danterules

Le scan avptool est terminé , malheureusement j'ai du le stopper à 99% car il a buté sur un truc et je pouvais pas le ''skipper''.Ca m'a détecté que deux trucs et mon trojan est toujours détecté par antivir :/ Le rapport du scan est trop long donc je peux pas le poster, je mets le début : Scan ---- Scanned: 1139572 Detected: 2 Untreated: 0 Start time: 06/12/2008 19:36:30 Duration: 1 days 04:16:26 Finish time: 07/12/2008 23:52:56 Detected -------- Status Object ------ ------ deleted: virus Worm.Win32.AutoRun.tet File: C:\WINDOWS\system32\csrsc.exe deleted: virus Worm.Win32.AutoRun.tet File: C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UBSHSTWV\t[1].txt Que dois-je faire ???

oups trop tard :/

windows xp sp1 pro rapport combofix : ComboFix 08-12-04.04 - Dante 2008-12-04 21:43:54.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.1.1252.1.1036.18.635 [GMT 1:00] Lancé depuis: c:\documents and settings\Dante\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\Dante\Bureau\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\csrsc.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_WINSPOOLSVC -------\Service_WinSpoolSvc ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-04 au 2008-12-04 )))))))))))))))))))))))))))))))))))) . 2008-12-03 23:30 . 2007-09-05 23:22 289,144 --a------ c:\windows\system32\VCCLSID.exe 2008-12-03 23:30 . 2006-04-27 16:49 288,417 --a------ c:\windows\system32\SrchSTS.exe 2008-12-03 23:30 . 2008-10-01 14:51 87,552 --a------ c:\windows\system32\VACFix.exe 2008-12-03 23:30 . 2008-11-29 17:58 82,944 --a------ c:\windows\system32\o4Patch.exe 2008-12-03 23:30 . 2008-05-18 20:40 82,944 --a------ c:\windows\system32\IEDFix.exe 2008-12-03 23:30 . 2008-11-29 17:58 82,944 --a------ c:\windows\system32\IEDFix.C.exe 2008-12-03 23:30 . 2008-08-18 11:19 82,432 --a------ c:\windows\system32\404Fix.exe 2008-12-03 23:30 . 2003-06-05 20:13 53,248 --a------ c:\windows\system32\Process.exe 2008-12-03 23:30 . 2004-07-31 17:50 51,200 --a------ c:\windows\system32\dumphive.exe 2008-12-03 23:30 . 2007-10-03 23:36 25,600 --a------ c:\windows\system32\WS2Fix.exe 2008-12-03 23:30 . 2008-12-04 01:27 3,232 --a------ c:\windows\system32\tmp.reg 2008-12-03 23:27 . 2008-12-04 01:18 <REP> d----c--- C:\ToolBar SD 2008-12-03 21:43 . 2008-12-03 21:43 <REP> d-------- c:\documents and settings\Dante\Application Data\Grisoft 2008-12-03 21:41 . 2008-12-03 21:41 <REP> d-------- c:\documents and settings\All Users\Application Data\Grisoft 2008-12-03 21:41 . 2007-05-30 13:10 10,872 --a------ c:\windows\system32\drivers\AvgAsCln.sys 2008-12-02 22:46 . 2008-12-02 22:46 <REP> d-------- c:\program files\Avira 2008-12-02 22:46 . 2008-12-02 22:46 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira 2008-12-02 22:03 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuapi.dll.mui 2008-12-02 21:50 . 2008-10-16 14:09 35,864 --a------ c:\windows\system32\wucltui.dll.mui 2008-12-02 21:50 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuaucpl.cpl.mui 2008-12-02 21:50 . 2008-10-16 14:07 19,992 --a------ c:\windows\system32\wuaueng.dll.mui 2008-12-02 01:05 . 2008-12-02 01:07 <REP> d-------- c:\documents and settings\Administrateur.DANTE-28Q9BHG9R.001\Application Data\Spyware Terminator 2008-12-02 01:05 . 2008-12-02 01:05 <REP> d-------- c:\documents and settings\Administrateur.DANTE-28Q9BHG9R.001\Application Data\Malwarebytes 2008-11-29 20:01 . 2008-11-29 20:01 <REP> d--h----- c:\windows\system32\GroupPolicy 2008-11-29 19:21 . 2008-11-29 19:21 <REP> d-------- c:\documents and settings\All Users\Application Data\ESET 2008-11-29 15:42 . 2008-12-04 20:00 <REP> d-------- c:\program files\Panda Security 2008-11-29 12:14 . 2008-11-29 12:14 <REP> d-------- c:\program files\Trend Micro 2008-11-28 19:48 . 2008-11-28 19:48 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-11-28 19:48 . 2008-11-28 19:48 <REP> d-------- c:\documents and settings\Dante\Application Data\Malwarebytes 2008-11-28 19:48 . 2008-11-28 19:48 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-11-28 19:48 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-11-28 19:48 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-11-26 02:26 . 2008-11-26 02:28 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2008-11-26 02:25 . 2008-11-26 02:25 <REP> d-------- c:\program files\Fichiers communs\Wise Installation Wizard 2008-11-22 18:32 . 2008-11-22 18:32 <REP> d-------- c:\program files\TeaTimer (Spybot - Search & Destroy) 2008-11-22 18:32 . 2008-11-22 18:32 <REP> d-------- c:\program files\SDHelper (Spybot - Search & Destroy) 2008-11-22 18:32 . 2008-11-22 18:32 <REP> d-------- c:\program files\Misc. Support Library (Spybot - Search & Destroy) 2008-11-22 18:32 . 2008-11-22 18:32 <REP> d-------- c:\program files\File Scanner Library (Spybot - Search & Destroy) . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-04 20:51 --------- d-----w c:\program files\DNA 2008-12-04 20:51 --------- d-----w c:\documents and settings\Dante\Application Data\DNA 2008-12-03 20:22 --------- d-----w c:\program files\MSN Messenger 2008-12-02 20:22 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-11-29 21:47 --------- d-----w c:\program files\Navilog1 2008-11-29 00:27 135,168 ----a-w c:\windows\system32\sfc_os.dll 2008-11-26 01:27 --------- d-----w c:\program files\Lavasoft 2008-11-26 01:27 --------- d-----w c:\documents and settings\Dante\Application Data\Lavasoft 2008-11-25 20:14 --------- d-----w c:\documents and settings\Dante\Application Data\uTorrent 2008-11-17 23:38 --------- d-----w c:\documents and settings\Dante\Application Data\BitTorrent 2008-10-28 21:59 --------- d-----w c:\program files\BitTorrent 2008-10-28 12:09 --------- d-----w c:\program files\Messenger Plus! Live 2008-10-21 22:06 --------- d-----w c:\program files\OpenOffice.org1.1.5 2008-10-21 22:03 --------- d-----w c:\program files\Fichiers communs\Adobe 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 -c--a-w c:\windows\system32\wups.dll 2008-10-14 20:59 --------- d-----w c:\documents and settings\Dante\Application Data\OpenOffice.org 2008-10-14 20:51 --------- d-----w c:\program files\JRE 2008-10-14 20:50 --------- d-----w c:\program files\OpenOffice.org 3 2008-10-14 20:49 --------- d-----w c:\program files\Java 2008-10-10 16:25 --------- d-----w c:\documents and settings\Dante\Application Data\AdobeUM 2004-12-17 02:59 76 ---ha-w c:\program files\Desktop.ini 2004-07-22 09:51 3,432,656 -c--a-w c:\program files\ManagedDX.CAB 2004-07-19 21:58 1,156,363 -c--a-w c:\program files\BDANT.cab 2004-07-19 21:53 976,020 -c--a-w c:\program files\BDAXP.cab 2004-07-16 13:30 3,858 -c--a-w c:\program files\directx redist.txt 2004-07-09 13:17 13,265,040 -c--a-w c:\program files\dxnt.cab 2004-07-09 08:13 703,080 -c--a-w c:\program files\BDA.cab 2004-07-09 08:13 15,493,481 -c--a-w c:\program files\DirectX.cab 2004-07-09 03:08 472,576 -c--a-w c:\program files\dxsetup.exe 2004-07-09 03:08 2,242,560 -c--a-w c:\program files\dsetup32.dll 2004-07-09 02:03 62,976 -c--a-w c:\program files\DSETUP.dll . ((((((((((((((((((((((((((((( snapshot@2008-12-04_19.16.09.14 ))))))))))))))))))))))))))))))))))))))))) . - 2008-12-04 18:04:54 16,384 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat + 2008-12-04 20:01:12 16,384 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat - 2008-12-04 18:04:54 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2008-12-04 20:01:12 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - 2008-12-04 18:04:54 589,824 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-12-04 20:01:12 589,824 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2008-12-04 17:15:23 262,144 ----a-w c:\windows\system32\config\systemprofile\ntuser.dat + 2008-12-04 20:42:51 262,144 ----a-w c:\windows\system32\config\systemprofile\ntuser.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400] "msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2008-02-26 5674352] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-11-12 342336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPDJ Taskbar Utility"="c:\windows\System32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-12-05 176128] "HPHUPD05"="c:\program files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\hphupd05.exe" [2003-11-12 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2003-12-05 49152] "HPHmon05"="c:\windows\System32\hphmon05.exe" [2004-02-02 495616] "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2004-10-29 4620288] "NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2004-10-29 86016] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-30 344064] "RedLine Taskbar"="c:\program files\RedLine\Taskbar.exe" [2003-02-09 22528] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2004-12-21 32768] "DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920] "Omnipage"="c:\program files\ScanSoft\OmniPageSE\opware32.exe" [2002-02-20 49152] "dscService"="c:\windows\System32\USBPlug.exe" [2005-03-01 278528] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 528384] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312] "SoundMan"="SOUNDMAN.EXE" [2004-01-08 c:\windows\SOUNDMAN.EXE] "nwiz"="nwiz.exe" [2004-10-29 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2002-09-07 13312] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2004-12-21 32768] c:\documents and settings\Dante\Menu D‚marrer\Programmes\D‚marrage\ HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-10-14 299008] OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000] PowerReg Scheduler.exe [2007-02-16 233472] Stardock ObjectDock.lnk - c:\documents and settings\Dante\Mes documents\Longhorn Inspirat\ObjectDock\ObjectDock.exe [2005-02-21 1826885] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-04-15 113664] ATI CATALYST System Tray.lnk - c:\program files\ATI Technologies\ATI.ACE\CLI.exe [2004-12-21 32768] Dataviz Messenger.lnk - c:\windows\DvzCommon\DvzMsgr.exe [2003-07-01 24576] gameutil.exe.lnk - c:\program files\redline\gameutil.exe [2003-07-10 26624] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{54697F09-BAF4-422E-8E7A-A563B020B1A5}"= "c:\idrive for ibackup\IBShellView.dll" [2006-08-22 393216] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.VQC7"= P0230bde.dll "vidc.xvid"= xvid.dll "vidc.VP40"= vp4vfw.dll "vidc.VP50"= vp5vfw.dll "vidc.ffds"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"="0x00000000" "AntiVirusDisableNotify"="0x00000000" "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= R0 avgntmgr;avgntmgr;c:\windows\System32\DRIVERS\avgntmgr.sys [2008-12-02 22336] R1 avgntdd;avgntdd;c:\windows\System32\DRIVERS\avgntdd.sys [2008-12-02 45376] R2 IBFs;IBackup File System Driver;\??\c:\idrive for ibackup\IBfs.sys [2006-08-22 36548] R2 WinSpoolSvc;Windows Spool Services;"c:\windows\system32\csrsc.exe" [2008-12-04 32256] R3 Probe;Probe;c:\windows\System32\DRIVERS\probe.sys [2004-01-12 6265] S3 AvFlt;Antivirus Filter Driver; [] S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\System32\DRIVERS\fbxusb32.sys [2004-12-03 21344] S3 IBNP;IBackup Network Provider; [] S3 P0230bBK;Creative PC-CAM 750 (Still Image);c:\windows\System32\DRIVERS\P0230bbk.sys [2004-11-25 28378] S3 P0230bVD;Creative PC-CAM 750 (Video);c:\windows\System32\DRIVERS\P0230bvd.sys [2004-11-25 463160] S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\System32\DRIVERS\s716bus.sys [2008-04-21 83208] S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\System32\DRIVERS\s716mdfl.sys [2008-04-21 15112] S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\System32\DRIVERS\s716mdm.sys [2008-04-21 108552] S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);c:\windows\System32\DRIVERS\s716mgmt.sys [2008-04-21 100360] S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);c:\windows\System32\DRIVERS\s716nd5.sys [2008-04-21 23176] S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;c:\windows\System32\DRIVERS\s716obex.sys [2008-04-21 98568] S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);c:\windows\System32\DRIVERS\s716unic.sys [2008-04-21 98952] S4 Aspfs0lsa;Aspfs0lsa; [] *Newly Created Service* - WINSPOOLSVC . Contenu du dossier 'Tâches planifiées' 2008-12-04 c:\windows\Tasks\HP Usg Daily.job - c:\program files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\pexpress\hphped05.exe [2004-01-07 06:05] 2008-11-28 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2006\SystemOptimizer.exe [2005-09-01 19:04] 2008-12-04 c:\windows\Tasks\Symantec NetDetect.job - c:\program files\Symantec\LiveUpdate\NDETECT.EXE [] . . ------- Examen supplémentaire ------- . mWindow Title = uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = localhost LSP: xfire_lsp_10650.dll O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd FireFox -: Profile - c:\documents and settings\Dante\Application Data\Mozilla\Firefox\Profiles\1vhvyazk.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.asmfoot.org/ FF -: plugin - c:\program files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll FF -: plugin - c:\program files\DivX\DivX Content Uploader\npUpload.dll FF -: plugin - c:\program files\DNA\plugins\npbtdna.dll FF -: plugin - c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF -: plugin - c:\program files\Mozilla Firefox\plugins\npmozax.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-04 21:50:15 Windows 5.1.2600 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(776) c:\windows\system32\MSGINA.dll c:\windows\system32\ODBC32.dll c:\windows\system32\Ati2evxx.dll - - - - - - - > 'lsass.exe'(832) c:\windows\system32\xfire_lsp_10650.dll c:\windows\System32\dssenh.dll - - - - - - - > 'explorer.exe'(3700) c:\documents and settings\Dante\Mes documents\Longhorn Inspirat\ObjectDock\DockShellHook.dll c:\program files\ScanSoft\OmniPageSE\ophook32.dll c:\program files\redline\GameUtil.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\program files\Lavasoft\Ad-Aware\aawservice.exe c:\windows\system32\ati2evxx.exe c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\windows\system32\CTSVCCDA.EXE c:\windows\system32\wdfmgr.exe c:\program files\OpenOffice.org 3\program\soffice.exe c:\program files\Fichiers communs\Teleca Shared\Generic.exe c:\program files\OpenOffice.org 3\program\soffice.bin c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe c:\program files\MSN Messenger\usnsvc.exe c:\program files\Avira\AntiVir PersonalEdition Classic\guardgui.exe . ************************************************************************** . Heure de fin: 2008-12-04 22:02:28 - La machine a redémarré ComboFix-quarantined-files.txt 2008-12-04 21:02:21 ComboFix2.txt 2008-12-04 18:17:43 Avant-CF: 1 419 350 016 octets libres Après-CF: 1,419,759,616 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel (bootscreen)" /fastdetect /KERNEL=kernel1.exe multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect 267

j'ai désintsallé Xfire dont je me sers plus et spyware terminator , la crawler toolbar en fait partie ? Sinon mon pc a moins d'alertes virus d'antivir et me parait plus rapide. edit : ma corbeille remarche après redémarrage.

J'ai viré Panda mais je n'ai plus Norton depuis au moins 2 ans.J'ai tenté d'éliminer Everest Poker en le supprimant dans Program Files mais quand je clique sur la corbeille aucun fichier n'apparait dedans, j'ai essayé avec un autre fichier, il n'y apparait pas non plus. mon Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:05:09, on 04/12/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\RedLine\Taskbar.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\WINDOWS\System32\USBPlug.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\DNA\btdna.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\WINDOWS\DvzCommon\DvzMsgr.exe C:\Program Files\redline\gameutil.exe C:\Program Files\Palm\HOTSYNC.EXE C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Documents and Settings\Dante\Mes documents\Longhorn Inspirat\ObjectDock\ObjectDock.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\hphupd05.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [RedLine Taskbar] C:\Program Files\RedLine\Taskbar.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [dscService] C:\WINDOWS\System32\USBPlug.exe O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Startup: PowerReg Scheduler.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Documents and Settings\Dante\Mes documents\Longhorn Inspirat\ObjectDock\ObjectDock.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe O4 - Global Startup: gameutil.exe.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1228251767359 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1228251174656 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://stoogetv.com/SOPCORE.CAB O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe -- End of file - 10482 bytes

voici le rapport combofix : ComboFix 08-12-03.04 - Dante 2008-12-04 18:59:07.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.1.1252.1.1036.18.655 [GMT 1:00] Lancé depuis: c:\documents and settings\Dante\Bureau\ComboFix.exe AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\i c:\windows\system32\open.ico . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_WINSPOOLSVC -------\Service_WinSpoolSvc ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-04 au 2008-12-04 )))))))))))))))))))))))))))))))))))) . 2008-12-03 23:30 . 2007-09-05 23:22 289,144 --a------ c:\windows\system32\VCCLSID.exe 2008-12-03 23:30 . 2006-04-27 16:49 288,417 --a------ c:\windows\system32\SrchSTS.exe 2008-12-03 23:30 . 2008-10-01 14:51 87,552 --a------ c:\windows\system32\VACFix.exe 2008-12-03 23:30 . 2008-11-29 17:58 82,944 --a------ c:\windows\system32\o4Patch.exe 2008-12-03 23:30 . 2008-05-18 20:40 82,944 --a------ c:\windows\system32\IEDFix.exe 2008-12-03 23:30 . 2008-11-29 17:58 82,944 --a------ c:\windows\system32\IEDFix.C.exe 2008-12-03 23:30 . 2008-08-18 11:19 82,432 --a------ c:\windows\system32\404Fix.exe 2008-12-03 23:30 . 2003-06-05 20:13 53,248 --a------ c:\windows\system32\Process.exe 2008-12-03 23:30 . 2004-07-31 17:50 51,200 --a------ c:\windows\system32\dumphive.exe 2008-12-03 23:30 . 2007-10-03 23:36 25,600 --a------ c:\windows\system32\WS2Fix.exe 2008-12-03 23:30 . 2008-12-04 01:27 3,232 --a------ c:\windows\system32\tmp.reg 2008-12-03 23:27 . 2008-12-04 01:18 <REP> d----c--- C:\ToolBar SD 2008-12-03 21:43 . 2008-12-03 21:43 <REP> d-------- c:\documents and settings\Dante\Application Data\Grisoft 2008-12-03 21:41 . 2008-12-03 21:41 <REP> d-------- c:\documents and settings\All Users\Application Data\Grisoft 2008-12-03 21:41 . 2007-05-30 13:10 10,872 --a------ c:\windows\system32\drivers\AvgAsCln.sys 2008-12-02 22:46 . 2008-12-02 22:46 <REP> d-------- c:\program files\Avira 2008-12-02 22:46 . 2008-12-02 22:46 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira 2008-12-02 22:15 . 2008-06-19 17:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys 2008-12-02 22:03 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuapi.dll.mui 2008-12-02 21:50 . 2008-10-16 14:09 35,864 --a------ c:\windows\system32\wucltui.dll.mui 2008-12-02 21:50 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuaucpl.cpl.mui 2008-12-02 21:50 . 2008-10-16 14:07 19,992 --a------ c:\windows\system32\wuaueng.dll.mui 2008-12-02 01:05 . 2008-12-02 01:07 <REP> d-------- c:\documents and settings\Administrateur.DANTE-28Q9BHG9R.001\Application Data\Spyware Terminator 2008-12-02 01:05 . 2008-12-02 01:05 <REP> d-------- c:\documents and settings\Administrateur.DANTE-28Q9BHG9R.001\Application Data\Malwarebytes 2008-11-29 20:01 . 2008-11-29 20:01 <REP> d--h----- c:\windows\system32\GroupPolicy 2008-11-29 19:21 . 2008-11-29 19:21 <REP> d-------- c:\documents and settings\All Users\Application Data\ESET 2008-11-29 19:10 . 2008-12-02 21:41 <REP> d-------- c:\program files\Spyware Terminator 2008-11-29 19:10 . 2008-12-02 21:35 <REP> d-------- c:\documents and settings\Dante\Application Data\Spyware Terminator 2008-11-29 19:10 . 2008-12-02 21:41 <REP> d-------- c:\documents and settings\All Users\Application Data\Spyware Terminator 2008-11-29 19:10 . 2008-11-29 19:10 142,592 --a------ c:\windows\system32\drivers\sp_rsdrv2.sys 2008-11-29 15:42 . 2008-11-29 15:42 <REP> d-------- c:\program files\Panda Security 2008-11-29 12:14 . 2008-11-29 12:14 <REP> d-------- c:\program files\Trend Micro 2008-11-28 19:48 . 2008-11-28 19:48 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-11-28 19:48 . 2008-11-28 19:48 <REP> d-------- c:\documents and settings\Dante\Application Data\Malwarebytes 2008-11-28 19:48 . 2008-11-28 19:48 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-11-28 19:48 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-11-28 19:48 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-11-26 02:26 . 2008-11-26 02:28 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2008-11-26 02:25 . 2008-11-26 02:25 <REP> d-------- c:\program files\Fichiers communs\Wise Installation Wizard 2008-11-22 18:32 . 2008-11-22 18:32 <REP> d-------- c:\program files\TeaTimer (Spybot - Search & Destroy) 2008-11-22 18:32 . 2008-11-22 18:32 <REP> d-------- c:\program files\SDHelper (Spybot - Search & Destroy) 2008-11-22 18:32 . 2008-11-22 18:32 <REP> d-------- c:\program files\Misc. Support Library (Spybot - Search & Destroy) 2008-11-22 18:32 . 2008-11-22 18:32 <REP> d-------- c:\program files\File Scanner Library (Spybot - Search & Destroy) . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-04 18:05 --------- d-----w c:\program files\DNA 2008-12-04 18:05 --------- d-----w c:\documents and settings\Dante\Application Data\DNA 2008-12-03 20:22 --------- d-----w c:\program files\MSN Messenger 2008-12-02 20:22 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-11-29 21:47 --------- d-----w c:\program files\Navilog1 2008-11-29 00:27 135,168 ----a-w c:\windows\system32\sfc_os.dll 2008-11-26 01:51 --------- d-----w c:\program files\Everest Poker 2008-11-26 01:27 --------- d-----w c:\program files\Lavasoft 2008-11-26 01:27 --------- d-----w c:\documents and settings\Dante\Application Data\Lavasoft 2008-11-25 20:14 --------- d-----w c:\documents and settings\Dante\Application Data\uTorrent 2008-11-17 23:38 --------- d-----w c:\documents and settings\Dante\Application Data\BitTorrent 2008-10-28 21:59 --------- d-----w c:\program files\BitTorrent 2008-10-28 12:09 --------- d-----w c:\program files\Messenger Plus! Live 2008-10-21 22:06 --------- d-----w c:\program files\OpenOffice.org1.1.5 2008-10-21 22:03 --------- d-----w c:\program files\Fichiers communs\Adobe 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 -c--a-w c:\windows\system32\wups.dll 2008-10-14 20:59 --------- d-----w c:\documents and settings\Dante\Application Data\OpenOffice.org 2008-10-14 20:51 --------- d-----w c:\program files\JRE 2008-10-14 20:50 --------- d-----w c:\program files\OpenOffice.org 3 2008-10-14 20:49 --------- d-----w c:\program files\Java 2008-10-10 16:25 --------- d-----w c:\documents and settings\Dante\Application Data\AdobeUM 2004-12-17 02:59 76 ---ha-w c:\program files\Desktop.ini 2004-07-22 09:51 3,432,656 -c--a-w c:\program files\ManagedDX.CAB 2004-07-19 21:58 1,156,363 -c--a-w c:\program files\BDANT.cab 2004-07-19 21:53 976,020 -c--a-w c:\program files\BDAXP.cab 2004-07-16 13:30 3,858 -c--a-w c:\program files\directx redist.txt 2004-07-09 13:17 13,265,040 -c--a-w c:\program files\dxnt.cab 2004-07-09 08:13 703,080 -c--a-w c:\program files\BDA.cab 2004-07-09 08:13 15,493,481 -c--a-w c:\program files\DirectX.cab 2004-07-09 03:08 472,576 -c--a-w c:\program files\dxsetup.exe 2004-07-09 03:08 2,242,560 -c--a-w c:\program files\dsetup32.dll 2004-07-09 02:03 62,976 -c--a-w c:\program files\DSETUP.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400] "msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2008-02-26 5674352] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-11-12 342336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPDJ Taskbar Utility"="c:\windows\System32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-12-05 176128] "HPHUPD05"="c:\program files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\hphupd05.exe" [2003-11-12 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2003-12-05 49152] "HPHmon05"="c:\windows\System32\hphmon05.exe" [2004-02-02 495616] "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2004-10-29 4620288] "NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2004-10-29 86016] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-30 344064] "RedLine Taskbar"="c:\program files\RedLine\Taskbar.exe" [2003-02-09 22528] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2004-12-21 32768] "DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920] "Omnipage"="c:\program files\ScanSoft\OmniPageSE\opware32.exe" [2002-02-20 49152] "dscService"="c:\windows\System32\USBPlug.exe" [2005-03-01 278528] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 528384] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312] "SoundMan"="SOUNDMAN.EXE" [2004-01-08 c:\windows\SOUNDMAN.EXE] "nwiz"="nwiz.exe" [2004-10-29 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2002-09-07 13312] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2004-12-21 32768] c:\documents and settings\Dante\Menu D‚marrer\Programmes\D‚marrage\ HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-10-14 299008] OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000] PowerReg Scheduler.exe [2007-02-16 233472] Stardock ObjectDock.lnk - c:\documents and settings\Dante\Mes documents\Longhorn Inspirat\ObjectDock\ObjectDock.exe [2005-02-21 1826885] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-04-15 113664] ATI CATALYST System Tray.lnk - c:\program files\ATI Technologies\ATI.ACE\CLI.exe [2004-12-21 32768] Dataviz Messenger.lnk - c:\windows\DvzCommon\DvzMsgr.exe [2003-07-01 24576] gameutil.exe.lnk - c:\program files\redline\gameutil.exe [2003-07-10 26624] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{54697F09-BAF4-422E-8E7A-A563B020B1A5}"= "c:\idrive for ibackup\IBShellView.dll" [2006-08-22 393216] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.VQC7"= P0230bde.dll "vidc.xvid"= xvid.dll "vidc.VP40"= vp4vfw.dll "vidc.VP50"= vp5vfw.dll "vidc.ffds"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"="0x00000000" "AntiVirusDisableNotify"="0x00000000" "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= R0 avgntmgr;avgntmgr;c:\windows\System32\DRIVERS\avgntmgr.sys [2008-12-02 22336] R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [2008-12-02 28544] R1 avgntdd;avgntdd;c:\windows\System32\DRIVERS\avgntdd.sys [2008-12-02 45376] R2 IBFs;IBackup File System Driver;\??\c:\idrive for ibackup\IBfs.sys [2006-08-22 36548] R3 Probe;Probe;c:\windows\System32\DRIVERS\probe.sys [2004-01-12 6265] S3 AvFlt;Antivirus Filter Driver; [] S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\System32\DRIVERS\fbxusb32.sys [2004-12-03 21344] S3 IBNP;IBackup Network Provider; [] S3 P0230bBK;Creative PC-CAM 750 (Still Image);c:\windows\System32\DRIVERS\P0230bbk.sys [2004-11-25 28378] S3 P0230bVD;Creative PC-CAM 750 (Video);c:\windows\System32\DRIVERS\P0230bvd.sys [2004-11-25 463160] S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\System32\DRIVERS\s716bus.sys [2008-04-21 83208] S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\System32\DRIVERS\s716mdfl.sys [2008-04-21 15112] S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\System32\DRIVERS\s716mdm.sys [2008-04-21 108552] S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);c:\windows\System32\DRIVERS\s716mgmt.sys [2008-04-21 100360] S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);c:\windows\System32\DRIVERS\s716nd5.sys [2008-04-21 23176] S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;c:\windows\System32\DRIVERS\s716obex.sys [2008-04-21 98568] S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);c:\windows\System32\DRIVERS\s716unic.sys [2008-04-21 98952] S4 Aspfs0lsa;Aspfs0lsa; [] . Contenu du dossier 'Tâches planifiées' 2008-12-04 c:\windows\Tasks\HP Usg Daily.job - c:\program files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\pexpress\hphped05.exe [2004-01-07 06:05] 2008-11-28 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2006\SystemOptimizer.exe [2005-09-01 19:04] 2008-12-04 c:\windows\Tasks\Symantec NetDetect.job - c:\program files\Symantec\LiveUpdate\NDETECT.EXE [] . - - - - ORPHELINS SUPPRIMES - - - - HKU-Default-Run-ALUAlert - c:\program files\Symantec\LiveUpdate\ALUNotify.exe . ------- Examen supplémentaire ------- . mWindow Title = uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = localhost LSP: xfire_lsp_10650.dll O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd FireFox -: Profile - c:\documents and settings\Dante\Application Data\Mozilla\Firefox\Profiles\1vhvyazk.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.asmfoot.org/ FF -: plugin - c:\program files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll FF -: plugin - c:\program files\DivX\DivX Content Uploader\npUpload.dll FF -: plugin - c:\program files\DNA\plugins\npbtdna.dll FF -: plugin - c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF -: plugin - c:\program files\Mozilla Firefox\plugins\npmozax.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-04 19:05:20 Windows 5.1.2600 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(776) c:\windows\system32\MSGINA.dll c:\windows\system32\ODBC32.dll c:\windows\system32\Ati2evxx.dll - - - - - - - > 'lsass.exe'(832) c:\windows\system32\xfire_lsp_10650.dll c:\windows\System32\dssenh.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\program files\Lavasoft\Ad-Aware\aawservice.exe c:\windows\system32\ati2evxx.exe c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\windows\system32\CTSVCCDA.EXE c:\program files\Spyware Terminator\sp_rsser.exe c:\windows\system32\wdfmgr.exe c:\program files\OpenOffice.org 3\program\soffice.exe c:\program files\OpenOffice.org 3\program\soffice.bin c:\program files\Fichiers communs\Teleca Shared\Generic.exe c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe c:\program files\MSN Messenger\usnsvc.exe . ************************************************************************** . Heure de fin: 2008-12-04 19:17:40 - La machine a redémarré [Dante] ComboFix-quarantined-files.txt 2008-12-04 18:17:29 Avant-CF: 1,535,307,776 octets libres Après-CF: 1,517,379,584 octets libres 250

il restait bloqué à "winxpsp1_fr_pro_bf.exe : ......." donc j'ai relancé et réessayé d'installer la console mais sans succès, j'ai mis "Non" à la troisième tentative et cela semble fonctionner pour la désinfection, il a redémarré et il prépare son rapport.

est-ce normal que cela mette longtemps ? cela fait plus d'une une demi heure qu'il est à "winxpsp1_fr_pro_bf.exe : ......." PS : je réponds d'un autre ordi.

oups j'avais pas vu : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:54:41, on 04/12/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\hphmon05.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\HPZipm12.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\RedLine\Taskbar.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\WINDOWS\System32\USBPlug.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\DNA\btdna.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\WINDOWS\DvzCommon\DvzMsgr.exe C:\Program Files\redline\gameutil.exe C:\Program Files\Palm\HOTSYNC.EXE C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Documents and Settings\Dante\Mes documents\Longhorn Inspirat\ObjectDock\ObjectDock.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\hphupd05.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [RedLine Taskbar] C:\Program Files\RedLine\Taskbar.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [dscService] C:\WINDOWS\System32\USBPlug.exe O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Startup: PowerReg Scheduler.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Documents and Settings\Dante\Mes documents\Longhorn Inspirat\ObjectDock\ObjectDock.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe O4 - Global Startup: gameutil.exe.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/fra_pao_med.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1228251767359 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1228251174656 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://stoogetv.com/SOPCORE.CAB O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/default.cab?uid=9&...id=34574&1s O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/html - {C5FA482C-49E9-47C1-BD45-EC19E9FAD835} - (no file) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe O23 - Service: Windows Spool Services (WinSpoolSvc) - Unknown owner - C:\WINDOWS\system32\csrsc.exe (file missing) -- End of file - 10950 bytes

Re bonjour, j'ai fait le scan Malware mais malheureusement la première fois mon ordi a planté lors du redémarrage demandé par Malware, voici le rapport : Malwarebytes' Anti-Malware 1.30 Version de la base de données: 1455 Windows 5.1.2600 Service Pack 1 04/12/2008 08:39:44 mbam-log-2008-12-04 (08-39-44).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 135794 Temps écoulé: 2 hour(s), 56 minute(s), 30 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\winspoolsvc (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\winspoolsvc (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winspoolsvc (Trojan.Agent) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\csrsc.exe (Trojan.Agent) -> Delete on reboot. j'ai donc refait un scan avec un redémarrage ensuite, qui lui n'a pas planté mais a duré très longtemps ( + de 8 heures), freiné par antivir, il me semble à cause des alertes virus : Malwarebytes' Anti-Malware 1.30 Version de la base de données: 1455 Windows 5.1.2600 Service Pack 1 04/12/2008 17:19:16 mbam-log-2008-12-04 (17-19-16).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 135400 Temps écoulé: 8 hour(s), 6 minute(s), 59 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\csrsc.exe (Trojan.Agent) -> Delete on reboot.

Ok je ferai gaffe avec les cracks.Voici les 2 rapports : rapport Tool : -----------\\ ToolBar S&D 1.2.5 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 1 X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.20GHz ) BIOS : BIOS Date: 09/07/04 23:47:53 Ver: 08.00.09 USER : Dante ( Administrator ) BOOT : Normal boot A:\ (USB) C:\ (Local Disk) - NTFS - Total:76 Go (Free:1 Go) D:\ (CD or DVD) E:\ (USB) G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) H:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 ) Option : [2] ( 04/12/2008| 1:15 ) -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (Dante) - {0545b830-f0aa-4d7e-8820-50a4629a56fe} => clrtabs (Dante) - {36C13C8F-54F1-412e-8177-2E411719162D} => chrome (Dante) - {4674e8a2-eb7e-4822-b517-b18328b3e8e8} => plastikfox_1.5.1-1 (Dante) - {4674e8a2-eb7e-4822-b517-b18328b3e8e8} => plastikfox_1.5.1 (Dante) - {52709a28-cbed-45c9-94b6-553359d3b46f} => fireworld-0.3-fx (Dante) - {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF} => walnut (Dante) - {720EDA4B-856E-4D8D-906B-A5A0293A7500} => lebreeze (Dante) - {7E77F5DF-8022-40e3-9122-F03DEBEFC43B} => psicotsi (Dante) - {84b24861-62f6-364b-eba5-2e5e2061d7e6} => mediaplayerconnectivity (Dante) - {88cb9cff-ee4a-481e-bb22-ab5c05e04c22} => phoenity-1.4.1-fx (Dante) - {9d1f059c-cada-4111-9696-41a62d64e3ba} => foxtrick (Dante) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus (Dante) - {F44A59FC-F61F-46ab-8FD4-444CED7C412A} => platinum-1.0.1-fx (Dante) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\System32\\blank.htm" "Start Page"="http://www.google.fr/" "Search Bar"="http://www.cttpvhohakevxogfem.com/MapKpghRrEukvNBIO6ZLOVUE2JZmjLf/jIOxB7DWN0yKLjU3puxk1w3THkXrn5A7.asp" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Dante\Mes documents\The-Chronicles-of-Riddick-Crack.rar C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r00 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r01 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r02 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r03 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r04 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r05 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r06 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r07 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r08 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r09 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r10 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.rar C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.sfv C:\DOCUME~1\Dante\Mes documents\Mes fichiers re‡us\Half-Life 2 Crack Nocd Keygen.zip 1 - "C:\ToolBar SD\TB_1.txt" - 03/12/2008|23:29 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 04/12/2008| 1:18 - Option : [2] -----------\\ Fin du rapport a 1:18:42,01 rapport Smit : SmitFraudFix v2.380 Rapport fait à 1:26:12,59, 04/12/2008 Executé à partir de C:\Documents and Settings\Dante\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\config.ini supprimé »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{B76F3DA8-0EDB-4383-A654-7983A2DD9964}: DhcpNameServer=212.27.40.240 212.27.40.241 HKLM\SYSTEM\CCS\Services\Tcpip\..\{DAC8D388-B803-4009-A595-B82172E1E144}: DhcpNameServer=212.27.39.135 212.27.32.5 HKLM\SYSTEM\CCS\Services\Tcpip\..\{DE0CC0EA-7C59-4727-A6DD-8F7126DC3737}: DhcpNameServer=213.228.0.95 213.228.0.96 HKLM\SYSTEM\CS1\Services\Tcpip\..\{B76F3DA8-0EDB-4383-A654-7983A2DD9964}: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS1\Services\Tcpip\..\{DAC8D388-B803-4009-A595-B82172E1E144}: DhcpNameServer=212.27.39.135 212.27.32.5 HKLM\SYSTEM\CS1\Services\Tcpip\..\{DE0CC0EA-7C59-4727-A6DD-8F7126DC3737}: DhcpNameServer=213.228.0.95 213.228.0.96 HKLM\SYSTEM\CS2\Services\Tcpip\..\{B76F3DA8-0EDB-4383-A654-7983A2DD9964}: DhcpNameServer=212.27.40.240 212.27.40.241 HKLM\SYSTEM\CS2\Services\Tcpip\..\{DAC8D388-B803-4009-A595-B82172E1E144}: DhcpNameServer=212.27.39.135 212.27.32.5 HKLM\SYSTEM\CS2\Services\Tcpip\..\{DE0CC0EA-7C59-4727-A6DD-8F7126DC3737}: DhcpNameServer=213.228.0.95 213.228.0.96 HKLM\SYSTEM\CS3\Services\Tcpip\..\{B76F3DA8-0EDB-4383-A654-7983A2DD9964}: DhcpNameServer=212.27.40.240 212.27.40.241 HKLM\SYSTEM\CS3\Services\Tcpip\..\{DAC8D388-B803-4009-A595-B82172E1E144}: DhcpNameServer=212.27.39.135 212.27.32.5 HKLM\SYSTEM\CS3\Services\Tcpip\..\{DE0CC0EA-7C59-4727-A6DD-8F7126DC3737}: DhcpNameServer=213.228.0.95 213.228.0.96 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

Merci de ton aide. rapport toolbar : -----------\\ ToolBar S&D 1.2.5 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 1 X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.20GHz ) BIOS : BIOS Date: 09/07/04 23:47:53 Ver: 08.00.09 USER : Dante ( Administrator ) BOOT : Normal boot A:\ (USB) C:\ (Local Disk) - NTFS - Total:76 Go (Free:1 Go) D:\ (CD or DVD) E:\ (USB) G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) H:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 ) Option : [1] ( 03/12/2008|23:28 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\DOCUME~1\Dante\Favoris\Kazaa Lite K++.url C:\WINDOWS\System32\b4fm.dll -----------\\ Extensions (Dante) - {0545b830-f0aa-4d7e-8820-50a4629a56fe} => clrtabs (Dante) - {36C13C8F-54F1-412e-8177-2E411719162D} => chrome (Dante) - {4674e8a2-eb7e-4822-b517-b18328b3e8e8} => plastikfox_1.5.1-1 (Dante) - {4674e8a2-eb7e-4822-b517-b18328b3e8e8} => plastikfox_1.5.1 (Dante) - {52709a28-cbed-45c9-94b6-553359d3b46f} => fireworld-0.3-fx (Dante) - {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF} => walnut (Dante) - {720EDA4B-856E-4D8D-906B-A5A0293A7500} => lebreeze (Dante) - {7E77F5DF-8022-40e3-9122-F03DEBEFC43B} => psicotsi (Dante) - {84b24861-62f6-364b-eba5-2e5e2061d7e6} => mediaplayerconnectivity (Dante) - {88cb9cff-ee4a-481e-bb22-ab5c05e04c22} => phoenity-1.4.1-fx (Dante) - {9d1f059c-cada-4111-9696-41a62d64e3ba} => foxtrick (Dante) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus (Dante) - {F44A59FC-F61F-46ab-8FD4-444CED7C412A} => platinum-1.0.1-fx (Dante) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\System32\\blank.htm" "Start Page"="http://www.google.fr/" "Search Bar"="http://www.cttpvhohakevxogfem.com/MapKpghRrEukvNBIO6ZLOVUE2JZmjLf/jIOxB7DWN0yKLjU3puxk1w3THkXrn5A7.asp" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Dante\Mes documents\The-Chronicles-of-Riddick-Crack.rar C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r00 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r01 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r02 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r03 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r04 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r05 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r06 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r07 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r08 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r09 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r10 C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.rar C:\DOCUME~1\Dante\Mes documents\Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.sfv C:\DOCUME~1\Dante\Mes documents\Mes fichiers re‡us\Half-Life 2 Crack Nocd Keygen.zip 1 - "C:\ToolBar SD\TB_1.txt" - 03/12/2008|23:29 - Option : [1] -----------\\ Fin du rapport a 23:29:28,04 rapport smit : SmitFraudFix v2.380 Rapport fait à 23:34:55,50, 03/12/2008 Executé à partir de C:\Program Files\Mozilla Firefox\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\hphmon05.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\RedLine\Taskbar.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\WINDOWS\System32\USBPlug.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\DNA\btdna.exe C:\WINDOWS\DvzCommon\DvzMsgr.exe C:\Program Files\redline\gameutil.exe C:\Program Files\Palm\HOTSYNC.EXE C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Documents and Settings\Dante\Mes documents\Longhorn Inspirat\ObjectDock\ObjectDock.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\HPZipm12.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\SYSTEM32\taskmgr.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\System32\cmd.exe C:\WINDOWS\notepad.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS C:\WINDOWS\config.ini PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Dante »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Dante\LOCALS~1\Temp »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Dante\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Dante\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family #2 - Miniport d'ordonnancement de paquets DNS Server Search Order: 213.228.0.95 DNS Server Search Order: 213.228.0.96 Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family #3 - Miniport d'ordonnancement de paquets DNS Server Search Order: 212.27.40.240 DNS Server Search Order: 212.27.40.241 Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family #2 - Miniport d'ordonnancement de paquets DNS Server Search Order: 212.27.39.135 DNS Server Search Order: 212.27.32.5 HKLM\SYSTEM\CCS\Services\Tcpip\..\{B76F3DA8-0EDB-4383-A654-7983A2DD9964}: DhcpNameServer=212.27.40.240 212.27.40.241 HKLM\SYSTEM\CCS\Services\Tcpip\..\{DAC8D388-B803-4009-A595-B82172E1E144}: DhcpNameServer=212.27.39.135 212.27.32.5 HKLM\SYSTEM\CCS\Services\Tcpip\..\{DE0CC0EA-7C59-4727-A6DD-8F7126DC3737}: DhcpNameServer=213.228.0.95 213.228.0.96 HKLM\SYSTEM\CS1\Services\Tcpip\..\{B76F3DA8-0EDB-4383-A654-7983A2DD9964}: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS1\Services\Tcpip\..\{DAC8D388-B803-4009-A595-B82172E1E144}: DhcpNameServer=212.27.39.135 212.27.32.5 HKLM\SYSTEM\CS1\Services\Tcpip\..\{DE0CC0EA-7C59-4727-A6DD-8F7126DC3737}: DhcpNameServer=213.228.0.95 213.228.0.96 HKLM\SYSTEM\CS2\Services\Tcpip\..\{B76F3DA8-0EDB-4383-A654-7983A2DD9964}: DhcpNameServer=212.27.40.240 212.27.40.241 HKLM\SYSTEM\CS2\Services\Tcpip\..\{DAC8D388-B803-4009-A595-B82172E1E144}: DhcpNameServer=212.27.39.135 212.27.32.5 HKLM\SYSTEM\CS2\Services\Tcpip\..\{DE0CC0EA-7C59-4727-A6DD-8F7126DC3737}: DhcpNameServer=213.228.0.95 213.228.0.96 HKLM\SYSTEM\CS3\Services\Tcpip\..\{B76F3DA8-0EDB-4383-A654-7983A2DD9964}: DhcpNameServer=212.27.40.240 212.27.40.241 HKLM\SYSTEM\CS3\Services\Tcpip\..\{DAC8D388-B803-4009-A595-B82172E1E144}: DhcpNameServer=212.27.39.135 212.27.32.5 HKLM\SYSTEM\CS3\Services\Tcpip\..\{DE0CC0EA-7C59-4727-A6DD-8F7126DC3737}: DhcpNameServer=213.228.0.95 213.228.0.96 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

Bonjour, j'ai été infecté par un trojan : TR/Crypt.ULPM.Gen et d'autres virus dont les noms ne donnent rien sur Google ( genre BAT/FtpGet.1) qui me sont signalé par Avira antivir .J'ai essayé de me débrouiller tout seul en regardant comment les autres personne s'en sont débarasser mais sans succès.Que faire ? Votre aide me serait très précieuse vu que je suis une quiche en informatique et que ce cheval de troie me pourrit la vie.De plus, il est en train de m'amener de plus en plus de virus j'ai l'impression, merci d'avance. voici mon rapport Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:53:31, on 03/12/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\hphmon05.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\RedLine\Taskbar.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\ScanSoft\OmniPageSE\opware32.exe C:\WINDOWS\System32\USBPlug.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\DNA\btdna.exe C:\WINDOWS\DvzCommon\DvzMsgr.exe C:\Program Files\redline\gameutil.exe C:\Program Files\Palm\HOTSYNC.EXE C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Documents and Settings\Dante\Mes documents\Longhorn Inspirat\ObjectDock\ObjectDock.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\HPZipm12.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\SYSTEM32\taskmgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cttpvhohakevxogfem.com/MapKpghR...w3THkXrn5A7.asp R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\hphupd05.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [RedLine Taskbar] C:\Program Files\RedLine\Taskbar.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [dscService] C:\WINDOWS\System32\USBPlug.exe O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Startup: PowerReg Scheduler.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Documents and Settings\Dante\Mes documents\Longhorn Inspirat\ObjectDock\ObjectDock.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe O4 - Global Startup: gameutil.exe.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/fra_pao_med.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1228251767359 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1228251174656 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://stoogetv.com/SOPCORE.CAB O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/default.cab?uid=9&...id=34574&1s O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/html - {C5FA482C-49E9-47C1-BD45-EC19E9FAD835} - (no file) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe O23 - Service: Windows Spool Services (WinSpoolSvc) - Unknown owner - C:\WINDOWS\system32\csrsc.exe (file missing) -- End of file - 10937 bytes