10.14 - SecureWeb-Gateway 6.7.6 2008.10.14 - Sophos 4.34.0 2008.10.14 - Sunbelt 3.1.1722.1 2008.10.14 - Symantec 10 2008.10.14 - TheHacker 6.3.1.0.110 2008.10.14 Aplicacion/ImLoader.e TrendMicro 8.700.0.1004 2008.10.14 - VBA32 3.12.8.6 2008.10.14 Downloader.Win32.ImLoader.e ViRobot 2008.10.14.1419 2008.10.14 - VirusBuster 4.5.11.0 2008.10.14 - Information additionnelle File size: 525664 bytes MD5...: d785355f276fc063e879c1035c224e40 SHA1..: b28f8b8f98e77f1fb190eb079f2dd880177d5b81 SHA256: dcb81dfeef80f7c767a53b1c054cde9cc2d57418689992dfb16f3dd47bfd3849 SHA512: 6dfeb637d23e92c21176a513769830e7394694a0df813b8c9d29cc892e580347<br>37aa690e3b312822d209d4c2336d34e6615b945369da8280c78a0dee3ee1b3e8 PEiD..: Armadillo v1.71 TrID..: File type identification<br>Win64 Executable Generic (59.6%)<br>Win32 Executable MS Visual C++ (generic) (26.2%)<br>Win32 Executable Generic (5.9%)<br>Win32 Dynamic Link Library (generic) (5.2%)<br>Generic Win/DOS Executable (1.3%) PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x43e046<br>timedatestamp.....: 0x472060cc (Thu Oct 25 09:24:28 2007)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x48f74 0x49000 6.61 59f963c5518ae49286247bccb1f5d713<br>.rdata 0x4a000 0x87e0 0x9000 4.66 b585f02b500faf95ef6a874360da359c<br>.data 0x53000 0xb7c4 0x8000 5.01 00e0e39f48e961753747ac725ce3e40f<br>.rsrc 0x5f000 0x232bc 0x24000 6.23 4107ee30ccdb232e7533433f5dc95be6<br><br>( 12 imports ) <br>> urlmon.dll: URLDownloadToCacheFileA<br>> WININET.dll: InternetSetOptionA, InternetCloseHandle, InternetOpenUrlA, DeleteUrlCacheEntry, HttpQueryInfoA, InternetReadFile, HttpSendRequestA, HttpAddRequestHeadersA, HttpOpenRequestA, InternetConnectA, InternetAutodial, InternetGetConnectedState, InternetGetCookieA, InternetOpenA<br>> VERSION.dll: GetFileVersionInfoA, VerQueryValueA, GetFileVersionInfoSizeA<br>> SHELL32.dll: ShellExecuteExA, SHGetSpecialFolderLocation, SHGetMalloc, SHGetPathFromIDListA<br>> COMCTL32.dll: ImageList_Draw, ImageList_Destroy, ImageList_Create, ImageList_Add, InitCommonControlsEx, ImageList_AddMasked<br>> KERNEL32.dll: CloseHandle, CreateFileA, CreateDirectoryA, SetFileAttributesA, SetFileTime, DosDateTimeToFileTime, WideCharToMultiByte, FindNextFileA, FindClose, FindFirstFileA, MultiByteToWideChar, lstrlenA, lstrlenW, GetShortPathNameA, GetModuleHandleA, GetModuleFileNameA, SetEvent, InterlockedDecrement, WaitForSingleObject, CreateThread, CreateEventA, QueueUserAPC, ReleaseMutex, Sleep, lstrcmpiA, GetCurrentThreadId, GetCommandLineA, GetLastError, CreateMutexA, InitializeCriticalSection, HeapDestroy, DeleteCriticalSection, FreeLibrary, GetProcAddress, LoadLibraryA, lstrcpyA, lstrcatA, InterlockedIncrement, LeaveCriticalSection, EnterCriticalSection, TlsSetValue, OutputDebugStringA, WriteFile, TlsGetValue, GetLocalTime, SetUnhandledExceptionFilter, GetCurrentProcess, GetSystemDefaultLangID, GetSystemDirectoryA, SetCurrentDirectoryA, SetThreadPriority, WaitForMultipleObjects, GetExitCodeThread, ReadFile, GetFileSize, GetExitCodeProcess, GlobalUnlock, GlobalLock, GlobalAlloc, GetTickCount, DeleteFileA, RemoveDirectoryA, GetVersionExA, GetLongPathNameA, GetTempPathA, GetEnvironmentVariableA, SleepEx, SetFilePointer, LocalFree, FormatMessageA, CopyFileA, GlobalFree, TerminateProcess, lstrcmpA, FlushInstructionCache, GetACP, GetPrivateProfileStringA, GetPrivateProfileIntA, GetPrivateProfileSectionNamesA, GetSystemTime, HeapFree, HeapAlloc, InterlockedExchange, LoadLibraryExA, LocalLock, TlsFree, TlsAlloc, GetStartupInfoA, GetVersion, ExitProcess, LCMapStringA, LCMapStringW, GetCPInfo, CompareStringA, CompareStringW, HeapSize, HeapCreate, VirtualFree, VirtualAlloc, RaiseException, IsBadWritePtr, SetStdHandle, SetEndOfFile, SetHandleCount, GetFileAttributesA, GetFileType, RtlUnwind, ExitThread, HeapReAlloc, GetStdHandle, SetLastError, FlushFileBuffers, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, IsValidLocale, IsValidCodePage, GetLocaleInfoA, EnumSystemLocalesA, GetUserDefaultLCID, GetStringTypeA, GetStringTypeW, GetOEMCP, IsBadReadPtr, IsBadCodePtr, SetEnvironmentVariableA, GetCurrentThread, GetLocaleInfoW<br>> USER32.dll: CopyRect, EnableWindow, CharLowerA, GetNextDlgTabItem, GetFocus, GetKeyState, CreateDialogParamA, wsprintfA, IsChild, FillRect, GetDesktopWindow, CreateAcceleratorTableA, ReleaseCapture, SetCapture, InvalidateRgn, GetWindowPlacement, InflateRect, BeginPaint, DrawIcon, EndPaint, ScreenToClient, MoveWindow, LoadImageA, LoadBitmapA, ExitWindowsEx, DialogBoxParamA, RedrawWindow, InvalidateRect, DestroyIcon, SetRectEmpty, GetParent, GetWindow, GetWindowRect, GetWindowTextLengthA, MapWindowPoints, DrawFocusRect, SetWindowTextA, GetDlgItem, GetWindowLongA, SetWindowLongA, GetClientRect, LoadIconA, ReleaseDC, SetWindowPos, GetSystemMetrics, EndDialog, GetActiveWindow, PeekMessageA, CreateWindowExA, TranslateMessage, DispatchMessageA, IsWindow, DestroyWindow, RegisterClassExA, FindWindowA, GetWindowThreadProcessId, EnumThreadWindows, PostMessageA, IsWindowVisible, GetClassNameA, IsIconic, ShowWindow, GetWindowTextA, RegisterWindowMessageA, GetClassInfoExA, GetSysColor, GetForegroundWindow, WaitForInputIdle, MsgWaitForMultipleObjectsEx, GetSystemMenu, RemoveMenu, LoadCursorA, SetCursor, UnregisterClassA, GetDC, CallWindowProcA, SetForegroundWindow, PostQuitMessage, DefWindowProcA, CharNextA, PostThreadMessageA, LoadStringA, SendMessageA, SetRect, SendDlgItemMessageA, SetDlgItemTextA, SystemParametersInfoA, SetFocus, GetMessageA<br>> GDI32.dll: SetBkColor, CreateCompatibleDC, SelectObject, StretchBlt, GetObjectA, DeleteObject, SetBkMode, GetStockObject, CreateSolidBrush, CreateCompatibleBitmap, SetTextColor, BitBlt, CreateFontIndirectA, DeleteDC, ExtTextOutA, GetDeviceCaps, GetTextExtentPoint32A<br>> ADVAPI32.dll: RegCloseKey, RegDeleteKeyA, RegEnumKeyExA, RegNotifyChangeKeyValue, RegSetValueExA, RegOpenKeyExA, RegDeleteValueA, RegQueryValueExA, RegCreateKeyExA<br>> ole32.dll: CoTaskMemAlloc, OleLockRunning, StringFromCLSID, CoCreateInstance, CoUninitialize, CoInitialize, CoRegisterClassObject, CoRevokeClassObject, CoDisconnectObject, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoTaskMemFree, ProgIDFromCLSID, CLSIDFromProgID, CLSIDFromString<br>> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -<br>> SHLWAPI.dll: PathFindFileNameA, UrlUnescapeA<br><br>( 0 exports ) <br>

kapersky a fait son oeuvre: -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Tuesday, October 14, 2008 Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Monday, October 13, 2008 19:42:55 Records in database: 1309280 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ Scan statistics: Files scanned: 81658 Threat name: 1 Infected objects: 1 Suspicious objects: 0 Duration of the scan: 02:14:13 File name / Threat name / Threats count C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe Infected: not-a-virus:Downloader.Win32.ImLoader.e 1 The selected area was scanned.

Voila pour hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:18:25, on 13/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\PowerArchiver\PASTARTER.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Documents and Settings\SAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe C:\Program Files\Fichiers communs\Sony Shared\GMR\GMRMan.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAutoUpdate.exe C:\Program Files\Orange\Logiciel de Synchronisation Orange\SyncManager.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.de/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;localhost;club-internet.fr;*.club-internet.fr;grolier.fr;*.grolier.fr;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LanceurEasyBox] "C:\Program Files\Easybox\EasyBox.exe" -AutoStart O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\SAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Pinnacle Scheduler.lnk = ? O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: EasyBoxApache - Unknown owner - C:\Program Files\Easybox\Apache\Apache.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\SAM\LOCALS~1\Temp\hpdj.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O24 - Desktop Component 1: Aqua Real - 7db39a0d-580f-4be9-9195-8bfcd226f6c2 --

Merci pour les infos , la patience bref ton aide si précieuse, j'ai utilisé sdfix mais au moment du redémmarage il ya eu interaction avec antivir sans conséquences voici le rapport: Run by SAM on 13/10/2008 at 21:35 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : Trojan Files Found: C:\WINDOWS\SYSTEM32\FTPUPD.EXE - Deleted C:\WINDOWS\system32\TFTP1344 - Deleted C:\WINDOWS\system32\TDSSerrors.log - Deleted C:\WINDOWS\system32\tdssinit.dll - Deleted C:\WINDOWS\system32\tdssl.dll - Deleted C:\WINDOWS\system32\tdsslog.dll - Deleted C:\WINDOWS\system32\tdssmain.dll - Deleted C:\WINDOWS\system32\tdssserf.dll - Deleted C:\WINDOWS\system32\tdssserf1.dll - Deleted C:\WINDOWS\system32\tdssservers.dat - Deleted Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-13 21:47:06 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg40] "ujdew"=hex:20,02,00,00,be,3b,cb,72,aa,fa,2e,b4,5a,b7,87,f3,b0,54,2f,d4,1e,.. "ljej40"=hex:ac,c0,ed,b4,e5,eb,91,87,85,08,38,a0,8a,47,2c,c1,aa,72,dd,00,c5,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40] "khjeh"=hex:20,02,00,00,8d,3b,cb,72,30,28,5d,54,a5,68,2c,63,c6,ba,1d,d3,dd,.. "hj34z0"=hex:ce,10,67,c6,0a,35,3a,17,e0,f7,0a,a7,49,82,51,92,ff,42,2d,a9,85,.. "hj34z1"=hex:73,10,67,c6,72,35,3a,17,e1,f7,0b,a7,48,82,51,92,ff,42,2d,a9,0e,.. "hj34z2"=hex:73,10,67,c6,72,35,3a,17,e1,f7,0b,a7,48,82,51,92,ff,42,2d,a9,0e,.. "hj34z3"=hex:73,10,67,c6,72,35,3a,17,e1,f7,0b,a7,48,82,51,92,ff,42,2d,a9,0e,.. "hj34z4"=hex:73,10,67,c6,72,35,3a,17,e1,f7,0b,a7,48,82,51,92,ff,42,2d,a9,0e,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf41] "khjeh"=hex:20,02,00,00,8d,3b,cb,72,fb,67,1a,62,a5,68,2c,63,e9,ab,1d,d3,dd,.. "hj34z0"=hex:ad,11,67,c6,1a,34,3a,17,e0,f7,0a,a7,49,82,51,92,ff,42,2d,a9,d3,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf42] scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}] "DisplayName"="Alcohol 120%" scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Documents and Settings\\SAM\\Local Settings\\Temporary Internet Files\\Content.IE5\\S5KDQ7C1\\incredimail_install[1].exe"="C:\\Documents and Settings\\SAM\\Local Settings\\Temporary Internet Files\\Content.IE5\\S5KDQ7C1\\incredimail_install[1].exe:*:Enabled:IncrediMail Installer" "C:\\Documents and Settings\\SAM\\Local Settings\\Temporary Internet Files\\Content.IE5\\U7QZUXYN\\incredimail_install[1].exe"="C:\\Documents and Settings\\SAM\\Local Settings\\Temporary Internet Files\\Content.IE5\\U7QZUXYN\\incredimail_install[1].exe:*:Enabled:IncrediMail Installer" "C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail" "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail" "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Sat 16 Oct 2004 56 ..SHR --- "C:\WINDOWS\system32\A813AE869A.sys" Fri 20 Aug 2004 65,024 A.SH. --- "C:\WINDOWS\system32\asycfilt.dll" Fri 25 Aug 2006 617,472 A.SH. --- "C:\WINDOWS\system32\comctl32.dll" Sat 2 Feb 2008 1,368 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys" Fri 20 Aug 2004 1,028,096 A.SH. --- "C:\WINDOWS\system32\mfc42.dll" Thu 24 Apr 2003 57,344 A.SH. --- "C:\WINDOWS\system32\mfc42loc.dll" Fri 20 Aug 2004 413,696 A.SH. --- "C:\WINDOWS\system32\msvcp60.dll" Fri 20 Aug 2004 343,040 A.SH. --- "C:\WINDOWS\system32\msvcrt.dll" Thu 24 Apr 2003 253,952 A.SH. --- "C:\WINDOWS\system32\msvcrt20.dll" Thu 17 May 2007 549,376 A.SH. --- "C:\WINDOWS\system32\oleaut32.dll" Fri 20 Aug 2004 83,456 A.SH. --- "C:\WINDOWS\system32\olepro32.dll" Fri 20 Aug 2004 30,749 A.SH. --- "C:\WINDOWS\system32\vbajet32.dll" Sat 19 Feb 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Sun 18 Feb 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp" Thu 15 May 2003 43,008 ...H. --- "C:\Program Files\Fichiers communs\Adobe\ESD\DLMCleanup.exe" Fri 13 May 2005 59,382,851 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\21c885a593b3aea69d4a95ec1bfc46d4\BIT26.tmp" Fri 13 May 2005 5,648,819 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2598047398f4663b0636f95637a61285\BIT27.tmp" Wed 23 Jul 2008 248,640 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2f92d48fd4dd6c3e29f57417ec6cf1d9\BIT31.tmp" Fri 25 Apr 2008 2,831,912 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\405ae8e48aa46e265982686e1678047b\BIT2F.tmp" Tue 29 Jul 2008 506,920 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4d8bae15f4220c10cdeb74bfa142239a\BIT33.tmp" Wed 3 Sep 2008 7,281,784 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7ab777f7de3e6e633438f06ba30269aa\BIT32.tmp" Wed 23 Jul 2008 248,315 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8cd85f12420c94f4e35f4e73c4f6941c\BIT38.tmp" Thu 22 May 2008 535,592 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a839252010b2a3660b4ca84580ecd8c3\BIT34.tmp" Tue 17 Jun 2008 612,392 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e895bb203e07bbdfe868440e8348993a\BIT39.tmp" Wed 23 Jul 2008 197,351 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4b38e912c8ee381a599c6d53fc94e7ab\download\BIT37.tmp" Wed 23 Jul 2008 13,900 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6acede1e468d41897e38ed4288f48a59\download\BIT3D.tmp" Thu 3 Jul 2008 404,029 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7dcccc5b489f481a52c50584f0656cad\download\BIT3B.tmp" Wed 23 Jul 2008 2,431,376 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c231b85b126b2aeb7319f64560d38f25\download\BIT3C.tmp" Tue 1 Apr 2008 1,390,774 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f5d7738acf9c48c006cd814026ee1a38\download\BIT3A.tmp" Finished!

Bizarrement je n'utilise pas ces trucs qui sont la depuis très longtemps, cela suffit il de les dégager purement et simplement?

Salut, Je n'ai pas eu ton dernier message, j'ai donc ramené une clef usb avec Dr Web cure it et suivi ta démarche je te joins le résultat. Au redémmarage antivir a trouvé quelquechose que j'ai deleté, tdssserv.sys c:\windows\system32\drivers BackDoor.Tdss.14 Supprimé. SDFix.exe\SDFix\apps\Process.exe C:\Documents and Settings\SAM\Bureau\SDFix.exe Tool.Prockill SDFix.exe C:\Documents and Settings\SAM\Bureau L'archive contient des éléments infectés Quarantaine. Process.exe C:\Documents and Settings\SAM\Bureau\film olive\MSNFix\incl Tool.Prockill Quarantaine. Process.exe C:\SDFix\apps Tool.Prockill Quarantaine. Virus or unwanted program 'RKIT/Clbd.KS [trojan]' detected in file 'C:\WINDOWS\system32\tdssadw.dll. Action performed: Delete file ....en 3 exemplaires au redemarrage.

Ok merci, je verrai demain, j'utiliserai une clé ou le "canon", la nuit porte conseil...merci pour la patience. Bonne nuit.

Désolé j'ai répondu sous le texte. Je ne parviens pas à ouvrir les liens.

j'ai refais malaware rapide: 6 trojans: Malwarebytes' Anti-Malware 1.28 Version de la base de données: 1260 Windows 5.1.2600 Service Pack 2 12/10/2008 23:56:25 mbam-log-2008-10-12 (23-56-25).txt Type de recherche: Examen rapide Eléments examinés: 53648 Temps écoulé: 4 minute(s), 45 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\ -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\ -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\ (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\ (Trojan.Agent) -> Quarantined and deleted successfully. impossible de télécharger tes liens comme por kapersky...

Bad news impossible de me rendre sur le site (introuvable) quel que soit le chemin...

Suite... Avira AntiVir Personal Report file date: dimanche 12 octobre 2008 18:58 Scanning for 1369550 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: 11AB Version information: BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15 ANTIVIR2.VDF : 7.0.5.20 142336 Bytes 30/06/2008 05:20:53 ANTIVIR3.VDF : 7.0.5.23 17408 Bytes 30/06/2008 09:24:47 Engineversion : 8.1.1.19 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21 AESCRIPT.DLL : 8.1.0.63 311673 Bytes 06/08/2008 13:13:47 AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49 AERDL.DLL : 8.1.0.20 418165 Bytes 24/04/2008 12:37:48 AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35 AEOFFICE.DLL : 8.1.0.21 192891 Bytes 18/07/2008 06:35:21 AEHEUR.DLL : 8.1.0.47 1368437 Bytes 06/08/2008 13:13:47 AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48 AEGEN.DLL : 8.1.0.35 315764 Bytes 06/08/2008 14:38:47 AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21 AECORE.DLL : 8.1.1.8 172406 Bytes 31/07/2008 08:33:21 AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01 AVREP.DLL : 7.0.0.1 155688 Bytes 30/06/2008 14:35:20 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: dimanche 12 octobre 2008 18:58 Starting search for hidden objects. c:\windows\system32\tdssadw.dll [iNFO] The file is not visible. [NOTE] A backup was created as '49652dec.qua' ( QUARANTINE ) c:\windows\system32\tdsserrors.log [iNFO] The file is not visible. [NOTE] A backup was created as '4aa3dc9d.qua' ( QUARANTINE ) c:\windows\system32\tdssinit.dll [iNFO] The file is not visible. [NOTE] A backup was created as '4aac34c5.qua' ( QUARANTINE ) c:\windows\system32\tdssl.dll [iNFO] The file is not visible. [NOTE] A backup was created as '4aae6d0d.qua' ( QUARANTINE ) c:\windows\system32\tdsslog.dll [iNFO] The file is not visible. [NOTE] A backup was created as '4aa84575.qua' ( QUARANTINE ) c:\windows\system32\tdssmain.dll [iNFO] The file is not visible. [NOTE] A backup was created as '4aaabdbd.qua' ( QUARANTINE ) c:\windows\system32\tdssserf.dll [iNFO] The file is not visible. [NOTE] A backup was created as '4ab495e5.qua' ( QUARANTINE ) c:\windows\system32\tdssserf1.dll [iNFO] The file is not visible. [NOTE] A backup was created as '4ab6f22d.qua' ( QUARANTINE ) c:\windows\system32\tdssservers.dat [iNFO] The file is not visible. [NOTE] A backup was created as '406ff685.qua' ( QUARANTINE ) c:\windows\system32\drivers\tdssserv.sys [iNFO] The file is not visible. [NOTE] A backup was created as '40682ecd.qua' ( QUARANTINE ) HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Safeboot\Minimal\tdssserv.sys [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Safeboot\Network\tdssserv.sys [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Safeboot\Minimal\tdssserv.sys [iNFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Safeboot\Network\tdssserv.sys [iNFO] The registry entry is invisible. '71083' objects were checked, '14' hidden objects were found. The scan of running processes will be started Scan process 'WINWORD.EXE' - '1' Module(s) have been scanned Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'epmworker.exe' - '1' Module(s) have been scanned Scan process 'Generic.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'SyncManager.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'CONNECTAutoUpdate.exe' - '1' Module(s) have been scanned Scan process 'wscntfy.exe' - '1' Module(s) have been scanned Scan process 'iPodService.exe' - '1' Module(s) have been scanned Scan process 'GMRMan.exe' - '1' Module(s) have been scanned Scan process 'CapabilityManager.exe' - '1' Module(s) have been scanned Scan process 'PCLEScheduler.exe' - '1' Module(s) have been scanned Scan process 'Voxsync.exe' - '1' Module(s) have been scanned Scan process 'WinCinemaMgr.exe' - '1' Module(s) have been scanned Scan process 'CONNECTAUTrayApp.exe' - '1' Module(s) have been scanned Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'PASTARTER.EXE' - '1' Module(s) have been scanned Scan process 'issch.exe' - '1' Module(s) have been scanned Scan process 'Application Launcher.exe' - '1' Module(s) have been scanned Scan process 'CONNECTScheduler.exe' - '1' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned Scan process 'realsched.exe' - '1' Module(s) have been scanned Scan process 'qttask.exe' - '1' Module(s) have been scanned Scan process 'DEVDET~1.EXE' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'daemon.exe' - '1' Module(s) have been scanned Scan process 'mmtask.exe' - '1' Module(s) have been scanned Scan process 'LVComS.exe' - '1' Module(s) have been scanned Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'fts.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'aawservice.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'Smc.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 55 processes with 55 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '71' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\atapi.sys [WARNING] The file could not be opened! End of the scan: dimanche 12 octobre 2008 19:52 Used time: 54:01 Minute(s) The scan has been done completely. 8395 Scanning directories 353362 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 10 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 353360 Files not concerned 3797 Archives were scanned 2 Warnings 10 Notes 71083 Objects were scanned with rootkit scan 14 Hidden objects were found Après ça j'ai relancé une fois Hijackthis et supprimé les 4 lignes présentes encore pour obtenir cela: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:16:18, on 12/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\PowerArchiver\PASTARTER.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Documents and Settings\SAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\Program Files\Fichiers communs\Sony Shared\GMR\GMRMan.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAutoUpdate.exe C:\Program Files\Orange\Logiciel de Synchronisation Orange\SyncManager.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.de/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;localhost;club-internet.fr;*.club-internet.fr;grolier.fr;*.grolier.fr;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LanceurEasyBox] "C:\Program Files\Easybox\EasyBox.exe" -AutoStart O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\SAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Pinnacle Scheduler.lnk = ? O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: EasyBoxApache - Unknown owner - C:\Program Files\Easybox\Apache\Apache.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\SAM\LOCALS~1\Temp\hpdj.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O24 - Desktop Component 1: Aqua Real - 7db39a0d-580f-4be9-9195-8bfcd226f6c2 -- End of file - 11165 bytes

Keep the fight: Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3200+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : SAM ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 081001-0] 4.8.1229 (Activated) Firewall : Sygate Personal Firewall 4.6 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total : 149 Go Free : 55 Go D:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go E:\ (CD or DVD) F:\ (CD or DVD) - CDFS - Total : 2 Go Free : 0 Go G:\ (CD or DVD) H:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 ) Option : [2] ( 12/10/2008|18:04 ) -----------\\ SUPPRESSION Supprime! - C:\WINDOWS\iun6002.exe -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (SAM) - {71328583-3CA7-4809-B4BA-570A85818FBB} => cacheviewer (SAM) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.neufportail.fr/" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie"'>http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.google.com/ie" "Start Page"="http://www.msn.com/" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" --------------------\\ Recherche d'autres infections --------------------\\ ROOTKIT !! Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\tdssserv] Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\tdssserv] Rootkit Tibs ! .. [HKLM\..\ControlSet003\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\ControlSet003\Enum\Root\tdssserv] Trojan ! .. C:\WINDOWS\system32\drivers\tdssserv.sys Trojan ! .. C:\WINDOWS\system32\tdssservers.dat Trojan ! .. C:\WINDOWS\system32\tdssserf.dll Trojan ! .. C:\WINDOWS\system32\tdssmain.dll Trojan ! .. C:\WINDOWS\system32\tdssinit.dll Trojan ! .. C:\WINDOWS\system32\tdssadw.dll Trojan ! .. C:\WINDOWS\system32\tdsslog.dll Trojan ! .. C:\WINDOWS\system32\tdssl.dll --------------------\\ Cracks & Keygens .. C:\DOCUME~1\SAM\Bureau\Raccourcis Bureau non utilis‚s\MyTheatre[1].v3.25.1.Keygen.ZIP C:\DOCUME~1\SAM\Mes documents\Incoming\programmes_jeux\eJay dj Mix Station 2 - full multilingual version + Crack - by pollopocket.ace C:\DOCUME~1\SAM\Mes documents\Incoming\programmes_jeux\WinISO 5 3 + crack.exe C:\DOCUME~1\SAM\Mes documents\pes5\Crack C:\DOCUME~1\SAM\Mes documents\pes5\Crack\PES5.exe 1 - "C:\ToolBar SD\TB_1.txt" - 12/10/2008|17:53 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 12/10/2008|18:06 - Option : [2] -----------\\ Fin du rapport a 18:06:29,62 Scan saved at 18:09:05, on 12/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\PowerArchiver\PASTARTER.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Documents and Settings\SAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe C:\Program Files\Fichiers communs\Sony Shared\GMR\GMRMan.exe C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAutoUpdate.exe C:\Program Files\Orange\Logiciel de Synchronisation Orange\SyncManager.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;localhost;club-internet.fr;*.club-internet.fr;grolier.fr;*.grolier.fr;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun O4 - HKLM\..\Run: [i downloaded pirated Software from P2P and now I post my Hijack log whining] C:\WINDOWS\system32\Pro Evolution Soccer 5 crack.exe O4 - HKLM\..\Run: [system service65] C:\WINDOWS\etb\pokapoka65.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LanceurEasyBox] "C:\Program Files\Easybox\EasyBox.exe" -AutoStart O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\SAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe O4 - Global Startup: DSLMON.lnk = ? O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Pinnacle Scheduler.lnk = ? O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: EasyBoxApache - Unknown owner - C:\Program Files\Easybox\Apache\Apache.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\SAM\LOCALS~1\Temp\hpdj.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O24 - Desktop Component 1: Aqua Real - 7db39a0d-580f-4be9-9195-8bfcd226f6c2 -- End of file - 11983 bytes

suite... -----------\\ ToolBar S&D 1.2.2 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3200+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : SAM ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 081001-0] 4.8.1229 (Activated) Firewall : Sygate Personal Firewall 4.6 (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total : 149 Go Free : 55 Go D:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go E:\ (CD or DVD) F:\ (CD or DVD) - CDFS - Total : 2 Go Free : 0 Go G:\ (CD or DVD) H:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 ) Option : [1] ( 12/10/2008|17:51 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\WINDOWS\iun6002.exe -----------\\ Extensions (SAM) - {71328583-3CA7-4809-B4BA-570A85818FBB} => cacheviewer (SAM) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.neufportail.fr/" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie"'>http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.google.com/ie" "Start Page"="http://www.msn.de/" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" --------------------\\ Recherche d'autres infections --------------------\\ ROOTKIT !! Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\tdssserv] Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\tdssserv] Rootkit Tibs ! .. [HKLM\..\ControlSet003\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\ControlSet003\Enum\Root\tdssserv] Trojan ! .. C:\WINDOWS\system32\drivers\tdssserv.sys Trojan ! .. C:\WINDOWS\system32\tdssservers.dat Trojan ! .. C:\WINDOWS\system32\tdssserf.dll Trojan ! .. C:\WINDOWS\system32\tdssmain.dll Trojan ! .. C:\WINDOWS\system32\tdssinit.dll Trojan ! .. C:\WINDOWS\system32\tdssadw.dll Trojan ! .. C:\WINDOWS\system32\tdsslog.dll Trojan ! .. C:\WINDOWS\system32\tdssl.dll --------------------\\ Cracks & Keygens .. C:\DOCUME~1\SAM\Bureau\Raccourcis Bureau non utilis‚s\MyTheatre[1].v3.25.1.Keygen.ZIP C:\DOCUME~1\SAM\Mes documents\Incoming\programmes_jeux\eJay dj Mix Station 2 - full multilingual version + Crack - by pollopocket.ace C:\DOCUME~1\SAM\Mes documents\Incoming\programmes_jeux\WinISO 5 3 + crack.exe C:\DOCUME~1\SAM\Mes documents\pes5\Crack C:\DOCUME~1\SAM\Mes documents\pes5\Crack\PES5.exe 1 - "C:\ToolBar SD\TB_1.txt" - 12/10/2008|17:53 - Option : [1] -----------\\ Fin du rapport a 17:53:53,89

Re je te donne les résultats: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:14:18, on 12/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Alwil Software\Avast4\setup\avast.setup C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\PowerArchiver\PASTARTER.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\Program Files\Orange\Logiciel de Synchronisation Orange\SyncManager.exe C:\Program Files\Fichiers communs\Sony Shared\GMR\GMRMan.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAutoUpdate.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Documents and Settings\SAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\WinRAR\WinRAR.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.de/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;localhost;club-internet.fr;*.club-internet.fr;grolier.fr;*.grolier.fr;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun O4 - HKLM\..\Run: [i downloaded pirated Software from P2P and now I post my Hijack log whining] C:\WINDOWS\system32\Pro Evolution Soccer 5 crack.exe O4 - HKLM\..\Run: [system service65] C:\WINDOWS\etb\pokapoka65.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LanceurEasyBox] "C:\Program Files\Easybox\EasyBox.exe" -AutoStart O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\SAM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe O4 - Global Startup: DSLMON.lnk = ? O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Pinnacle Scheduler.lnk = ? O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: EasyBoxApache - Unknown owner - C:\Program Files\Easybox\Apache\Apache.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\SAM\LOCALS~1\Temp\hpdj.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O24 - Desktop Component 1: Aqua Real - 7db39a0d-580f-4be9-9195-8bfcd226f6c2 -- End of file - 12209 bytes Temps écoulé: 32 minute(s), 44 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\ -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\ -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\ (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\ (Trojan.Agent) -> Quarantined and deleted successfully.

Salut, merci de ton aide Désolé 2 tentatives infructueuses en passant par le mode sans échec...

Désolé j'ai été interrompu, j'ai essayé ce que tu m'as dit. Le mode sans échec ne propose que xp à lancer, je le lance et à aucun moment je ne peux intervenir avant le lancement effectif...

Oki merci j'ai pas mal bidouillé seul désolé... Scan saved at 19:55:36, on 11/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Sygate\SPF\smc.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\PowerArchiver\PASTARTER.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe C:\Program Files\Fichiers communs\Sony Shared\GMR\GMRMan.exe C:\Program Files\Orange\Logiciel de Synchronisation Orange\SyncManager.exe C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAutoUpdate.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.de/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;localhost;club-internet.fr;*.club-internet.fr;grolier.fr;*.grolier.fr;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun O4 - HKLM\..\Run: [shell32] C:\WINDOWS\system32\wuauclt10.exe O4 - HKLM\..\Run: [Client Server Runtime Process] C:\WINDOWS\system32\smmss.exe O4 - HKLM\..\Run: [Windows update] C:\WINDOWS\system32\wudupdate.exe O4 - HKLM\..\Run: [i downloaded pirated Software from P2P and now I post my Hijack log whining] C:\WINDOWS\system32\Pro Evolution Soccer 5 crack.exe O4 - HKLM\..\Run: [system service65] C:\WINDOWS\etb\pokapoka65.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LanceurEasyBox] "C:\Program Files\Easybox\EasyBox.exe" -AutoStart O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe O4 - Global Startup: DSLMON.lnk = ? O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Pinnacle Scheduler.lnk = ? O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: EasyBoxApache - Unknown owner - C:\Program Files\Easybox\Apache\Apache.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\SAM\LOCALS~1\Temp\hpdj.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O24 - Desktop Component 1: Aqua Real - 7db39a0d-580f-4be9-9195-8bfcd226f6c2 -- End of file - 12412 bytes

[RESOLU] En parcourant vos forums, je retrouve beaucoup de symptomes de mon Pc, j'ai téléchargé Hijackthis et fais un scan...