bounz

[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ] -->- Recherche: C:\Combofix.txt: trouvé ! C:\FixWareOut: trouvé ! C:\Documents and Settings\Administrateur.SWEET-46E66140E\*.msnfix: trouvé ! C:\Documents and Settings\Administrateur.SWEET-46E66140E\Bureau\HijackThis.exe: trouvé ! C:\Documents and Settings\All Users.WINDOWS.0\Menu Démarrer\Programmes\HijackThis: trouvé ! C:\Documents and Settings\All Users.WINDOWS.0\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé ! C:\Program Files\Trend Micro\HijackThis: trouvé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé ! C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé ! C:\WINDOWS.0\Gmer.exe: trouvé ! C:\WINDOWS.0\msnfix.txt: trouvé ! --------------------------------- -->- Suppression: C:\Documents and Settings\Administrateur.SWEET-46E66140E\Bureau\HijackThis.exe: supprimé ! C:\Documents and Settings\All Users.WINDOWS.0\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé ! C:\WINDOWS.0\Gmer.exe: supprimé ! C:\Combofix.txt: supprimé ! C:\Documents and Settings\Administrateur.SWEET-46E66140E\*.msnfix: ERREUR DE SUPPRESSION !! C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé ! C:\WINDOWS.0\msnfix.txt: supprimé ! C:\FixWareOut: supprimé ! C:\Documents and Settings\All Users.WINDOWS.0\Menu Démarrer\Programmes\HijackThis: supprimé ! C:\Program Files\Trend Micro\HijackThis: supprimé !

plus de spam apparemment sa doit etre bien ! Merci pour votre aide très précieuse et de consacrer du temps pour les internauts en difficultés !

Voila c'est le rapport de Kaspersky -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Sunday, January 11, 2009 Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Sunday, January 11, 2009 11:26:41 Records in database: 1602210 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ E:\ G:\ H:\ I:\ J:\ Scan statistics: Files scanned: 124634 Threat name: 6 Infected objects: 7 Suspicious objects: 0 Duration of the scan: 03:35:54 File name / Threat name / Threats count C:\Documents and Settings\Administrateur\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install.exe Infected: not-a-virus:Downloader.Win32.ImLoader.g 1 C:\ircN\system\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.62 1 C:\Program Files\Kazaa\kazaa.exe Infected: not-a-virus:AdWare.Win32.Altnet.d 1 C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.62 1 C:\QooBox\Quarantine\C\WINDOWS.0\system32\adssite_sidebar.dll.vir Infected: not-a-virus:AdWare.Win32.Agent.zm 1 C:\QooBox\Quarantine\C\WINDOWS.0\system32\iebrowserc.dll.vir Infected: not-a-virus:AdWare.Win32.Vapsup.awu 1 C:\WINDOWS.0\system32\cmdow.exe Infected: not-a-virus:RiskTool.Win32.HideWindows 1 The selected area was scanned.

alors, Pour la version de java je la met à jours à chaques fois qu'il me le demande donc Ok. Pour combofix aucun soucis je ne l'utiliserais pas si vous me dites que ce n'est pas nécessaire, je l'avais juste téléchargé pour faire avancer les choses si besoin. Le scan kaspersky est en cours.

ok, Pour le rapport il n'aurais pas du durer si longtemps, sauf que quand un spam virus apparaissait il ne continuait pas tant que je n'avais pas fermé la fenêtre finalement, il à mis beaucoup plus de temps. Merci vous êtes très rapide !

alors ce fut long mais très étonné de voir autan de fichier atteints ! Pour le rapport mbam: Malwarebytes' Anti-Malware 1.32 Version de la base de données: 1638 Windows 5.1.2600 Service Pack 3 11/01/2009 12:34:20 mbam-log-2009-01-11 (12-34-20).txt Type de recherche: Examen complet (C:\|D:\|E:\|G:\|H:\|I:\|J:\|) Eléments examinés: 183863 Temps écoulé: 17 hour(s), 33 minute(s), 8 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 5 Clé(s) du Registre infectée(s): 44 Valeur(s) du Registre infectée(s): 5 Elément(s) de données du Registre infecté(s): 4 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 62 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\WINDOWS.0\system32\opnkjGWn.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS.0\system32\jemufoka.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS.0\system32\paluzohe.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS.0\system32\rojerobe.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS.0\system32\zflegc.dll (Trojan.Vundo) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqqgghi (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7438ba5b-054f-4caf-aadc-402ecbee7e7c} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{7438ba5b-054f-4caf-aadc-402ecbee7e7c} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b4d19ca2-f7a9-4ca9-8c6c-7088d14bf3da} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{b4d19ca2-f7a9-4ca9-8c6c-7088d14bf3da} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5e11437-31cd-466f-8dc3-b53a4666faf1} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{c5e11437-31cd-466f-8dc3-b53a4666faf1} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5e11437-31cd-466f-8dc3-b53a4666faf1} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7438ba5b-054f-4caf-aadc-402ecbee7e7c} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b4d19ca2-f7a9-4ca9-8c6c-7088d14bf3da} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\optimizer.adssite2 (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\optimizer.adssite2.1 (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{48dc6ffb-64d7-42e8-949d-8ef2641eb73a} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{b4094603-dda9-4caf-9b13-0ad1034c9c53} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9c8a568e-4201-478a-8536-526cf371d2e2} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f10587e9-0e47-4cbe-abcd-7dd20b862223} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d8282e6-bc4f-469b-aaed-7e4ff077ad93} (Adware.RightOnAds) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ab71e94e-3dc4-41eb-bbd5-31e82c9fd1d4} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5229b8bf-65ee-45ef-9ca4-e8ce9c7c6e77} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5229b8bf-65ee-45ef-9ca4-e8ce9c7c6e77} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7305877b-89b1-4d02-b33e-bb21fe175be2} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7305877b-89b1-4d02-b33e-bb21fe175be2} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adssite (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\adssite (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\Sidebar.DLL (Adware.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adssitesearchassistant (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\videoPl.chl (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65993bba-c81a-9750-85a7-a3c99cdebf89} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{65993bba-c81a-9750-85a7-a3c99cdebf89} (Adware.BHO) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kukopehalu (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\9432aeb1 (Trojan.Agent) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows.0\system32\jemufoka.dll -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows.0\system32\jemufoka.dll -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\jemufoka.dll -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Program Files\Save (Adware.WhenUSave) -> Quarantined and deleted successfully. C:\Program Files\RXToolBar (Adware.RXToolbar) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\WINDOWS.0\system32\ssqQgghi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\opnkjGWn.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS.0\system32\nWGjknpo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\nWGjknpo.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\zflegc.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS.0\system32\csubogqg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\gqgobusc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\hihavuna.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\anuvahih.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\kivumolo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\olomuvik.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\nemarato.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\otaramen.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\ocfrustv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\vtsurfco.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\rojerobe.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS.0\system32\paluzohe.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS.0\system32\jemufoka.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS.0\system32\nszC.dll (Adware.BHO) -> Quarantined and deleted successfully. C:\distrib\Nero\Keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\distrib\Nero\Nero 6.6.0.14 + patch fr + serial\Nero 6.6.0.14 + patch fr + serial\Nero_6.6.0.14 serial\Keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\WINDOWS.0\system32\nsuC.dll.vir (Adware.BHO) -> Quarantined and deleted successfully. C:\WINDOWS.0\fxstaller.MSNFix (Backdoor.Bot) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\fccdecdD.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\geBRHaBs.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\lxarfwgt.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\opnkhfCT.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\WhoisCL.exe (Adware.BHO) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\hgGxUnMG.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\iifcBtUK.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\tswiti.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\tuvTljhh.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\vtUopnKE.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\jvajfdww.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\urqPjKcB.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\byXNgfDS.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\jkkKayWP.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\ljJCrQig.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\llmegd.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\dagamami.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\xyyvsc.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\ycbmcmvc.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\otfwavuh.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\ssqPhEWO.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Program Files\Save\extra.exe (Adware.WhenUSave) -> Quarantined and deleted successfully. C:\Program Files\Save\ffext.mod (Adware.WhenUSave) -> Quarantined and deleted successfully. C:\Program Files\Save\save.db (Adware.WhenUSave) -> Quarantined and deleted successfully. C:\Program Files\Save\save.htm (Adware.WhenUSave) -> Quarantined and deleted successfully. C:\Program Files\Save\store.db (Adware.WhenUSave) -> Quarantined and deleted successfully. C:\Program Files\RXToolBar\sfcont.bin (Adware.RXToolbar) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\adssite-remove.exe (Adware.Agent) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\yamiyuse.dll (Trojan.Agent) -> Delete on reboot. C:\WINDOWS.0\system32\a.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\adssite_sidebar_uninstall.exe (Adware.BHO) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\~.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Favoris\Online Security Test.url (Rogue.Link) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur.SWEET-46E66140E\Application Data\urlredir.cfg (Adware.RightOnAds) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.url (Rogue.Link) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Démarrer\Security Troubleshooting.url (Rogue.Link) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\drivers\etc\services (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. C:\WINDOWS.0\explorer.backup (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. C:\WINDOWS.0\system32\nse2F.dll (Adware.BHO) -> Quarantined and deleted successfully. Pour le rapport HijackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:47:44, on 11/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS.0\System32\smss.exe C:\WINDOWS.0\system32\winlogon.exe C:\WINDOWS.0\system32\services.exe C:\WINDOWS.0\system32\lsass.exe C:\WINDOWS.0\system32\svchost.exe C:\WINDOWS.0\System32\svchost.exe C:\WINDOWS.0\Explorer.EXE C:\WINDOWS.0\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS.0\system32\nvsvc32.exe C:\WINDOWS.0\system32\oodag.exe C:\WINDOWS.0\system32\svchost.exe C:\WINDOWS.0\SOUNDMAN.EXE C:\Program Files\CD-R\DAEMON Tools\daemon.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS.0\system32\ctfmon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\IncrediMail\bin\IMApp.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS.0\system32\wscntfy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Administrateur.SWEET-46E66140E\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.0\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\CD-R\DAEMON Tools\daemon.exe\" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS.0\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS.0\system32\config\SYSTEM~1\LOCALS~1\Temp\E_S1AD.tmp" /EF "HKLM" O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\ctfmon.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\Administrateur.SWEET-46E66140E\Application Data\Mozilla\Firefox\Profiles\i41p745p.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\Administrateur.SWEET-46E66140E\Application Data\Mozilla\Firefox\Profiles/i41p745p.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [kukopehalu] Rundll32.exe "C:\WINDOWS.0\system32\rojerobe.dll",s (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS.0\eHome" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS.0\Srchasst" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_05] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS.0\system32\Oobe" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_06] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS.0\Help\Tours" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS.0\system32\Inetsrv" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_08] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_09] rundll32 advpack.dll,DelNodeRunDLL32 "%SystemRoot%\System32\dllcache" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_10] cmd.exe /c md "%SystemRoot%\System32\dllcache" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_12] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_13] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS.0\eHome" (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS.0\system32\GPhotos.scr/200 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ae859535835044e6afd2affa48d3cf09 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ae859535835044e6afd2affa48d3cf09 O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1168984703859 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin9.valueactive.eu/Register/Bra...018/flashax.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS.0\system32\cisvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS.0\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS.0\system32\oodag.exe -- End of file - 12823 bytes J'ai encore deux spam qui sont apparue à l'ouverture du bureau ce matin je les ai notés pour éssayé de vous aider au mieux. _ Tr/Drop.Mini.B _ Tr/Crypt.Xpack.Gen Encore désolé de vous donner autant de travail ! J'ai téléchargé "combofix" car en regardant sur quelques forums j'ai remarqué qu'il fallait en faire usage dans certains cas. (installé sur mon bureau) mercie encore pour votre aide.

super rapide, merci je m'en occupe au plus vite !

bonjours, mon antivirus (antivir) détecte depuis ce matin un trojans qui est spamé en continu, suite à une mauvaise manip j'avais été infecté via msn il y a quelques temps j'avais nettoyé celui-ci avec msnfix qui avait très bien marché. mais pour le trojans je ne suis pas vraiment qualifié pour en déduire et connaitre les moyens de le supprimer. je fait donc appelle à vous pour m'aider. (nous sommes plusieurs à l'utiliser) Le rapport hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:50:41, on 10/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS.0\System32\smss.exe C:\WINDOWS.0\system32\winlogon.exe C:\WINDOWS.0\system32\services.exe C:\WINDOWS.0\system32\lsass.exe C:\WINDOWS.0\system32\svchost.exe C:\WINDOWS.0\System32\svchost.exe C:\WINDOWS.0\Explorer.EXE C:\WINDOWS.0\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS.0\system32\oodag.exe C:\WINDOWS.0\system32\svchost.exe C:\WINDOWS.0\SOUNDMAN.EXE C:\Program Files\CD-R\DAEMON Tools\daemon.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\WINDOWS.0\system32\ctfmon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\PROGRA~1\IncrediMail\bin\IMApp.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\WINDOWS.0\system32\wscntfy.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Administrateur.SWEET-46E66140E\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file) R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: adssite - {65993bba-c81a-9750-85a7-a3c99cdebf89} - C:\WINDOWS.0\system32\nse2F.dll O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS.0\system32\ssqQgghi.dll (file missing) O2 - BHO: (no name) - {7438BA5B-054F-4CAF-AADC-402ECBEE7E7C} - C:\WINDOWS.0\system32\opnkjGWn.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: {ad3fb41d-8807-c6c8-9ac4-9a7f2ac91d4b} - {b4d19ca2-f7a9-4ca9-8c6c-7088d14bf3da} - C:\WINDOWS.0\system32\zflegc.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {c5e11437-31cd-466f-8dc3-b53a4666faf1} - C:\WINDOWS.0\system32\paluzohe.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.0\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\CD-R\DAEMON Tools\daemon.exe\" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS.0\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS.0\system32\config\SYSTEM~1\LOCALS~1\Temp\E_S1AD.tmp" /EF "HKLM" O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [kukopehalu] Rundll32.exe "C:\WINDOWS.0\system32\rojerobe.dll",s O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\ctfmon.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\Administrateur.SWEET-46E66140E\Application Data\Mozilla\Firefox\Profiles\i41p745p.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\Administrateur.SWEET-46E66140E\Application Data\Mozilla\Firefox\Profiles/i41p745p.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [kukopehalu] Rundll32.exe "C:\WINDOWS.0\system32\rojerobe.dll",s (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS.0\eHome" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS.0\Srchasst" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_05] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS.0\system32\Oobe" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_06] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS.0\Help\Tours" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS.0\system32\Inetsrv" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_08] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_09] rundll32 advpack.dll,DelNodeRunDLL32 "%SystemRoot%\System32\dllcache" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_10] cmd.exe /c md "%SystemRoot%\System32\dllcache" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_12] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_13] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS.0\eHome" (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS.0\system32\GPhotos.scr/200 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ae859535835044e6afd2affa48d3cf09 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ae859535835044e6afd2affa48d3cf09 O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1168984703859 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin9.valueactive.eu/Register/Bra...018/flashax.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS.0\system32\jemufoka.dll O20 - Winlogon Notify: ssqQgghi - ssqQgghi.dll (file missing) O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS.0\system32\cisvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS.0\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS.0\system32\oodag.exe -- End of file - 13745 bytes Merci de votre aide.