MrPoke

oups,j'avais po vu ca, je vais m'y mettre

le premier rapport mbam Malwarebytes' Anti-Malware 1.31 Version de la base de données: 1516 Windows 5.1.2600 Service Pack 3 18/12/2008 20:21:49 mbam-log-2008-12-18 (20-21-49).txt Type de recherche: Examen rapide Eléments examinés: 71991 Temps écoulé: 7 minute(s), 6 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 5 Clé(s) du Registre infectée(s): 6 Valeur(s) du Registre infectée(s): 4 Elément(s) de données du Registre infecté(s): 7 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 16 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\WINDOWS\system32\zibuyiri.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\fabireze.dll (Trojan.Vundo.H) -> Delete on reboot. c:\WINDOWS\system32\jefaduku.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\bivemufi.dll (Trojan.Vundo.H) -> Delete on reboot. c:\WINDOWS\system32\kapidugo.dll (Trojan.Vundo) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{890df8d5-ef6b-40d7-b220-93a6a2f1add3} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{890df8d5-ef6b-40d7-b220-93a6a2f1add3} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{890df8d5-ef6b-40d7-b220-93a6a2f1add3} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\popihogujo (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpme3198379 (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\fabireze.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\fabireze.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\fabireze.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\jefaduku.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\jefaduku.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo) -> Data: c:\windows\system32\kapidugo.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo) -> Data: system32\kapidugo.dll -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\firahufu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ufuharif.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\huhevita.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ativehuh.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\loganini.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ininagol.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\zibuyiri.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\iriyubiz.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. c:\WINDOWS\system32\jefaduku.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\bivemufi.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\fabireze.dll (Trojan.Vundo.H) -> Delete on reboot. c:\WINDOWS\system32\kapidugo.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\rafolate.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mimoyibi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dibiyowa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\8YSMy3r6.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully. et voila le second rapport mbam Type de recherche: Examen rapide Eléments examinés: 66776 Temps écoulé: 2 minute(s), 57 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) encore merci ,je vais soigneuseument enregistrer ces deux logiciels au cas ou

le rapport combofix (fait en ayant desactivé f secure ,qui a du le bloquer avant mais il m'a rien dit) ComboFix 08-12-17.01 - GENE02.BES.AVENAO2 2008-12-18 20:36:55.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.3582.2947 [GMT 1:00] Lancé depuis: c:\documents and settings\GENE02.BES.AVENAO2\Bureau\FixCF.exe * Un nouveau point de restauration a été créé AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ADS - WINDOWS: deleted 48 bytes in 1 streams. (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\bold.log c:\windows\system32\404Fix.exe c:\windows\system32\dumphive.exe c:\windows\system32\IEDFix.C.exe c:\windows\system32\IEDFix.exe c:\windows\system32\o4Patch.exe c:\windows\system32\Process.exe c:\windows\system32\SrchSTS.exe c:\windows\system32\VACFix.exe c:\windows\system32\VCCLSID.exe c:\windows\system32\WS2Fix.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-18 au 2008-12-18 )))))))))))))))))))))))))))))))))))) . 2008-12-18 20:05 . 2008-12-18 20:05 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-18 20:05 . 2008-12-18 20:05 <REP> d-------- c:\documents and settings\GENE02.BES.AVENAO2\Application Data\Malwarebytes 2008-12-18 20:05 . 2008-12-18 20:05 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-18 20:05 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-18 20:05 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-18 19:07 . 2008-12-18 19:45 <REP> d-------- c:\program files\FindyKill 2008-12-18 12:25 . 2008-12-12 00:57 78,336 --a------ c:\windows\system32\Agent.OMZ.Fix.exe 2008-12-16 21:36 . 2008-12-16 21:36 <REP> d-------- c:\program files\Fichiers communs\PC Tools 2008-12-16 21:36 . 2008-12-16 22:39 <REP> d-a------ c:\documents and settings\All Users\Application Data\TEMP 2008-12-16 19:53 . 2008-12-16 19:53 <REP> d-------- c:\program files\Panda Security 2008-12-16 19:53 . 2008-06-19 17:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys 2008-12-14 23:53 . 2008-12-14 23:53 <REP> dr------- c:\documents and settings\LocalService\Favoris 2008-12-14 22:42 . 2008-12-14 22:42 <REP> d-------- c:\windows\report 2008-12-14 22:41 . 2008-12-14 22:40 21,415,977 --a------ c:\windows\LPT$VPN.707 2008-12-14 22:40 . 2008-12-14 22:40 <REP> d-------- c:\windows\AU_Backup 2008-12-14 22:40 . 2008-12-14 22:40 21,415,977 --a------ c:\windows\VPTNFILE.707 2008-12-14 22:40 . 2008-12-14 22:40 1,973,120 --a------ c:\windows\tsc.ptn 2008-12-14 22:40 . 2008-12-14 22:40 1,213,784 --a------ c:\windows\vsapi32.dll 2008-12-14 22:40 . 2008-12-14 22:40 345,157 --a------ c:\windows\tsc.exe 2008-12-14 22:40 . 2008-12-14 22:40 91,744 --a------ c:\windows\BPMNT.dll 2008-12-14 22:40 . 2008-12-14 22:40 71,749 --a------ c:\windows\hcextoutput.dll 2008-12-14 22:40 . 2008-12-15 06:39 823 --a------ c:\windows\tsc.ini 2008-12-14 22:36 . 2008-12-14 22:40 <REP> d-------- c:\windows\AU_Temp 2008-12-14 22:36 . 2008-12-14 22:36 <REP> d-------- c:\windows\AU_Log 2008-12-14 22:36 . 2008-12-14 22:36 507,904 --a------ c:\windows\TMUPDATE.DLL 2008-12-14 22:36 . 2008-12-14 22:36 170 --a------ c:\windows\GetServer.ini 2008-12-14 22:35 . 2008-12-14 22:35 286,720 --a------ c:\windows\PATCH.EXE 2008-12-14 22:35 . 2008-12-14 22:35 69,689 --a------ c:\windows\UNZIP.DLL 2008-12-13 18:15 . 2008-12-13 18:15 34 --a------ c:\windows\cdplayer.ini 2008-12-13 17:29 . 2008-12-13 17:30 69 --a------ c:\windows\NeroDigital.ini 2008-12-10 21:02 . 2008-12-10 21:02 <REP> d-------- c:\documents and settings\GENE02.BES.AVENAO2\Application Data\Nero 2008-12-10 19:32 . 2008-12-16 16:56 <REP> d-------- c:\program files\Fichiers communs\Nero 2008-12-10 19:32 . 2008-12-16 16:56 <REP> d-------- c:\documents and settings\All Users\Application Data\Nero 2008-12-10 09:30 . 2008-12-10 09:30 <REP> d-------- c:\documents and settings\All Users\Application Data\Elaborate Bytes 2008-12-10 09:29 . 2008-12-10 09:31 <REP> d-------- c:\program files\Elaborate Bytes 2008-12-10 08:51 . 2008-12-10 08:51 <REP> d-------- c:\documents and settings\All Users\Application Data\DVD Shrink 2008-12-03 20:09 . 2008-12-03 20:30 <REP> d-------- c:\windows\system32\Adobe 2008-12-02 20:41 . 2005-03-11 18:37 1,986,560 --a------ c:\windows\system32\AudFile.dll 2008-12-02 20:41 . 2005-02-24 13:11 1,212,416 --a------ c:\windows\system32\AudioInfos.dll 2008-12-02 20:41 . 2005-02-24 12:51 348,160 --a------ c:\windows\system32\WMAFile.dll 2008-12-02 20:41 . 1998-07-12 22:00 141,312 --a------ c:\windows\system32\MSCMCFR.DLL 2008-12-02 20:41 . 2005-01-10 13:54 116,296 --a------ c:\windows\system32\NCTWMAProfiles.prx 2008-12-02 20:41 . 1999-03-25 18:00 101,888 --a------ c:\windows\system32\VB6STKIT.DLL 2008-12-02 20:41 . 2003-04-18 15:29 44,544 --a------ c:\windows\system32\msxml4a.dll 2008-12-02 20:41 . 2003-01-26 12:41 40,960 --a------ c:\windows\system32\SSubTmr6.dll 2008-12-02 20:41 . 1998-07-12 18:00 32,768 --a------ c:\windows\system32\CMDLGFR.DLL 2008-12-02 20:41 . 1998-07-12 22:00 15,360 --a------ c:\windows\system32\inetfr.DLL 2008-12-01 10:52 . 2008-12-01 10:52 30,856 --a------ c:\windows\system32\drivers\fsbts.sys 2008-12-01 10:44 . 2008-12-01 11:25 <REP> d-------- c:\documents and settings\All Users\Application Data\fssg 2008-11-28 22:42 . 2008-12-16 18:23 <REP> d-------- c:\documents and settings\GENE02.BES.AVENAO2\Application Data\F-Secure 2008-11-27 10:49 . 2008-11-27 10:49 <REP> d-------- c:\documents and settings\GENE02.BES.AVENAO2\Application Data\SolidWorks 2008 2008-11-27 10:35 . 2008-11-27 10:35 <REP> d-------- c:\program files\Fichiers communs\eDrawings2008 2008-11-27 10:35 . 2008-11-27 10:38 <REP> d-------- c:\program files\AGEIA Technologies 2008-11-27 10:25 . 2008-11-27 10:25 <REP> d-------- c:\documents and settings\Administrateur\Application Data\F-Secure 2008-11-27 08:44 . 2008-12-18 08:27 <REP> d-------- C:\SolidWorks Admin 2008-11-26 19:52 . 2008-12-18 20:42 <REP> d-------- c:\documents and settings\GENE02.BES.AVENAO2\Application Data\IM 2008-11-23 15:30 . 2008-11-23 15:42 <REP> d-------- c:\documents and settings\GENE02.BES.AVENAO2\Application Data\Command & Conquer 3 La Fureur de Kane 2008-11-23 14:56 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\system32\d3dx9_36.dll 2008-11-23 14:56 . 2007-10-12 15:14 1,374,232 --a------ c:\windows\system32\D3DCompiler_36.dll 2008-11-23 14:56 . 2007-10-02 09:56 444,776 --a------ c:\windows\system32\d3dx10_36.dll 2008-11-23 14:56 . 2007-10-22 03:39 267,272 --a------ c:\windows\system32\xactengine2_10.dll 2008-11-23 14:56 . 2007-10-22 03:37 17,928 --a------ c:\windows\system32\X3DAudio1_2.dll 2008-11-22 18:36 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\system32\d3dx9_26.dll 2008-11-21 11:25 . 2008-11-21 11:25 268 --ah----- C:\sqmdata01.sqm 2008-11-21 11:25 . 2008-11-21 11:25 244 --ah----- C:\sqmnoopt01.sqm . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-18 19:42 --------- d-----w c:\program files\DNA 2008-12-18 19:42 --------- d-----w c:\documents and settings\GENE02.BES.AVENAO2\Application Data\DNA 2008-12-18 18:49 --------- d-----w c:\program files\F-Secure 2008-12-18 17:01 --------- d-----w c:\documents and settings\Administrateur\Application Data\IM 2008-12-18 15:40 --------- d-----w c:\documents and settings\GENE02.BES.AVENAO2\Application Data\SolidWorks 2008-12-16 15:17 93,798 --sha-w c:\windows\system32\musebehi.dll 2008-12-15 21:01 --------- d-----w c:\program files\SolidWorks 2008-12-15 19:54 --------- d-----w c:\documents and settings\GENE02.BES.AVENAO2\Application Data\BitTorrent 2008-12-14 01:50 --------- d-----w c:\documents and settings\GENE02.BES.AVENAO2\Application Data\Hamachi 2008-12-13 17:05 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-11 07:47 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-12-03 13:39 --------- d-----w c:\documents and settings\All Users\Application Data\COSMOS Applications 2008-12-01 09:44 --------- d-----w c:\documents and settings\All Users\Application Data\F-Secure 2008-11-27 09:38 --------- d-----w c:\program files\Fichiers communs\SolidWorks Shared 2008-11-27 09:38 --------- d-----w c:\documents and settings\All Users\Application Data\SolidWorks 2008-11-27 08:49 --------- d-----w c:\program files\Fichiers communs\eDrawings2007 2008-11-26 18:52 --------- d-----w c:\program files\Fichiers communs\Gestionnaire d'installation SolidWorks 2008-11-15 16:01 --------- d-----w c:\program files\Hamachi 2008-11-15 16:00 25,280 ----a-w c:\windows\system32\drivers\hamachi.sys 2008-11-03 21:35 --------- d-----w c:\documents and settings\GENE02.BES.AVENAO2\Application Data\Apple Computer 2008-11-03 21:26 --------- d-----w c:\program files\Fichiers communs\Apple 2008-11-03 21:26 --------- d-----w c:\program files\Apple Software Update 2008-11-03 21:26 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer 2008-11-03 21:26 --------- d-----w c:\documents and settings\All Users\Application Data\Apple 2008-11-01 21:45 --------- d-----w c:\documents and settings\All Users\Application Data\WinZip 2008-11-01 21:41 --------- d-----w c:\documents and settings\GENE02.BES.AVENAO2\Application Data\EDrawings 2008-11-01 21:31 --------- d-----w c:\documents and settings\GENE02.BES.AVENAO2\Application Data\DassaultSystemes 2008-11-01 21:31 --------- d-----w c:\documents and settings\All Users\Application Data\DassaultSystemes 2008-10-31 02:00 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2 2008-10-30 20:28 --------- d-----w c:\documents and settings\GENE02.BES.AVENAO2\Application Data\XnView 2008-10-29 21:43 --------- d-----w c:\program files\Fichiers communs\Logitech 2008-10-29 21:42 --------- d-----w c:\program files\Logitech 2008-10-29 11:45 --------- d-----w c:\documents and settings\GENE02.BES.AVENAO2\Application Data\Sony Corporation 2008-10-28 13:15 --------- d-----w c:\program files\Sony 2008-10-28 13:14 --------- d-----w c:\documents and settings\All Users\Application Data\Sony Corporation 2008-10-28 13:13 --------- d-----w c:\program files\Fichiers communs\Sony Shared 2008-10-28 13:13 --------- d-----w c:\program files\Fichiers communs\InstallShield 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-23 19:50 --------- d-----w c:\program files\Real 2008-10-23 19:50 --------- d-----w c:\program files\Fichiers communs\xing shared 2008-10-23 19:50 --------- d-----w c:\program files\Fichiers communs\Real 2008-10-23 19:49 --------- d-----w c:\program files\Google 2008-10-23 19:16 --------- d-----w c:\documents and settings\GENE02.BES.AVENAO2\Application Data\Windows Search 2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll 2008-10-22 16:57 --------- d-----w c:\program files\Microsoft Silverlight 2008-10-22 07:27 --------- d-----w c:\program files\Windows Live 2008-10-22 07:23 --------- dcsh--w c:\program files\Fichiers communs\WindowsLiveInstaller 2008-10-22 07:22 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller 2008-10-19 12:15 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Software 2008-10-19 12:14 --------- d-----w c:\program files\NCH Software 2008-10-18 16:26 --------- d-----w c:\program files\DAEMON Tools Lite 2008-10-18 08:56 --------- d-----w c:\documents and settings\GENE02.BES.AVENAO2\Application Data\vlc 2008-10-18 08:55 --------- d-----w c:\program files\VideoLAN 2008-10-16 20:18 826,368 ----a-w c:\windows\system32\wininet.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll 2008-10-03 10:03 247,326 ----a-w c:\windows\system32\strmdll.dll 2008-10-01 16:05 65,430 ----a-w c:\windows\system32\Uninstall_PowerOf3D.exe 2008-10-01 13:04 356,352 ----a-w c:\windows\system32\AegisI5Installer.exe 2008-10-01 13:04 21,393 ----a-w c:\windows\AegisP.sys 2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-29 68856] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-11-15 342336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-06 8491008] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-06 81920] "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-07-25 823296] "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-07-25 974848] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2008-10-09 182936] "F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2008-10-09 1182304] "WinVNC"="c:\progra~1\REALVNC\WINVNC\winvnc.exe" [2002-09-20 319488] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-10-23 185872] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-01-19 221184] "LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-01-19 458752] "LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-01-19 217088] "QuickTime Task"="d:\lolo divers\logs\quick time\qttask.exe" [2008-09-06 413696] "SolidWorks_CheckForUpdates"="c:\program files\Fichiers communs\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" [2008-10-18 6862120] "nwiz"="nwiz.exe" [2007-09-06 c:\windows\system32\nwiz.exe] "NVHotkey"="nvHotkey.dll" [2007-09-06 c:\windows\system32\nvhotkey.dll] "SigmatelSysTrayApp"="stsystra.exe" [2007-05-06 c:\windows\stsystra.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] c:\documents and settings\GENE02.BES.AVENAO2\Menu D‚marrer\Programmes\D‚marrage\ Moteur du Planificateur de tƒches SolidWorks.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [2008-10-18 488744] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-22 734872] Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-01-11 2150400] Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904] WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-10-08 394856] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"= , [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "d:\\lolo divers\\logs\\bitorrent\\BitTorrent\\bittorrent.exe"= "c:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtProc.exe"= "c:\\Program Files\\SolidWorks\\SLDWORKS.exe"= "c:\\WINDOWS\\system32\\msiexec.exe"= "c:\\Program Files\\Fichiers communs\\SolidWorks Shared\\Service\\SolidWorksLicensing.exe"= "c:\\WINDOWS\\system32\\LVCOMSX.EXE"= "c:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtMng.exe"= "c:\\WINDOWS\\system32\\nvsvc32.exe"= "c:\\Program Files\\Intel\\Wireless\\Bin\\RegSrvc.exe"= "c:\\Program Files\\Intel\\Wireless\\Bin\\EvtEng.exe"= "c:\\Program Files\\F-Secure\\common\\FNRB32.exe"= "c:\\Program Files\\Intel\\Wireless\\Bin\\WLKEEPER.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2008-12-01 30856] R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2008-10-16 79872] R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-12-16 28544] R1 F-Secure HIPS;F-Secure HIPS;\??\c:\program files\F-Secure\HIPS\drivers\fshs.sys [2008-12-01 66720] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;\??\c:\program files\F-Secure\Anti-Virus\minifilter\fsgk.sys [2008-10-16 76896] S3 FSORSPClient;F-Secure ORSP Client;"c:\program files\F-Secure\ORSP Client\fsorsp.exe" [2008-12-01 55904] S4 F-Secure Filter;F-Secure File System Filter;\??\c:\program files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2008-10-16 39776] S4 F-Secure Recognizer;F-Secure File System Recognizer;\??\c:\program files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2008-10-16 25184] . Contenu du dossier 'Tâches planifiées' 2008-11-03 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2008-12-14 c:\windows\Tasks\At1.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-18 c:\windows\Tasks\At10.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-18 c:\windows\Tasks\At11.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-18 c:\windows\Tasks\At12.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-18 c:\windows\Tasks\At13.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-18 c:\windows\Tasks\At14.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-18 c:\windows\Tasks\At15.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-18 c:\windows\Tasks\At16.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-18 c:\windows\Tasks\At17.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-14 c:\windows\Tasks\At18.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-16 c:\windows\Tasks\At19.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-15 c:\windows\Tasks\At2.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-18 c:\windows\Tasks\At20.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-18 c:\windows\Tasks\At21.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-17 c:\windows\Tasks\At22.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-17 c:\windows\Tasks\At23.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-15 c:\windows\Tasks\At24.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-15 c:\windows\Tasks\At3.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-15 c:\windows\Tasks\At4.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-15 c:\windows\Tasks\At5.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-15 c:\windows\Tasks\At6.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-15 c:\windows\Tasks\At7.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-14 c:\windows\Tasks\At8.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-14 c:\windows\Tasks\At9.job - c:\windows\system32\8YSMy3r6.exe [] 2008-12-18 c:\windows\Tasks\Tache planifiée analyse des disques locaux.job - C:\program [] . . ------- Examen supplémentaire ------- . uStart Page = about:blank IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\program files\F-Secure\FSPS\program\FSLSP.DLL c:\windows\Downloaded Program Files\sldimdownload.dll - O16 -: {AB6633A8-60A9-4F5D-B66C-ABE268CC3227} hxxps://www.solidworks.com/sw/support/subscription/sldimdownload.cab . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-18 20:41:08 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1300) c:\program files\F-Secure\FWES\Program\fsdc32.dll - - - - - - - > 'lsass.exe'(1356) c:\program files\F-Secure\FSPS\program\FSLSP.DLL c:\program files\F-Secure\FWES\Program\fsdc32.dll - - - - - - - > 'csrss.exe'(1260) c:\program files\F-Secure\FWES\Program\fsdc32.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Intel\Wireless\Bin\S24EvMon.exe c:\windows\system32\scardsvr.exe c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\F-Secure\Anti-Virus\fsgk32st.exe c:\program files\F-Secure\common\FSMA32.EXE c:\program files\F-Secure\Anti-Virus\fsgk32.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe c:\windows\system32\nvsvc32.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\program files\Intel\Wireless\Bin\WLKEEPER.exe c:\windows\system32\searchindexer.exe c:\program files\F-Secure\Anti-Virus\fssm32.exe c:\windows\system32\rundll32.exe c:\windows\system32\rundll32.exe c:\program files\Logitech\Video\FxSvr2.exe c:\program files\Intel\Wireless\Bin\Dot1XCfg.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe c:\program files\F-Secure\common\FSLAUNCHER1.EXE c:\windows\system32\wbem\wmiadap.exe . ************************************************************************** . Heure de fin: 2008-12-18 20:44:41 - La machine a redémarré ComboFix-quarantined-files.txt 2008-12-18 19:44:12 Avant-CF: 73 510 690 816 octets libres Après-CF: 73,508,630,528 octets libres 355 --- E O F --- 2008-12-11 22:23:59 je repasse mbam merci et a demain

ca recherche,et 32 elements infectés en 44 secondes arrgghh

heuuuuuuuuu c'est pareil

j'ai testé les trois et le resultat est le meme,la barre verte, le sablier,un petit clignotement de l'ecran (genre il rafraichit la page) et c'est tout,pas de bip

merci, il mets combien de temps a se lancer??,j'ai eu une barre de chargement en dessous de l'icone,le sablier et puis c'est tout

j'ai fait une "analyse" par hijackthis logfileauswertung et j'ai supprimé une entree voila le nouveau rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:49:47, on 18/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\F-Secure\Common\FSMB32.EXE C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\Program Files\F-Secure\Anti-Virus\fsqh.exe C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\F-Secure\FSAUA\program\fsaua.exe C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\stsystra.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\F-Secure\FSGUI\fsguidll.exe C:\Program Files\Fichiers communs\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\SearchProtocolHost.exe D:\lolo divers\logs\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: (no name) - {890df8d5-ef6b-40d7-b220-93a6a2f1add3} - C:\WINDOWS\system32\bivemufi.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\LOLODI~1\logs\STARDO~1\SDIEInt.dll O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [WinVNC] "C:\PROGRA~1\REALVNC\WINVNC\winvnc.exe" -servicehelper O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [QuickTime Task] "D:\lolo divers\logs\quick time\qttask.exe" -atboottime O4 - HKLM\..\Run: [solidWorks_CheckForUpdates] "C:\Program Files\Fichiers communs\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler O4 - HKLM\..\Run: [popihogujo] Rundll32.exe "C:\WINDOWS\system32\gupureje.dll",s O4 - HKLM\..\Run: [e02ab0e5] rundll32.exe "C:\WINDOWS\system32\zibuyiri.dll",b O4 - HKLM\..\Run: [CPMe3198379] Rundll32.exe "c:\windows\system32\jefaduku.dll",a O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [popihogujo] Rundll32.exe "C:\WINDOWS\system32\gupureje.dll",s (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Moteur du Planificateur de tâches SolidWorks.lnk = C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Download with Star Downloader - D:\LOLODI~1\logs\STARDO~1\sdie.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1222877205765 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {AB6633A8-60A9-4F5D-B66C-ABE268CC3227} (SolidWorks Installation Manager Contol) - https://www.solidworks.com/sw/support/subsc...dimdownload.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: C:\WINDOWS\system32\fabireze.dll c:\windows\system32\jefaduku.dll c:\windows\system32\kapidugo.dll O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\jefaduku.dll O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\jefaduku.dll O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: VNC Server (winvnc) - RealVNC Ltd. - C:\PROGRA~1\REALVNC\WINVNC\winvnc.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -- End of file - 14000 bytes je lance un finykill

bonjour tout le monde, donc voila,j'ai recement ete infecté par un trojan,que j'ai supprimé avec panda "online" ca a bien marché pendant deux jours et la ca recommence,je vous poste mon rapport hijack: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:49:47, on 18/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\F-Secure\Common\FSMB32.EXE C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\Program Files\F-Secure\Anti-Virus\fsqh.exe C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\F-Secure\FSAUA\program\fsaua.exe C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\stsystra.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\F-Secure\FSGUI\fsguidll.exe C:\Program Files\Fichiers communs\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\SearchProtocolHost.exe D:\lolo divers\logs\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: (no name) - {890df8d5-ef6b-40d7-b220-93a6a2f1add3} - C:\WINDOWS\system32\bivemufi.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\LOLODI~1\logs\STARDO~1\SDIEInt.dll O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [WinVNC] "C:\PROGRA~1\REALVNC\WINVNC\winvnc.exe" -servicehelper O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [QuickTime Task] "D:\lolo divers\logs\quick time\qttask.exe" -atboottime O4 - HKLM\..\Run: [solidWorks_CheckForUpdates] "C:\Program Files\Fichiers communs\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler O4 - HKLM\..\Run: [popihogujo] Rundll32.exe "C:\WINDOWS\system32\gupureje.dll",s O4 - HKLM\..\Run: [e02ab0e5] rundll32.exe "C:\WINDOWS\system32\zibuyiri.dll",b O4 - HKLM\..\Run: [CPMe3198379] Rundll32.exe "c:\windows\system32\jefaduku.dll",a O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [popihogujo] Rundll32.exe "C:\WINDOWS\system32\gupureje.dll",s (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Moteur du Planificateur de tâches SolidWorks.lnk = C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Download with Star Downloader - D:\LOLODI~1\logs\STARDO~1\sdie.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1222877205765 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {AB6633A8-60A9-4F5D-B66C-ABE268CC3227} (SolidWorks Installation Manager Contol) - https://www.solidworks.com/sw/support/subsc...dimdownload.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: C:\WINDOWS\system32\fabireze.dll c:\windows\system32\jefaduku.dll c:\windows\system32\kapidugo.dll O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\jefaduku.dll O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\jefaduku.dll O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: VNC Server (winvnc) - RealVNC Ltd. - C:\PROGRA~1\REALVNC\WINVNC\winvnc.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -- End of file - 14000 bytes merci d'avance