Amarillo

Depuis que j'ai desinstallé mon pack codec et que j'ai installé l'autre, Windows media player ne dispose plus des codecs pour lire certains fichiers audio mp3 De plus, zone alarme reste une applic win32 non reconnue, je desinstalle et reinstalle Je continue à te tenir au courant. merci

En ce qui concerne les codecs, j'ai desinstallé ....Klite codec (ne serait-ce pas le même que celui que tu me conseilles ?, Ai-je d'autre packs que tu aurais vu ? J'utilise media player classic et vlc) @+

Bonjour, J'ai suivi ta check list. Il me reste un big PB, ma connexion internet ne tient que env.30" aprés chaque reboot. La clé registre est pourtant toujours à 3 et j'ai bien "reparé" la connexion. Dans ces 30" j'ai pu mettre à jour MAM. Il n'a rien trouvé de plus Par contre, je n'ai pas pu faire le scan kapersky en ligne. Voici le rapport JavaRa et 1 Hijackthis (dans 2 messages différents pour plus de clarté). Merci JavaRa 1.13 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Fri Feb 06 09:17:11 2009 Found and removed: C:\Program Files\Java\j2re1.4.2_05 Found and removed: C:\Windows\Installer\{7148F0A8-6813-11D6-A77B-00B0D0142050} Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A8-6813-11D6-A77B-00B0D0142050} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\Installer\Products\8A0F841731866D117AB7000B0D410205 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F841731866D117AB7000B0D410205 Found and removed: SOFTWARE\Classes\JavaPlugin.142_05 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.4.2_05 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4.2_05 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.4.2_05 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\JavaPlugin.142_05 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} ------------------------------------ Finished reporting. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:20:04, on 06/02/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe C:\Program Files\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Brother\ControlCenter2\brctrcen.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\lclock.exe C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Java\jre6\bin\jqs.exe Q:\Karcher-HJT.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Program Files\Power Translator 10\Applications\LEC IE Translation Extension.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [setDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LClock] lclock.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'Default user') O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\Power Translator 10\LogoMedia TranslateDotNet Server.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Solver for COSMOSFloWorks 2007 - Unknown owner - C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- End of file - 11653 bytes

MAM Malwarebytes' Anti-Malware 1.33 Version de la base de données: 1654 Windows 5.1.2600 Service Pack 2 05/02/2009 16:48:55 mbam-log-2009-02-05 (16-48-26).txt Type de recherche: Examen complet (C:\|D:\|E:\|K:\|L:\|M:\|S:\|) Eléments examinés: 411854 Temps écoulé: 2 hour(s), 32 minute(s), 3 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Qoobox\Quarantine\C\Documents and Settings\Renato\Application Data\drivers\srosa2.sys.vir (Worm.Bagel) -> No action taken. C:\System Volume Information\_restore{0B9CDE62-84ED-4D2C-A49D-B8930EAF0827}\RP2\A0000116.sys (Worm.Bagel) -> No action taken.

Desolé, emm****** par le réseau qui apparait 30" au reboot, je continue a utiliser l'autre pc te dans ces aller-retours, j'ai zappé le dernier message. J'ai le MAM en cours (aucun rapport avec la ministre !) Je dois aller en clientele, je posterais donc tout ça au retour. Cordialement

ComboFix 09-02-04.04 - Renato 2009-02-05 12:56:02.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1023.599 [GMT 1:00] Lancé depuis: c:\documents and settings\Renato\Bureau\Amarillo-CF.exe Commutateurs utilisés :: c:\documents and settings\Renato\Bureau\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe FW: ZoneAlarm Firewall *enabled* * Un nouveau point de restauration a été créé . ((((((((((((((((((((((((((((( Fichiers créés du 2009-01-05 au 2009-02-05 )))))))))))))))))))))))))))))))))))) . 2009-02-05 08:58 . 2009-02-05 08:58 <REP> d-------- c:\program files\AxBx 2009-02-04 19:13 . 2009-02-04 19:13 <REP> d-------- c:\documents and settings\Renato\Application Data\IsolatedStorage 2009-02-04 19:12 . 2009-02-04 19:12 <REP> d-------- c:\windows\system32\URTTEMP 2009-02-04 19:08 . 2009-02-04 19:08 <REP> d-------- c:\program files\Symantec 2009-02-04 19:08 . 2009-02-04 19:08 <REP> d-------- c:\program files\Fichiers communs\Symantec Shared 2009-02-04 18:56 . 2009-02-05 10:49 <REP> d--h----- c:\documents and settings\Renato\Application Data\drivers 2009-01-30 14:44 . 2004-08-19 15:55 274,944 --a------ c:\windows\system32\drivers\bthport.sys 2009-01-30 14:44 . 2004-08-19 16:09 154,112 --a------ c:\windows\system32\irftp.exe 2009-01-30 14:44 . 2004-08-03 22:58 100,992 --a------ c:\windows\system32\drivers\bthpan.sys 2009-01-30 14:44 . 2004-08-03 23:10 59,648 --a------ c:\windows\system32\drivers\rfcomm.sys 2009-01-30 14:44 . 2004-08-19 16:09 28,160 --a------ c:\windows\system32\irmon.dll 2009-01-30 14:44 . 2004-08-03 23:10 18,944 --a------ c:\windows\system32\drivers\BTHUSB.SYS 2009-01-30 14:44 . 2004-08-03 23:10 17,024 --a------ c:\windows\system32\drivers\BthEnum.sys 2009-01-30 14:44 . 2004-08-19 16:09 8,192 --a------ c:\windows\system32\wshirda.dll 2009-01-21 15:54 . 2009-01-21 15:54 <REP> d-------- c:\documents and settings\Renato\Application Data\DassaultSystemes 2009-01-21 15:54 . 2009-01-21 15:54 <REP> d-------- c:\documents and settings\All Users\Application Data\DassaultSystemes 2009-01-12 09:59 . 2009-01-12 09:59 <REP> d-------- c:\program files\SlySoft . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-05 11:58 35,354,656 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-02-05 11:38 422,828 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-02-04 19:52 --------- d-----w c:\program files\ALZip 2009-02-04 16:21 --------- d-----w c:\program files\eMule 2009-02-02 12:41 --------- d-----w c:\program files\Radio Fr Solo 2009-01-30 14:11 4,401,915 ----a-w c:\windows\Internet Logs\tvDebug.zip 2009-01-24 02:57 766,464 ----a-w c:\windows\Internet Logs\xDB6.tmp 2009-01-09 07:18 2,642,432 ----a-w c:\windows\Internet Logs\xDB5.tmp 2009-01-02 13:40 --------- d-----w c:\program files\Brother 2009-01-02 13:39 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-02 13:39 --------- d-----w c:\program files\Fichiers communs\InstallShield 2009-01-02 13:39 --------- d-----w c:\program files\Common Files 2009-01-02 13:37 --------- d-----w c:\program files\ScanSoft 2009-01-02 13:37 --------- d-----w c:\program files\Fichiers communs\ScanSoft Shared 2009-01-02 13:37 --------- d-----w c:\documents and settings\All Users\Application Data\ScanSoft 2009-01-02 13:37 --------- d-----w c:\documents and settings\All Users\Application Data\InstallShield 2009-01-02 13:36 --------- d-----w c:\documents and settings\All Users\Application Data\Brother 2008-12-26 20:37 --------- d-----w c:\documents and settings\Renato\Application Data\MiniLyrics 2008-12-26 18:47 --------- d-----w c:\program files\Minilyrics 2008-12-26 12:40 --------- d-----w c:\program files\TELL ME MORE NV ANGLAIS PRESTIGE 2008-12-26 12:39 4,608 ----a-w c:\windows\system32\w95inf32.dll 2008-12-26 12:39 2,272 ----a-w c:\windows\system32\w95inf16.dll 2008-12-26 09:22 --------- d-----w c:\program files\Larousse 2008-12-26 09:14 --------- d-----w c:\program files\Power Translator 10 . ------- Sigcheck ------- 2005-06-28 17:56 359808 77c0c5e7d6cfe2052b8cf28b8722f528 c:\windows\system32\drivers\tcpip.sys 2007-07-18 20:14 506368 fa7c7c2b461130a792adf6a28f1d652b c:\windows\system32\winlogon.exe 2007-08-06 10:51 3256832 7c56d56d6be0760ddf9a37344731bd3f c:\windows\explorer.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360] "LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392] "LClock"="lclock.exe" [2004-12-08 c:\windows\LClock.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8491008] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-05 919016] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-06-17 98304] "SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_05\bin\jusched.exe" [2004-06-03 32881] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "Anti-Blaxx Manager"="c:\program files\Anti-Blaxx\Anti-Blaxx.exe" [2005-05-18 208896] "VirtualCloneDrive"="c:\program files\VirtualCloneDrive\VCDDaemon.exe" [2005-04-12 45056] "SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960] "SetDefPrt"="c:\program files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 49152] "ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 933888] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-06-17 151597] "CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 57344] "Norton Ghost 9.0"="c:\program files\Symantec\Norton Ghost\Agent\GhostTray.exe" [2009-02-05 1122304] "nwiz"="nwiz.exe" [2007-10-04 c:\windows\system32\nwiz.exe] "RTHDCPL"="RTHDCPL.EXE" [2008-03-06 c:\windows\RTHDCPL.exe] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 c:\windows\system32\bthprops.cpl] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "LSD_III"="c:\windows\LSD\end.cmd" [2007-08-07 2336] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-19 44544] "nltide_3"="advpack.dll" [2006-10-27 c:\windows\system32\advpack.dll] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Contr“leur d'‚tat.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2009-01-02 802816] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoSMBalloonTip"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.X264"= x264vfw.dll "VIDC.3iv2"= 3ivxVfWCodec.dll "VIDC.VP31"= vp31vfw.dll "msacm.l3fhg"= mp3fhg.acm [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk backup=c:\windows\pss\Windows Desktop Search.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Renato^Menu Démarrer^Programmes^Démarrage^Moteur du Planificateur de tâches SolidWorks.lnk] path=c:\documents and settings\Renato\Menu Démarrer\Programmes\Démarrage\Moteur du Planificateur de tâches SolidWorks.lnk backup=c:\windows\pss\Moteur du Planificateur de tâches SolidWorks.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM] --a------ 2007-03-20 15:40 1884160 c:\progra~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SolidWorks_CheckForUpdates] -ra------ 2007-09-10 19:15 6460696 c:\program files\Fichiers communs\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2008-06-17 09:54 151597 c:\program files\Fichiers communs\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Fichiers communs\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"= "c:\\Program Files\\eMule\\emule.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server "3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server "50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server "50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server R1 PQIMount;PQIMount;c:\windows\system32\drivers\PQIMount.sys [2004-08-02 46779] R2 Remote Solver for COSMOSFloWorks 2007;Remote Solver for COSMOSFloWorks 2007;c:\program files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe [2007-07-23 675840] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [2006-02-14 2825088] S0 PQV2i;PQV2i;c:\windows\system32\drivers\PQV2i.sys [2004-08-02 138780] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe" . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr uInternet Connection Wizard,ShellNext = hxxp://www.google.fr/ uSearchURL,(Default) = hxxp://www.google.fr/keyword/%s IE: Ajouter au fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 IE: Easy-WebPrint Ajouter à la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html IE: Easy-WebPrint Prévisualiser - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html FF - ProfilePath - c:\documents and settings\Renato\Application Data\Mozilla\Firefox\Profiles\sz9plwkz.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig?hl=fr&source=iglk FF - plugin: c:\program files\Java\j2re1.4.2_05\bin\NPJava11.dll FF - plugin: c:\program files\Java\j2re1.4.2_05\bin\NPJava12.dll FF - plugin: c:\program files\Java\j2re1.4.2_05\bin\NPJava13.dll FF - plugin: c:\program files\Java\j2re1.4.2_05\bin\NPJava14.dll FF - plugin: c:\program files\Java\j2re1.4.2_05\bin\NPJava32.dll FF - plugin: c:\program files\Java\j2re1.4.2_05\bin\NPJPI142_05.dll FF - plugin: c:\program files\Java\j2re1.4.2_05\bin\NPOJI610.dll FF - plugin: c:\program files\Real\RealOne Player\Netscape6\nppl3260.dll FF - plugin: c:\program files\Real\RealOne Player\Netscape6\nprjplug.dll FF - plugin: c:\program files\Real\RealOne Player\Netscape6\nprpjplug.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-05 12:57:55 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2009-02-05 12:59:42 ComboFix-quarantined-files.txt 2009-02-05 11:59:39 ComboFix2.txt 2009-02-05 10:00:01 Avant-CF: 45,447,962,624 octets libres Après-CF: 45,434,929,152 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect /kernel=ntkrnlmp.exe 203

J'ai fait ce que tu me disais, Dans le registre, la valeur était bien passée à 4 J'ai ensuite essayé d'installer la console, Alarme concernant la présence du scanneur antivir Comme j'avais deja eu le Pb avant et que je supposais que c'était qui avait buggé l'install de la console, J'ai desinstallé antivir avec ccleaner Il a demandé a rebooter Au re boot, plus de connexion à nouveau et clé de registre pourtant à 3 @+

Je n'arrive pas à naviguer sur le web (ni ie, ni mozilla) sur le pc, même si il m'indique connexion OK, le débit est quasi nul

ComboFix 09-02-04.01 - Renato 2009-02-05 10:47:20.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1023.750 [GMT 1:00] Lancé depuis: c:\documents and settings\Renato\Bureau\Amarillo-CF.exe AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) FW: ZoneAlarm Firewall *enabled* * Un nouveau point de restauration a été créé AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Renato\Application Data\drivers\downld c:\documents and settings\Renato\Application Data\drivers\downld\105937.exe c:\documents and settings\Renato\Application Data\drivers\downld\107203.exe c:\documents and settings\Renato\Application Data\drivers\downld\107281.exe c:\documents and settings\Renato\Application Data\drivers\downld\108078.exe c:\documents and settings\Renato\Application Data\drivers\downld\109421.exe c:\documents and settings\Renato\Application Data\drivers\downld\109437.exe c:\documents and settings\Renato\Application Data\drivers\downld\118125.exe c:\documents and settings\Renato\Application Data\drivers\downld\119578.exe c:\documents and settings\Renato\Application Data\drivers\downld\119968.exe c:\documents and settings\Renato\Application Data\drivers\downld\123750.exe c:\documents and settings\Renato\Application Data\drivers\downld\134546.exe c:\documents and settings\Renato\Application Data\drivers\downld\135343.exe c:\documents and settings\Renato\Application Data\drivers\downld\135671.exe c:\documents and settings\Renato\Application Data\drivers\downld\139234.exe c:\documents and settings\Renato\Application Data\drivers\downld\139593.exe c:\documents and settings\Renato\Application Data\drivers\downld\158234.exe c:\documents and settings\Renato\Application Data\drivers\downld\158968.exe c:\documents and settings\Renato\Application Data\drivers\downld\159421.exe c:\documents and settings\Renato\Application Data\drivers\downld\237531.exe c:\documents and settings\Renato\Application Data\drivers\downld\249468.exe c:\documents and settings\Renato\Application Data\drivers\downld\249734.exe c:\documents and settings\Renato\Application Data\drivers\downld\249890.exe c:\documents and settings\Renato\Application Data\drivers\downld\266843.exe c:\documents and settings\Renato\Application Data\drivers\downld\269796.exe c:\documents and settings\Renato\Application Data\drivers\downld\269812.exe c:\documents and settings\Renato\Application Data\drivers\downld\282250.exe c:\documents and settings\Renato\Application Data\drivers\downld\282921.exe c:\documents and settings\Renato\Application Data\drivers\downld\282937.exe c:\documents and settings\Renato\Application Data\drivers\downld\285000.exe c:\documents and settings\Renato\Application Data\drivers\downld\285640.exe c:\documents and settings\Renato\Application Data\drivers\downld\285671.exe c:\documents and settings\Renato\Application Data\drivers\downld\294343.exe c:\documents and settings\Renato\Application Data\drivers\downld\295640.exe c:\documents and settings\Renato\Application Data\drivers\downld\296078.exe c:\documents and settings\Renato\Application Data\drivers\downld\296765.exe c:\documents and settings\Renato\Application Data\drivers\downld\297546.exe c:\documents and settings\Renato\Application Data\drivers\downld\297968.exe c:\documents and settings\Renato\Application Data\drivers\downld\298640.exe c:\documents and settings\Renato\Application Data\drivers\downld\299234.exe c:\documents and settings\Renato\Application Data\drivers\downld\299343.exe c:\documents and settings\Renato\Application Data\drivers\downld\299843.exe c:\documents and settings\Renato\Application Data\drivers\downld\300031.exe c:\documents and settings\Renato\Application Data\drivers\downld\301937.exe c:\documents and settings\Renato\Application Data\drivers\downld\302562.exe c:\documents and settings\Renato\Application Data\drivers\downld\302578.exe c:\documents and settings\Renato\Application Data\drivers\downld\311406.exe c:\documents and settings\Renato\Application Data\drivers\downld\313015.exe c:\documents and settings\Renato\Application Data\drivers\downld\313515.exe c:\documents and settings\Renato\Application Data\drivers\downld\314218.exe c:\documents and settings\Renato\Application Data\drivers\downld\314421.exe c:\documents and settings\Renato\Application Data\drivers\downld\315265.exe c:\documents and settings\Renato\Application Data\drivers\downld\315328.exe c:\documents and settings\Renato\Application Data\drivers\downld\315671.exe c:\documents and settings\Renato\Application Data\drivers\downld\315718.exe c:\documents and settings\Renato\Application Data\drivers\downld\316406.exe c:\documents and settings\Renato\Application Data\drivers\downld\317234.exe c:\documents and settings\Renato\Application Data\drivers\downld\317609.exe c:\documents and settings\Renato\Application Data\drivers\downld\332953.exe c:\documents and settings\Renato\Application Data\drivers\downld\333515.exe c:\documents and settings\Renato\Application Data\drivers\downld\333843.exe c:\documents and settings\Renato\Application Data\drivers\downld\358656.exe c:\documents and settings\Renato\Application Data\drivers\downld\364531.exe c:\documents and settings\Renato\Application Data\drivers\downld\368546.exe c:\documents and settings\Renato\Application Data\drivers\downld\370203.exe c:\documents and settings\Renato\Application Data\drivers\downld\373031.exe c:\documents and settings\Renato\Application Data\drivers\downld\375109.exe c:\documents and settings\Renato\Application Data\drivers\downld\378328.exe c:\documents and settings\Renato\Application Data\drivers\downld\381500.exe c:\documents and settings\Renato\Application Data\drivers\downld\382265.exe c:\documents and settings\Renato\Application Data\drivers\downld\383078.exe c:\documents and settings\Renato\Application Data\drivers\downld\383546.exe c:\documents and settings\Renato\Application Data\drivers\downld\384765.exe c:\documents and settings\Renato\Application Data\drivers\downld\388015.exe c:\documents and settings\Renato\Application Data\drivers\downld\393656.exe c:\documents and settings\Renato\Application Data\drivers\downld\395046.exe c:\documents and settings\Renato\Application Data\drivers\downld\395421.exe c:\documents and settings\Renato\Application Data\drivers\srosa2.sys c:\documents and settings\Renato\Application Data\drivers\wfsintwq.sys c:\documents and settings\Renato\Application Data\drivers\winupgro.exe c:\documents and settings\Renato\Application Data\m c:\documents and settings\Renato\Application Data\m\data.oct c:\documents and settings\Renato\Application Data\m\flec006.exe c:\documents and settings\Renato\Application Data\m\list.oct c:\documents and settings\Renato\Application Data\m\shared\.zip c:\documents and settings\Renato\Application Data\m\shared\1-abc.net File Divider 1.01.zip c:\documents and settings\Renato\Application Data\m\shared\1394 Delayed Write Stress Tester 1.0.001.zip c:\documents and settings\Renato\Application Data\m\shared\3D Night Before Christmas 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\A4 Flash Menu Builder 2.33.zip c:\documents and settings\Renato\Application Data\m\shared\Active Sound Recorder for .NET 2.3.0.4.zip c:\documents and settings\Renato\Application Data\m\shared\ActiveSend Personal 7.1.zip c:\documents and settings\Renato\Application Data\m\shared\AptiStock 1.13.zip c:\documents and settings\Renato\Application Data\m\shared\Avast.Profesional.4.7.+.serial.zip c:\documents and settings\Renato\Application Data\m\shared\Badger 2.0.zip c:\documents and settings\Renato\Application Data\m\shared\Blue Cat's Widening Triple EQ 2.1.zip c:\documents and settings\Renato\Application Data\m\shared\Business Network SDK 1.0 SP1.zip c:\documents and settings\Renato\Application Data\m\shared\C# School 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\Campaign News 1.0.0.0.zip c:\documents and settings\Renato\Application Data\m\shared\CAT Management System 3.1.zip c:\documents and settings\Renato\Application Data\m\shared\Chinese Teacher 2007 65.zip c:\documents and settings\Renato\Application Data\m\shared\CJA Billing 1.15.zip c:\documents and settings\Renato\Application Data\m\shared\Climate Change Stopper 1.10.zip c:\documents and settings\Renato\Application Data\m\shared\ComboPro ActiveX Controls Suite 1.0.2.1.zip c:\documents and settings\Renato\Application Data\m\shared\Compas Pro 3.0.zip c:\documents and settings\Renato\Application Data\m\shared\Convert Unix Time 1.4.zip c:\documents and settings\Renato\Application Data\m\shared\Creative DW Image Show 1.0.0.zip c:\documents and settings\Renato\Application Data\m\shared\Cryptomax 1.5.2.zip c:\documents and settings\Renato\Application Data\m\shared\Data Export - Paradox2Oracle 1.2.zip c:\documents and settings\Renato\Application Data\m\shared\Date Reminder 1.1.0.4.zip c:\documents and settings\Renato\Application Data\m\shared\Directify 0.0.2 beta.zip c:\documents and settings\Renato\Application Data\m\shared\DNS-O-Matic Updater 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\Dxf2Bom 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\Easy Unicode Paster 2.1.0.0.zip c:\documents and settings\Renato\Application Data\m\shared\Effective-WebPage 1.000079.zip c:\documents and settings\Renato\Application Data\m\shared\Email Xray 2.6.0.zip c:\documents and settings\Renato\Application Data\m\shared\eMail2Pop 3.34b.zip c:\documents and settings\Renato\Application Data\m\shared\Euro Collector 2002 1.2.7.zip c:\documents and settings\Renato\Application Data\m\shared\FairStars Audio Converter 1.77.zip c:\documents and settings\Renato\Application Data\m\shared\FastChords Lite 3.0.0.0.zip c:\documents and settings\Renato\Application Data\m\shared\FolderMon 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\foo uie albumart 0.2.7.1.zip c:\documents and settings\Renato\Application Data\m\shared\Godaddy.com Domain Name Search 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\Helper Functions 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\HexEdit 1.zip c:\documents and settings\Renato\Application Data\m\shared\Igor Tolmachev's EXIF Date Changer 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\Image Editor and Converter Pro 1.3.zip c:\documents and settings\Renato\Application Data\m\shared\Indian Banks 1.0.0.0.zip c:\documents and settings\Renato\Application Data\m\shared\Induction 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\Insert Formatted Clipboard 1.0.0.0.zip c:\documents and settings\Renato\Application Data\m\shared\InstallAware Setup Squeezer for InstallShield 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\ITimerPro 2.6.0.3.zip c:\documents and settings\Renato\Application Data\m\shared\iZotope Vinyl for Winamp 2 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\Java Scientific Calculator 2.1.6.zip c:\documents and settings\Renato\Application Data\m\shared\KNSD NBC San Diego 7.09.17.zip c:\documents and settings\Renato\Application Data\m\shared\LEGO Digital Designer 2.3.zip c:\documents and settings\Renato\Application Data\m\shared\LensProIII 3.85.zip c:\documents and settings\Renato\Application Data\m\shared\LingvoSoft Dictionary 2008 English - Estonian 4.1.29.zip c:\documents and settings\Renato\Application Data\m\shared\LingvoSoft Talking Picture Dictionary 2008 German - French 1.2.25.zip c:\documents and settings\Renato\Application Data\m\shared\Los Padres Bank Mortgage Rates 1.6.zip c:\documents and settings\Renato\Application Data\m\shared\Lotto Calculator 1.02.zip c:\documents and settings\Renato\Application Data\m\shared\M2 RegX 2.0.zip c:\documents and settings\Renato\Application Data\m\shared\m9P Zipper 1.0.0.20.zip c:\documents and settings\Renato\Application Data\m\shared\MAC DOCK 2.0.zip c:\documents and settings\Renato\Application Data\m\shared\Mad Minute 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\McAfee.VirusScan.2005.(v9.0).zip c:\documents and settings\Renato\Application Data\m\shared\MciRecorder 1.75.zip c:\documents and settings\Renato\Application Data\m\shared\Media Maestro LSX 1.0.6.3.zip c:\documents and settings\Renato\Application Data\m\shared\Microsoft Active Directory Migration Tool 3.1.zip c:\documents and settings\Renato\Application Data\m\shared\Mihov Mail Sender 0.8.zip c:\documents and settings\Renato\Application Data\m\shared\miniNetStat 2.1.1.zip c:\documents and settings\Renato\Application Data\m\shared\Mobile Diccionario Castellano 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\MP3 Search & Play PRO 6.0.0.zip c:\documents and settings\Renato\Application Data\m\shared\MPEG RM WMV iPod 3GP MP4 Flash Converter 4.94.zip c:\documents and settings\Renato\Application Data\m\shared\Music DVD Creator 5.60.zip c:\documents and settings\Renato\Application Data\m\shared\MusicMagic Mixer 1.1.4.zip c:\documents and settings\Renato\Application Data\m\shared\MvTools 1.4.1.3.zip c:\documents and settings\Renato\Application Data\m\shared\MyPhoto Calendars 4.0.8.zip c:\documents and settings\Renato\Application Data\m\shared\Nokia 6230 & 6230i GameLoft XIII.zip c:\documents and settings\Renato\Application Data\m\shared\OnlineCall 2.50.7.zip c:\documents and settings\Renato\Application Data\m\shared\optName 2.0.1.zip c:\documents and settings\Renato\Application Data\m\shared\Outlook Express Backup Pro 5.5.zip c:\documents and settings\Renato\Application Data\m\shared\Outlook TabCal 50615.0453.zip c:\documents and settings\Renato\Application Data\m\shared\Panda.-.Amantes.Sunt.Amentes.2006.192kbps.emulemexico.zip c:\documents and settings\Renato\Application Data\m\shared\PasswordsPro 2.4.4.1.zip c:\documents and settings\Renato\Application Data\m\shared\PC iMail 2006.zip c:\documents and settings\Renato\Application Data\m\shared\Perfect System Info 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\Personal Serial Communications Library for VBDOS 6.2.zip c:\documents and settings\Renato\Application Data\m\shared\PictureRSS Gadget 1.2.zip c:\documents and settings\Renato\Application Data\m\shared\Playboy Slot Machine nokia n70 176-208 s60v2.zip c:\documents and settings\Renato\Application Data\m\shared\Portable Optima 2.52.zip c:\documents and settings\Renato\Application Data\m\shared\Portable Revo Uninstaller 1.75.zip c:\documents and settings\Renato\Application Data\m\shared\Postscript to Text Converter SDK Developer License 2.0.zip c:\documents and settings\Renato\Application Data\m\shared\Professional News Ticker Applet 3.2.zip c:\documents and settings\Renato\Application Data\m\shared\PSD Import 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\QuickZip 1.1 Beta.zip c:\documents and settings\Renato\Application Data\m\shared\Radar 1.7.zip c:\documents and settings\Renato\Application Data\m\shared\RegBooster 2.1.zip c:\documents and settings\Renato\Application Data\m\shared\Rhapzode 2007 3.0.0 Build 2764.zip c:\documents and settings\Renato\Application Data\m\shared\River Past Crazi Video for iPhone 2.7.16.1904.zip c:\documents and settings\Renato\Application Data\m\shared\ROM BIOS Explorer 2.2.zip c:\documents and settings\Renato\Application Data\m\shared\Romantic Clock ScreenSaver 2.3.zip c:\documents and settings\Renato\Application Data\m\shared\San Francisco News.zip c:\documents and settings\Renato\Application Data\m\shared\SHOP.COMpanion 1.0.5.zip c:\documents and settings\Renato\Application Data\m\shared\Simple Clock Opera Widget 1.1.zip c:\documents and settings\Renato\Application Data\m\shared\SiteSentry 2000 1.4.zip c:\documents and settings\Renato\Application Data\m\shared\SlowBlast! Plus 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\squidutils 1.08.zip c:\documents and settings\Renato\Application Data\m\shared\SS Random Password Generator 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\StoryView 2.0.zip c:\documents and settings\Renato\Application Data\m\shared\Symantec.AntiVirus.Corporate.Edition.v9.0.1400.zip c:\documents and settings\Renato\Application Data\m\shared\TechTalkz ForumNavigator 1.2.zip c:\documents and settings\Renato\Application Data\m\shared\Telist Pro 6.0.0.zip c:\documents and settings\Renato\Application Data\m\shared\TestMailer 1.4.4.zip c:\documents and settings\Renato\Application Data\m\shared\This Land 2.0.zip c:\documents and settings\Renato\Application Data\m\shared\TK8 Safe 3.1.1.zip c:\documents and settings\Renato\Application Data\m\shared\Tomtom Mobile 2006 Para Nokia 6600-6630-6670-6680 Mapa Espana v4.5.zip c:\documents and settings\Renato\Application Data\m\shared\Top1000 Mobile Handy Games (Java) Nokia Siemens Sony Motorola Uvm German Part16.zip c:\documents and settings\Renato\Application Data\m\shared\Tradetouch SkypeKey Driver 3.0.zip c:\documents and settings\Renato\Application Data\m\shared\TypeFaster 0.42.zip c:\documents and settings\Renato\Application Data\m\shared\Unforgiven Organizer 28.zip c:\documents and settings\Renato\Application Data\m\shared\upload].zip c:\documents and settings\Renato\Application Data\m\shared\VidsGuard 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\WB Charmed 1.0.zip c:\documents and settings\Renato\Application Data\m\shared\WinAmp File Copy 1.6.zip c:\documents and settings\Renato\Application Data\m\shared\WinUtilities EXE Protector 2.1.zip c:\documents and settings\Renato\Application Data\m\shared\World Wire 5.zip c:\documents and settings\Renato\Application Data\m\shared\XFlows 3.01.zip c:\documents and settings\Renato\Application Data\m\shared\Xinha Here! 0.10.0.zip c:\documents and settings\Renato\Application Data\m\shared\Xtream Player 0.9 Beta 3.zip c:\documents and settings\Renato\Application Data\m\shared\Younicate 0.8 Beta.zip c:\documents and settings\Renato\Application Data\m\shared\Zonealarm.With.Antivirus.v6.0.631.002.Incl.Keymaker-Zwt.zip c:\documents and settings\Renato\Application Data\m\srvlist.oct c:\windows\system32\drivers\down c:\windows\system32\drivers\down\255171.exe c:\windows\system32\drivers\down\311234.exe c:\windows\system32\mdelk.exe c:\windows\system32\wintems.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_SROSA -------\Legacy_SROSA -------\Legacy_SK9OU0S -------\Service_sK9Ou0s ((((((((((((((((((((((((((((( Fichiers créés du 2009-01-05 au 2009-02-05 )))))))))))))))))))))))))))))))))))) . 2009-02-05 08:58 . 2009-02-05 08:58 <REP> d-------- c:\program files\AxBx 2009-02-04 19:13 . 2009-02-04 19:13 <REP> d-------- c:\documents and settings\Renato\Application Data\IsolatedStorage 2009-02-04 19:12 . 2009-02-04 19:12 <REP> d-------- c:\windows\system32\URTTEMP 2009-02-04 19:08 . 2009-02-04 19:08 <REP> d-------- c:\program files\Symantec 2009-02-04 19:08 . 2009-02-04 19:08 <REP> d-------- c:\program files\Fichiers communs\Symantec Shared 2009-02-04 18:56 . 2009-02-05 10:49 <REP> d--h----- c:\documents and settings\Renato\Application Data\drivers 2009-01-30 14:44 . 2004-08-19 15:55 274,944 --a------ c:\windows\system32\drivers\bthport.sys 2009-01-30 14:44 . 2004-08-19 16:09 154,112 --a------ c:\windows\system32\irftp.exe 2009-01-30 14:44 . 2004-08-03 22:58 100,992 --a------ c:\windows\system32\drivers\bthpan.sys 2009-01-30 14:44 . 2004-08-03 23:10 59,648 --a------ c:\windows\system32\drivers\rfcomm.sys 2009-01-30 14:44 . 2004-08-19 16:09 28,160 --a------ c:\windows\system32\irmon.dll 2009-01-30 14:44 . 2004-08-03 23:10 18,944 --a------ c:\windows\system32\drivers\BTHUSB.SYS 2009-01-30 14:44 . 2004-08-03 23:10 17,024 --a------ c:\windows\system32\drivers\BthEnum.sys 2009-01-30 14:44 . 2004-08-19 16:09 8,192 --a------ c:\windows\system32\wshirda.dll 2009-01-21 15:54 . 2009-01-21 15:54 <REP> d-------- c:\documents and settings\Renato\Application Data\DassaultSystemes 2009-01-21 15:54 . 2009-01-21 15:54 <REP> d-------- c:\documents and settings\All Users\Application Data\DassaultSystemes 2009-01-12 09:59 . 2009-01-12 09:59 <REP> d-------- c:\program files\SlySoft . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-05 09:55 35,180,576 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-02-05 09:52 421,556 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-02-04 19:52 --------- d-----w c:\program files\ALZip 2009-02-04 16:21 --------- d-----w c:\program files\eMule 2009-02-02 12:41 --------- d-----w c:\program files\Radio Fr Solo 2009-01-30 14:11 4,401,915 ----a-w c:\windows\Internet Logs\tvDebug.zip 2009-01-24 02:57 766,464 ----a-w c:\windows\Internet Logs\xDB6.tmp 2009-01-09 07:18 2,642,432 ----a-w c:\windows\Internet Logs\xDB5.tmp 2009-01-02 13:40 --------- d-----w c:\program files\Brother 2009-01-02 13:39 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-02 13:39 --------- d-----w c:\program files\Fichiers communs\InstallShield 2009-01-02 13:39 --------- d-----w c:\program files\Common Files 2009-01-02 13:37 --------- d-----w c:\program files\ScanSoft 2009-01-02 13:37 --------- d-----w c:\program files\Fichiers communs\ScanSoft Shared 2009-01-02 13:37 --------- d-----w c:\documents and settings\All Users\Application Data\ScanSoft 2009-01-02 13:37 --------- d-----w c:\documents and settings\All Users\Application Data\InstallShield 2009-01-02 13:36 --------- d-----w c:\documents and settings\All Users\Application Data\Brother 2008-12-26 20:37 --------- d-----w c:\documents and settings\Renato\Application Data\MiniLyrics 2008-12-26 18:47 --------- d-----w c:\program files\Minilyrics 2008-12-26 12:40 --------- d-----w c:\program files\TELL ME MORE NV ANGLAIS PRESTIGE 2008-12-26 09:22 --------- d-----w c:\program files\Larousse 2008-12-26 09:14 --------- d-----w c:\program files\Power Translator 10 . ------- Sigcheck ------- 2005-06-28 17:56 359808 77c0c5e7d6cfe2052b8cf28b8722f528 c:\windows\system32\drivers\tcpip.sys 2007-07-18 20:14 506368 fa7c7c2b461130a792adf6a28f1d652b c:\windows\system32\winlogon.exe 2007-08-06 10:51 3256832 7c56d56d6be0760ddf9a37344731bd3f c:\windows\explorer.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360] "LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392] "LClock"="lclock.exe" [2004-12-08 c:\windows\LClock.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8491008] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2009-02-05 266497] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-05 919016] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-06-17 98304] "SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_05\bin\jusched.exe" [2004-06-03 32881] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "Anti-Blaxx Manager"="c:\program files\Anti-Blaxx\Anti-Blaxx.exe" [2005-05-18 208896] "VirtualCloneDrive"="c:\program files\VirtualCloneDrive\VCDDaemon.exe" [2005-04-12 45056] "SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960] "SetDefPrt"="c:\program files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 49152] "ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 933888] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-06-17 151597] "CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 57344] "Norton Ghost 9.0"="c:\program files\Symantec\Norton Ghost\Agent\GhostTray.exe" [2009-02-05 1122304] "nwiz"="nwiz.exe" [2007-10-04 c:\windows\system32\nwiz.exe] "RTHDCPL"="RTHDCPL.EXE" [2008-03-06 c:\windows\RTHDCPL.exe] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 c:\windows\system32\bthprops.cpl] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "LSD_III"="c:\windows\LSD\end.cmd" [2007-08-07 2336] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-19 44544] "nltide_3"="advpack.dll" [2006-10-27 c:\windows\system32\advpack.dll] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Contr“leur d'‚tat.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2009-01-02 802816] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoSMBalloonTip"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.X264"= x264vfw.dll "VIDC.3iv2"= 3ivxVfWCodec.dll "VIDC.VP31"= vp31vfw.dll "msacm.l3fhg"= mp3fhg.acm [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk backup=c:\windows\pss\Windows Desktop Search.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Renato^Menu Démarrer^Programmes^Démarrage^Moteur du Planificateur de tâches SolidWorks.lnk] path=c:\documents and settings\Renato\Menu Démarrer\Programmes\Démarrage\Moteur du Planificateur de tâches SolidWorks.lnk backup=c:\windows\pss\Moteur du Planificateur de tâches SolidWorks.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM] --a------ 2007-03-20 15:40 1884160 c:\progra~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SolidWorks_CheckForUpdates] -ra------ 2007-09-10 19:15 6460696 c:\program files\Fichiers communs\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2008-06-17 09:54 151597 c:\program files\Fichiers communs\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Fichiers communs\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"= "c:\\Program Files\\eMule\\emule.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server "3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server "50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server "50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server R1 PQIMount;PQIMount;c:\windows\system32\drivers\PQIMount.sys [2004-08-02 46779] R2 Remote Solver for COSMOSFloWorks 2007;Remote Solver for COSMOSFloWorks 2007;c:\program files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe [2007-07-23 675840] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [2006-02-14 2825088] S0 PQV2i;PQV2i;c:\windows\system32\drivers\PQV2i.sys [2004-08-02 138780] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe" . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr uInternet Connection Wizard,ShellNext = hxxp://www.google.fr/ uSearchURL,(Default) = hxxp://www.google.fr/keyword/%s IE: Ajouter au fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 IE: Easy-WebPrint Ajouter à la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html IE: Easy-WebPrint Prévisualiser - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html FF - ProfilePath - c:\documents and settings\Renato\Application Data\Mozilla\Firefox\Profiles\sz9plwkz.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig?hl=fr&source=iglk FF - plugin: c:\program files\Java\j2re1.4.2_05\bin\NPJava11.dll FF - plugin: c:\program files\Java\j2re1.4.2_05\bin\NPJava12.dll FF - plugin: c:\program files\Java\j2re1.4.2_05\bin\NPJava13.dll FF - plugin: c:\program files\Java\j2re1.4.2_05\bin\NPJava14.dll FF - plugin: c:\program files\Java\j2re1.4.2_05\bin\NPJava32.dll FF - plugin: c:\program files\Java\j2re1.4.2_05\bin\NPJPI142_05.dll FF - plugin: c:\program files\Java\j2re1.4.2_05\bin\NPOJI610.dll FF - plugin: c:\program files\Real\RealOne Player\Netscape6\nppl3260.dll FF - plugin: c:\program files\Real\RealOne Player\Netscape6\nprjplug.dll FF - plugin: c:\program files\Real\RealOne Player\Netscape6\nprpjplug.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-05 10:54:15 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\brss01a.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\drivers\CDANTSRV.EXE c:\windows\system32\gearsec.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe c:\windows\system32\nvsvc32.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe c:\windows\system32\searchindexer.exe c:\windows\system32\rundll32.exe c:\windows\system32\rundll32.exe c:\program files\Brother\Brmfcmon\BrMfcMon.exe c:\program files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe . ************************************************************************** . Heure de fin: 2009-02-05 11:00:00 - La machine a redémarré ComboFix-quarantined-files.txt 2009-02-05 09:59:56 Avant-CF: 41,531,682,816 octets libres Après-CF: 42,351,718,400 octets libres 439

Je poste le rapport içi ?

Il me demande de connecter mon PC sur le Net?

Combo fix detecte le sca Pardon Combo fix detecte le scanneur Avira Antivir et previent des dommages que cela pourrait occasionner. Ctrl+Alt+Del = Pas d'antivir dans les processus en cours ! Merci

Le PC a l'air de rester stable même si je n'ai pas vraiment vérifié (je n'ai pas voulu le laisser branché cette nuit). Ce PC a été deconnecté du réseau Je peux transferer un exe via l'USB

Bonjour, Mon fils a infecté le PC avec 1 .exe Les symptomes : - Le PC a re-booté - Plus de Firewall ni d'antivirus au demarrage (Zone Alarm free et Antivir free) - Ces applications, ainsi que ccleaner ou multi virus cleaner, ne peuvent s'executer : ce *.exe n'est pas une application win 32 valide - En mode sans echec, je bug sur un ecran bleu (systematique) - J'ai demarré sur un Linux Kaella mais, bien sur, il ne peut executer multi virus cleaner ! Quelle solution SVP ? Un analyseur sous kaella ? D'avance merci