patarchange29

je ne sais pas si avant, send file, je dois ouvrir le fichier je prefere attendre ta reponse

bonjour thanos,non l ordi marche bien y a pas de probleme je disais qu il depotait bien qu il marchait nickel quoi la par contre j ai un soucis je n arrive pas a faire ce que tu me dis je bloque apres avoir copier coller C:\spry.exe dans choisir un fichier en bas, ensuite je ne peux pas cliquer sur send file dans l autre fenetre je dois mal m y prendre je suis bloque

bonsoir thanos bien je pensais que tout etait nickel,depuis hier l ordi depote a bloc, je dois devenir parano 5 analyses antivirus depuis hier soir et pareil avac mbam tout est nickel ils ne detectent rien a part 5 warnings avec antivir je sais pas ce que c est mais la avec les analyses que tu m as demande je crois qu il ya encore pas mal de virus bon enfin j espere qu on en arrivera a bout je vais finir par mettre un code sur mon ordi ,puique la c est a moi la merde quand ca ne marche plus!!! je te poste les rapports que tu m as demande et encore merci pour le temps passé Suomi | ihMdI | | עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español | English Virustotal est un service qui analyse les fichiers suspects et facilite la détection rapide des virus, vers, chevaux de Troie et toutes sortes de malwares détectés par les moteurs antivirus. Plus d'informations... Fichier svchost.exe reçu le 2009.04.17 00:00:16 (CET) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 0/40 (0%) en train de charger les informations du serveur... Votre fichier est dans la file d'attente, en position: 1. L'heure estimée de démarrage est entre 42 et 60 secondes. Ne fermez pas la fenêtre avant la fin de l'analyse. L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats. Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. Votre fichier est, en ce moment, en cours d'analyse par VirusTotal, les résultats seront affichés au fur et à mesure de leur génération. Formaté Impression des résultats Votre fichier a expiré ou n'existe pas. Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie. Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email: Antivirus Version Dernière mise à jour Résultat a-squared 4.0.0.101 2009.04.16 - AhnLab-V3 5.0.0.2 2009.04.16 - AntiVir 7.9.0.143 2009.04.16 - Antiy-AVL 2.0.3.1 2009.04.16 - Authentium 5.1.2.4 2009.04.16 - Avast 4.8.1335.0 2009.04.16 - AVG 8.5.0.287 2009.04.16 - BitDefender 7.2 2009.04.16 - CAT-QuickHeal 10.00 2009.04.16 - ClamAV 0.94.1 2009.04.16 - Comodo 1116 2009.04.16 - DrWeb 4.44.0.09170 2009.04.16 - eSafe 7.0.17.0 2009.04.13 - eTrust-Vet 31.6.6455 2009.04.14 - F-Prot 4.4.4.56 2009.04.16 - F-Secure 8.0.14470.0 2009.04.16 - Fortinet 3.117.0.0 2009.04.16 - GData 19 2009.04.16 - Ikarus T3.1.1.49.0 2009.04.16 - K7AntiVirus 7.10.704 2009.04.15 - Kaspersky 7.0.0.125 2009.04.16 - McAfee 5586 2009.04.16 - McAfee+Artemis 5586 2009.04.16 - McAfee-GW-Edition 6.7.6 2009.04.16 - Microsoft 1.4502 2009.04.16 - NOD32 4014 2009.04.16 - Norman 6.00.06 2009.04.16 - nProtect 2009.1.8.0 2009.04.16 - Panda 10.0.0.14 2009.04.16 - PCTools 4.4.2.0 2009.04.15 - Prevx1 V2 2009.04.16 - Rising 21.25.34.00 2009.04.16 - Sophos 4.40.0 2009.04.16 - Sunbelt 3.2.1858.2 2009.04.16 - Symantec 1.4.4.12 2009.04.16 - TheHacker 6.3.4.0.309 2009.04.16 - TrendMicro 8.700.0.1004 2009.04.16 - VBA32 3.12.10.2 2009.04.12 - ViRobot 2009.4.16.1696 2009.04.16 - VirusBuster 4.6.5.0 2009.04.16 - Information additionnelle File size: 14336 bytes MD5...: e4bdf223cd75478bf44567b4d5c2634d SHA1..: 3d70560753b0ab43252311fa85e12f36a51a5f55 SHA256: 6234155d6c02c67689744d21380b17db5fe395bc8622c71b046e40ca1767785a SHA512: b806bd12bc6a507aa87ac8ab347044f82c3593bfae3832d0a3e88a545a051776 177aa9214eeac785d64f35ae83e695f90859e655d5020ff195791cefff407c7e ssdeep: 384:nrdi+JmG6yqlCRaJt4RHS5LutGJae7g9VJnpWCNJbW:jcG6xlCRaJKGOA7SH J PEiD..: - TrID..: File type identification Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x2509 timedatestamp.....: 0x48025bc0 (Sun Apr 13 19:15:12 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x2c00 0x2c00 6.29 48331595af9d9d52b478844a07357653 .data 0x4000 0x210 0x200 1.62 cbd504e46c836e09e8faabdcfbabaec2 .rsrc 0x5000 0x408 0x600 2.51 dcede0c303bbb48c6875eb64477e5882 ( 4 imports ) > ADVAPI32.dll: RegQueryValueExW, SetSecurityDescriptorDacl, SetEntriesInAclW, SetSecurityDescriptorGroup, SetSecurityDescriptorOwner, InitializeSecurityDescriptor, GetTokenInformation, OpenProcessToken, OpenThreadToken, SetServiceStatus, RegisterServiceCtrlHandlerW, RegCloseKey, RegOpenKeyExW, StartServiceCtrlDispatcherW > KERNEL32.dll: HeapFree, GetLastError, WideCharToMultiByte, lstrlenW, LocalFree, GetCurrentProcess, GetCurrentThread, GetProcAddress, LoadLibraryExW, LeaveCriticalSection, HeapAlloc, EnterCriticalSection, LCMapStringW, FreeLibrary, lstrcpyW, ExpandEnvironmentStringsW, lstrcmpiW, ExitProcess, GetCommandLineW, InitializeCriticalSection, GetProcessHeap, SetErrorMode, SetUnhandledExceptionFilter, RegisterWaitForSingleObject, InterlockedCompareExchange, LoadLibraryA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, LocalAlloc, lstrcmpW, DelayLoadFailureHook > ntdll.dll: NtQuerySecurityObject, RtlFreeHeap, NtOpenKey, wcscat, wcscpy, RtlAllocateHeap, RtlCompareUnicodeString, RtlInitUnicodeString, RtlInitializeSid, RtlLengthRequiredSid, RtlSubAuthoritySid, NtClose, RtlSubAuthorityCountSid, RtlGetDaclSecurityDescriptor, RtlQueryInformationAcl, RtlGetAce, RtlImageNtHeader, wcslen, RtlUnhandledExceptionFilter, RtlCopySid > RPCRT4.dll: RpcServerUnregisterIfEx, RpcMgmtWaitServerListen, RpcMgmtSetServerStackSize, RpcServerUnregisterIf, RpcServerListen, RpcServerUseProtseqEpW, RpcServerRegisterIf, I_RpcMapWin32Status, RpcMgmtStopServerListening ( 0 exports ) RDS...: NSRL Reference Data Set - CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=e4bdf223cd75478bf44567b4d5c2634d' target='_blank'>http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=e4bdf223cd75478bf44567b4d5c2634d</a> ATTENTION: VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n'y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l'utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu'un fichier est sans danger. Il n'y a actuellement aucune solution qui offre un taux d'efficacité de 100% pour la détection des virus et malwares. VirusTotal © Hispasec Sistemas - Blog - Contact: info@virustotal.com - Terms of Service & Privacy Policy Suomi | ihMdI | | עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español | English Virustotal est un service qui analyse les fichiers suspects et facilite la détection rapide des virus, vers, chevaux de Troie et toutes sortes de malwares détectés par les moteurs antivirus. Plus d'informations... Fichier spry.exe reçu le 2009.04.17 00:02:27 (CET) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 6/40 (15%) en train de charger les informations du serveur... Votre fichier est dans la file d'attente, en position: 2. L'heure estimée de démarrage est entre 49 et 70 secondes. Ne fermez pas la fenêtre avant la fin de l'analyse. L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats. Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. Votre fichier est, en ce moment, en cours d'analyse par VirusTotal, les résultats seront affichés au fur et à mesure de leur génération. Formaté Impression des résultats Votre fichier a expiré ou n'existe pas. Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie. Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email: Antivirus Version Dernière mise à jour Résultat a-squared 4.0.0.101 2009.04.16 - AhnLab-V3 5.0.0.2 2009.04.16 - AntiVir 7.9.0.143 2009.04.16 SPR/Tool.Obfuscator.ER.20 Antiy-AVL 2.0.3.1 2009.04.16 - Authentium 5.1.2.4 2009.04.16 - Avast 4.8.1335.0 2009.04.16 - AVG 8.5.0.287 2009.04.16 - BitDefender 7.2 2009.04.16 - CAT-QuickHeal 10.00 2009.04.16 - ClamAV 0.94.1 2009.04.16 - Comodo 1116 2009.04.16 - DrWeb 4.44.0.09170 2009.04.16 - eSafe 7.0.17.0 2009.04.13 - eTrust-Vet 31.6.6455 2009.04.14 - F-Prot 4.4.4.56 2009.04.16 - F-Secure 8.0.14470.0 2009.04.16 Packed.Win32.Krap.i Fortinet 3.117.0.0 2009.04.16 - GData 19 2009.04.16 - Ikarus T3.1.1.49.0 2009.04.16 - K7AntiVirus 7.10.704 2009.04.15 - Kaspersky 7.0.0.125 2009.04.16 Packed.Win32.Krap.i McAfee 5586 2009.04.16 - McAfee+Artemis 5586 2009.04.16 - McAfee-GW-Edition 6.7.6 2009.04.16 Riskware.Tool.Obfuscator.ER.20 Microsoft 1.4502 2009.04.16 VirTool:Win32/Obfuscator.ER NOD32 4014 2009.04.16 - Norman 6.00.06 2009.04.16 - nProtect 2009.1.8.0 2009.04.16 - Panda 10.0.0.14 2009.04.16 - PCTools 4.4.2.0 2009.04.15 - Prevx1 V2 2009.04.17 High Risk Cloaked Malware Rising 21.25.34.00 2009.04.16 - Sophos 4.40.0 2009.04.16 - Sunbelt 3.2.1858.2 2009.04.16 - Symantec 1.4.4.12 2009.04.16 - TheHacker 6.3.4.0.309 2009.04.16 - TrendMicro 8.700.0.1004 2009.04.16 - VBA32 3.12.10.2 2009.04.12 - ViRobot 2009.4.16.1696 2009.04.16 - VirusBuster 4.6.5.0 2009.04.16 - Information additionnelle File size: 37888 bytes MD5...: c4e6d77e0ba818c9d357001fbd78fef9 SHA1..: 1ccb34aebf6df9b7e2269dd3ac7657cfabf8ee03 SHA256: 617cc4b7f70caab68311a779177601b3997245172c70ca7547c4c255b6676a4e SHA512: c595029c2b88320194e1e8eefe32f145a8498e8e7798db12f0f2103a462313ad 56f2c242574715de40e6326a18c10bf054ea5cb4c85955f724e44c445dee003a ssdeep: 384:a8u76oS7FA9jGVH2K0ZZ3vaaeJdR+QEPtDxqRS9zkfizsenJe:aV7A7gjSWt vaaeJdQnxqOYazsenJ PEiD..: - TrID..: File type identification Win32 Executable Generic (38.4%) Win32 Dynamic Link Library (generic) (34.2%) Clipper DOS Executable (9.1%) Generic Win/DOS Executable (9.0%) DOS Executable Generic (9.0%) PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1d18 timedatestamp.....: 0x445dc893 (Sun May 07 10:14:43 2006) machinetype.......: 0x14c (I386) ( 6 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x20b5 0x1c00 5.76 68c431255e41f438374ad28a5f3e164a .data 0x4000 0x1285 0x800 4.62 3dffbea70b2c84283a9c64f4ed332488 .idata 0x6000 0x3206 0x1800 6.22 292758e5ecdc915e0d6c469a3a57cf7b .bss 0xa000 0xc3a8 0x2800 7.43 e68dcde44bb1fccba3aca111cd767f37 .tls 0x17000 0x1c00 0x1c00 0.00 21eb7229dde310fab9cd2dbec6208123 .rsrc 0x19000 0x1037 0x1000 0.00 620f0b67a91f7f74151bc5be745b7110 ( 5 imports ) > msvcrt.dll: _amsg_exit, _wsopen, __winitenv, _wfindfirst, fopen, wcstod, _lfind, _mbsncpy, iswalnum, _wspawnvpe, atol, gets, _ismbchira, iswctype > USER32.DLL: RegisterTasklist, RegisterLogonProcess, IsWindow, GetDC, CreateDialogIndirectParamA, IsMenu, SetSysColors, InsertMenuItemA, AlignRects, CharToOemA, OpenWindowStationW, IsChild, GetWindowTextW, GetListBoxInfo, DefFrameProcW, GetDCEx > ADVAPI32.DLL: SetFileSecurityW, SetPrivateObjectSecurity > GDI32.DLL: SetSystemPaletteUse, CancelDC, CreateFontIndirectW, FrameRgn, GetROP2, CreateFontA, GdiGetBatchLimit, GetPixel, CopyMetaFileW, GdiPlayJournal, GetMiterLimit, SetLayout, SetROP2, SelectPalette > KERNEL32.DLL: SetFileTime, ExitProcess, GetCurrentProcess, FlushViewOfFile, FindResourceW, GetStartupInfoW, VirtualFree, SetLastError, FindAtomW, VirtualAlloc, FatalExit, SetErrorMode, SystemTimeToTzSpecificLocalTime, FindFirstFileA, CommConfigDialogW, GetCommandLineW, Sleep, EnumSystemLocalesW, GetCurrentDirectoryA, GetCurrentProcessId, GetModuleHandleW, EnumSystemCodePagesW, GlobalWire, GetVersion, DosDateTimeToFileTime, GetLastError, DisconnectNamedPipe, GetFileSize ( 0 exports ) RDS...: NSRL Reference Data Set - Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=72D2AD0D00F34EF394DE00411C4D5500D64A42FF' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=72D2AD0D00F34EF394DE00411C4D5500D64A42FF</a> ATTENTION: VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n'y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l'utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu'un fichier est sans danger. Il n'y a actuellement aucune solution qui offre un taux d'efficacité de 100% pour la détection des virus et malwares. VirusTotal © Hispasec Sistemas - Blog - Contact: info@virustotal.com - Terms of Service & Privacy Policy Suomi | ihMdI | | עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español | English Virustotal est un service qui analyse les fichiers suspects et facilite la détection rapide des virus, vers, chevaux de Troie et toutes sortes de malwares détectés par les moteurs antivirus. Plus d'informations... Fichier DUMP449a.tmp reçu le 2009.04.17 00:17:47 (CET) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 3/40 (7.5%) en train de charger les informations du serveur... Votre fichier est dans la file d'attente, en position: 2. L'heure estimée de démarrage est entre 49 et 70 secondes. Ne fermez pas la fenêtre avant la fin de l'analyse. L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats. Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. Votre fichier est, en ce moment, en cours d'analyse par VirusTotal, les résultats seront affichés au fur et à mesure de leur génération. Formaté Impression des résultats Votre fichier a expiré ou n'existe pas. Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie. Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email: Antivirus Version Dernière mise à jour Résultat a-squared 4.0.0.101 2009.04.16 - AhnLab-V3 5.0.0.2 2009.04.16 - AntiVir 7.9.0.143 2009.04.16 TR/Agent.8704.76 Antiy-AVL 2.0.3.1 2009.04.16 - Authentium 5.1.2.4 2009.04.16 - Avast 4.8.1335.0 2009.04.16 Win32:DNSChanger-VJ AVG 8.5.0.287 2009.04.16 - BitDefender 7.2 2009.04.16 - CAT-QuickHeal 10.00 2009.04.16 - ClamAV 0.94.1 2009.04.16 - Comodo 1116 2009.04.16 - DrWeb 4.44.0.09170 2009.04.17 - eSafe 7.0.17.0 2009.04.13 - eTrust-Vet 31.6.6455 2009.04.14 - F-Prot 4.4.4.56 2009.04.16 - F-Secure 8.0.14470.0 2009.04.16 - Fortinet 3.117.0.0 2009.04.16 - GData 19 2009.04.16 Win32:DNSChanger-VJ Ikarus T3.1.1.49.0 2009.04.16 - K7AntiVirus 7.10.704 2009.04.15 - Kaspersky 7.0.0.125 2009.04.16 - McAfee 5586 2009.04.16 - McAfee+Artemis 5586 2009.04.16 - McAfee-GW-Edition 6.7.6 2009.04.16 - Microsoft 1.4502 2009.04.16 - NOD32 4014 2009.04.16 - Norman 6.00.06 2009.04.16 - nProtect 2009.1.8.0 2009.04.16 - Panda 10.0.0.14 2009.04.16 - PCTools 4.4.2.0 2009.04.15 - Prevx1 V2 2009.04.17 - Rising 21.25.34.00 2009.04.16 - Sophos 4.40.0 2009.04.16 - Sunbelt 3.2.1858.2 2009.04.16 - Symantec 1.4.4.12 2009.04.16 - TheHacker 6.3.4.0.309 2009.04.16 - TrendMicro 8.700.0.1004 2009.04.16 - VBA32 3.12.10.2 2009.04.12 - ViRobot 2009.4.16.1696 2009.04.16 - VirusBuster 4.6.5.0 2009.04.16 - Information additionnelle File size: 98304 bytes MD5...: d3c13c22eb58b44dd32b3be0b4debdae SHA1..: 63db8c4e8575ab6be2e6c811f4dc4930aa96657a SHA256: 020a30f06b10b727bc2687f67d359e2bed677d7262303bfe8ad4f75a6aecdb13 SHA512: dc539a75d5d841bef16c8bcdfdb1f0a853c9ec7c10e553d75ac37e110db80a3b a61bfc5c7f552599eb9f5e8031bd739063fc97f8b1051d2e3898f0f2bc6fef9c ssdeep: 768:0TUkVdNunII8u3T7iuB5CrFHNDugT//72wzyVimVLF:0Yk3Nvyd5Cr1NDugT H7ByVBx PEiD..: - TrID..: File type identification Windows memory dump (100.0%) PEInfo: - RDS...: NSRL Reference Data Set - ATTENTION: VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n'y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l'utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu'un fichier est sans danger. Il n'y a actuellement aucune solution qui offre un taux d'efficacité de 100% pour la détection des virus et malwares. VirusTotal © Hispasec Sistemas - Blog - Contact: info@virustotal.com - Terms of Service & Privacy Policy et le rapport de antivir juste apres avoir execute combo fix hier il m a vire 20 virus jamais autant,hoo vache a lait Avira AntiVir Personal Report file date: mercredi 15 avril 2009 16:37 Scanning for 1351911 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 3) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: ARCHANGE-277B22 Version information: BUILD.DAT : 8.2.0.347 16934 Bytes 16/03/2009 14:45:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 27/03/2009 18:20:49 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 18:20:57 ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 18:20:58 ANTIVIR2.VDF : 7.1.3.0 1330176 Bytes 01/04/2009 17:20:05 ANTIVIR3.VDF : 7.1.3.50 235008 Bytes 14/04/2009 17:18:30 Engineversion : 8.2.0.143 AEVDF.DLL : 8.1.1.0 106868 Bytes 27/03/2009 18:21:00 AESCRIPT.DLL : 8.1.1.75 373113 Bytes 14/04/2009 17:18:38 AESCN.DLL : 8.1.1.10 127348 Bytes 03/04/2009 17:18:34 AERDL.DLL : 8.1.1.3 438645 Bytes 27/03/2009 18:21:00 AEPACK.DLL : 8.1.3.12 397687 Bytes 03/04/2009 17:18:32 AEOFFICE.DLL : 8.1.0.36 196987 Bytes 27/03/2009 18:21:00 AEHEUR.DLL : 8.1.0.116 1708407 Bytes 14/04/2009 17:18:37 AEHELP.DLL : 8.1.2.2 119158 Bytes 27/03/2009 18:20:59 AEGEN.DLL : 8.1.1.34 340340 Bytes 14/04/2009 17:18:32 AEEMU.DLL : 8.1.0.9 393588 Bytes 27/03/2009 18:20:59 AECORE.DLL : 8.1.6.9 176500 Bytes 14/04/2009 17:18:31 AEBB.DLL : 8.1.0.3 53618 Bytes 27/03/2009 18:20:59 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01 AVREP.DLL : 8.0.0.2 98344 Bytes 27/03/2009 18:20:59 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: mercredi 15 avril 2009 16:37 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'Watch.exe' - '1' Module(s) have been scanned Scan process 'ALERTM~1.EXE' - '1' Module(s) have been scanned Scan process 'PollingModule.exe' - '1' Module(s) have been scanned Scan process 'Inactivity.exe' - '1' Module(s) have been scanned Scan process 'Toaster.exe' - '1' Module(s) have been scanned Scan process 'ComComp.exe' - '1' Module(s) have been scanned Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'unsecapp.exe' - '1' Module(s) have been scanned Scan process 'iPodService.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'sp_rsser.exe' - '1' Module(s) have been scanned Scan process 'SeaPort.exe' - '1' Module(s) have been scanned Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned Scan process 'fsssvc.exe' - '1' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'a2service.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned Scan process 'reader_sl.exe' - '1' Module(s) have been scanned Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'AAWTray.exe' - '1' Module(s) have been scanned Scan process 'fsui.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned Scan process 'soundman.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'AAWService.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 53 processes with 53 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '55' files ). Starting the file scan: Begin scan in 'C:\' C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! C:\tidpldun.exe [DETECTION] Is the TR/Ertfor.A.12 Trojan [NOTE] The file was moved to '4a49f18f.qua'! C:\Documents and Settings\pat\.housecall6.6\Quarantine\jlyqrhnk.exe.bac_a03468 [0] Archive type: HIDDEN --> FIL\\\?\C:\Documents and Settings\pat\.housecall6.6\Quarantine\jlyqrhnk.exe.bac_a03468 [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan [NOTE] The file was moved to '4a5ef1b9.qua'! C:\Documents and Settings\pat\.housecall6.6\Quarantine\msavsc.dll.bac_a03468 [0] Archive type: HIDDEN --> FIL\\\?\C:\Documents and Settings\pat\.housecall6.6\Quarantine\msavsc.dll.bac_a03468 [DETECTION] Is the TR/FakeMSA.A.1 Trojan [NOTE] The file was moved to '4a46f1c3.qua'! C:\Documents and Settings\pat\.housecall6.6\Quarantine\msctrl.dll.bac_a03468 [0] Archive type: HIDDEN --> FIL\\\?\C:\Documents and Settings\pat\.housecall6.6\Quarantine\msctrl.dll.bac_a03468 [DETECTION] Is the TR/FakeMSA.A.1 Trojan [NOTE] The file was moved to '4a48f1c5.qua'! C:\Documents and Settings\pat\.housecall6.6\Quarantine\msfw.dll.bac_a03468 [0] Archive type: HIDDEN --> FIL\\\?\C:\Documents and Settings\pat\.housecall6.6\Quarantine\msfw.dll.bac_a03468 [DETECTION] Is the TR/FakeMSA.A.1 Trojan [NOTE] The file was moved to '4a4bf1c8.qua'! C:\Documents and Settings\pat\.housecall6.6\Quarantine\msiemon.dll.bac_a03468 [0] Archive type: HIDDEN --> FIL\\\?\C:\Documents and Settings\pat\.housecall6.6\Quarantine\msiemon.dll.bac_a03468 [DETECTION] Is the TR/FakeMSA.A.1 Trojan [NOTE] The file was moved to '4a4ef1ca.qua'! C:\Documents and Settings\pat\.housecall6.6\Quarantine\mssadv.dll.bac_a03468 [0] Archive type: HIDDEN --> FIL\\\?\C:\Documents and Settings\pat\.housecall6.6\Quarantine\mssadv.dll.bac_a03468 [DETECTION] Is the TR/Crypt.FKM.Gen Trojan [NOTE] The file was moved to '4a58f1cc.qua'! C:\Documents and Settings\pat\.housecall6.6\Quarantine\msscan.dll.bac_a03468 [0] Archive type: HIDDEN --> FIL\\\?\C:\Documents and Settings\pat\.housecall6.6\Quarantine\msscan.dll.bac_a03468 [DETECTION] Is the TR/FakeMSA.A.1 Trojan [NOTE] The file was moved to '4a58f1cd.qua'! C:\Program Files\Adobe\Reader 8.0\Setup Files\{AC76BA86-7AD7-1036-7B44-A81200000003}\Data1.cab [0] Archive type: CAB (Microsoft) --> JSByteCodeWin.bin [WARNING] The file could not be written! C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\vlc-0.9.6-win32.exe.vir [0] Archive type: NSIS --> ProgramFilesDir/libfontconfig-1.dll [WARNING] No further files can be extracted from this archive. The archive will be closed C:\Qoobox\Quarantine\C\WINDOWS\system32\gaopdxohqvjjamollvqaojimdiuljmshjhnxrt.dll.vir [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan [NOTE] The file was moved to '4a54f554.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\ovfsthroejvplgrkhbairgxamddjkfigapsbww.dll.vir [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan [NOTE] The file was moved to '4a4bf56d.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\ovfsthsxcsabqrlyvfkmogeydharsxtqpjajpq.dll.vir [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan [NOTE] The file was moved to '4a4bf570.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\ovfsthcshswponrrxuvjjmknavqpeoctyfxyfc.sys.vir [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '4a4bf573.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_gaopdximkfbdihsmgsliipwosqcvyjqertyrph_.sys.zip [0] Archive type: ZIP --> gaopdximkfbdihsmgsliipwosqcvyjqertyrph.sys [DETECTION] Is the TR/TDss.xyl Trojan [NOTE] The file was moved to '4a46f568.qua'! C:\System Volume Information\_restore{677BC592-B41D-4180-AFEF-DEDDFC8A08E8}\RP213\A0032145.exe:ext.exe [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan [NOTE] The file was moved to '4a15f535.qua'! C:\System Volume Information\_restore{677BC592-B41D-4180-AFEF-DEDDFC8A08E8}\RP213\A0032156.exe [0] Archive type: NSIS --> ProgramFilesDir/libfontconfig-1.dll [WARNING] No further files can be extracted from this archive. The archive will be closed C:\System Volume Information\_restore{677BC592-B41D-4180-AFEF-DEDDFC8A08E8}\RP213\A0032157.sys [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '4a15f538.qua'! C:\System Volume Information\_restore{677BC592-B41D-4180-AFEF-DEDDFC8A08E8}\RP213\A0032158.dll [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan [NOTE] The file was moved to '4a15f53b.qua'! C:\System Volume Information\_restore{677BC592-B41D-4180-AFEF-DEDDFC8A08E8}\RP213\A0032160.dll [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan [NOTE] The file was moved to '4a15f53d.qua'! C:\System Volume Information\_restore{677BC592-B41D-4180-AFEF-DEDDFC8A08E8}\RP213\A0032161.dll [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan [NOTE] The file was moved to '4a15f540.qua'! C:\System Volume Information\_restore{677BC592-B41D-4180-AFEF-DEDDFC8A08E8}\RP213\A0032233.exe [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was moved to '4a15f546.qua'! C:\WINDOWS\system32\hsf73ikmdf3f.dll [DETECTION] Is the TR/Ertfor.A.13 Trojan [NOTE] The file was moved to '4a4bf7d4.qua'! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! End of the scan: mercredi 15 avril 2009 17:06 Used time: 29:43 Minute(s) The scan has been done completely. 6789 Scanning directories 135940 Files were scanned 20 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 20 files were moved to quarantine 0 files were renamed 3 Files cannot be scanned 135917 Files not concerned 1020 Archives were scanned 6 Warnings 20 Notes bon allez bonne nuit THANOS en attente de ta reponse demain;merci du coup de main

bonjour thanos j ai relu ton post et j ai fini par trouver le rapport de combo fix .l ordi marche nickel depuis hier mais je prefere avoir ton avis.MERCI ENCORE ComboFix 09-04-15.08 - pat 15/04/2009 16:17.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.510.177 [GMT 2:00] Lancé depuis: c:\documents and settings\pat\Bureau\ComboFix.exe AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) . ADS - svchost.exe: deleted 32768 bytes in 1 streams. (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\vlc-0.9.6-win32.exe c:\windows\patch.exe c:\windows\system32\Agent.OMZ.Fix.exe c:\windows\system32\drivers\msqpdxrsjnrsoa.sys c:\windows\system32\drivers\ovfsthcshswponrrxuvjjmknavqpeoctyfxyfc.sys c:\windows\system32\dumphive.exe c:\windows\system32\gaopdxcounter c:\windows\system32\gaopdxohqvjjamollvqaojimdiuljmshjhnxrt.dll c:\windows\system32\msqpdxihwmvfvt.dll c:\windows\system32\o4Patch.exe c:\windows\system32\ovfsthqhotefrixstfvxqmfinrmgilssvauuyg.dll c:\windows\system32\ovfsthroejvplgrkhbairgxamddjkfigapsbww.dll c:\windows\system32\ovfsthrovhssnmmdjdhmjlyoynfjgtmirprivk.dat c:\windows\system32\ovfsthsxcsabqrlyvfkmogeydharsxtqpjajpq.dll c:\windows\system32\ovfsthtorphcqmafxhwoyctufctigckaumxily.dat c:\windows\system32\ovfsthxxqfkpovptyvkbisiroqrxbsunynaeom.dll c:\windows\system32\Process.exe c:\windows\system32\SrchSTS.exe c:\windows\system32\tmp.reg c:\windows\system32\VCCLSID.exe c:\windows\system32\WS2Fix.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_gaopdxserv.sys -------\Service_MSQPDXSERV.SYS -------\Legacy_FCI ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-15 au 2009-04-15 )))))))))))))))))))))))))))))))))))) . 2009-04-15 13:23 . 2009-04-15 13:23 -------- d--h--w c:\windows\PIF 2009-04-15 11:54 . 2008-06-19 14:24 28544 ----a-w c:\windows\system32\drivers\pavboot.sys 2009-04-15 00:47 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe 2009-04-15 00:47 . 2009-03-06 14:20 286720 -c----w c:\windows\system32\dllcache\pdh.dll 2009-04-15 00:47 . 2009-02-09 11:23 111104 -c----w c:\windows\system32\dllcache\services.exe 2009-04-15 00:47 . 2009-02-09 10:53 473600 -c----w c:\windows\system32\dllcache\fastprox.dll 2009-04-15 00:47 . 2009-02-09 10:53 401408 -c----w c:\windows\system32\dllcache\rpcss.dll 2009-04-15 00:47 . 2009-02-09 10:53 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll 2009-04-15 00:47 . 2008-12-16 12:31 354304 -c----w c:\windows\system32\dllcache\winhttp.dll 2009-04-15 00:47 . 2008-04-21 21:15 219136 -c----w c:\windows\system32\dllcache\wordpad.exe 2009-04-14 15:48 . 2009-04-14 15:48 -------- d-----w C:\VundoFix Backups 2009-04-14 15:01 . 2009-03-25 21:48 102664 ----a-w c:\windows\system32\drivers\tmcomm.sys 2009-04-14 13:30 . 2009-04-14 13:30 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Google 2009-04-14 13:16 . 2009-04-14 13:16 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Google 2009-04-14 13:15 . 2006-10-05 02:42 2560 ------w c:\windows\system32\drivers\cdralw2k.sys 2009-04-14 13:15 . 2006-10-05 02:42 2432 ------w c:\windows\system32\drivers\cdr4_xp.sys 2009-04-14 13:13 . 2009-04-14 15:34 -------- d-----w c:\documents and settings\pat\Local Settings\Application Data\Google 2009-04-14 13:12 . 2009-04-14 14:26 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-04-14 12:30 . 2009-04-14 15:31 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-04-13 13:58 . 2009-04-13 13:58 15000 ----a-w c:\windows\system32\hsf73ikmdf3f.dll 2009-04-13 13:58 . 2009-04-13 13:58 24576 ----a-w C:\tidpldun.exe 2009-04-13 13:57 . 2009-04-13 13:57 22016 ----a-w C:\0xf9.exe 2009-04-13 09:10 . 2009-04-13 09:10 37888 ----a-w C:\spry.exe 2009-03-28 15:13 . 2005-08-25 18:18 118784 ----a-w c:\windows\system32\MSSTDFMT.DLL 2009-03-28 15:13 . 2005-04-15 19:58 1071088 ----a-w c:\windows\system32\MSCOMCTL.OCX 2009-03-28 15:13 . 2009-03-28 15:13 120 ----a-w c:\windows\system32\BIN_STRSBW.SPT 2009-03-27 18:02 . 2009-03-27 18:02 -------- d-----w c:\windows\report 2009-03-27 18:02 . 2009-03-27 18:49 823 ----a-w c:\windows\tsc.ini 2009-03-27 18:02 . 2009-03-27 18:02 91744 ----a-w c:\windows\BPMNT.dll 2009-03-27 18:02 . 2009-03-27 18:02 71749 ----a-w c:\windows\hcextoutput.dll 2009-03-27 18:02 . 2009-03-27 18:02 348741 ----a-w c:\windows\tsc.exe 2009-03-27 18:02 . 2009-03-27 18:02 1990467 ----a-w c:\windows\tsc.ptn 2009-03-27 18:02 . 2009-03-27 18:02 1213784 ----a-w c:\windows\vsapi32.dll 2009-03-27 18:02 . 2009-03-27 18:02 -------- d-----w c:\windows\AU_Backup 2009-03-27 18:02 . 2009-03-27 18:02 22626953 ----a-w c:\windows\VPTNFILE.925 2009-03-27 18:02 . 2009-03-27 18:02 22626953 ----a-w c:\windows\LPT$VPN.925 2009-03-27 18:01 . 2009-03-27 18:01 170 ----a-w c:\windows\GetServer.ini 2009-03-27 18:01 . 2009-03-27 18:02 -------- d-----w c:\windows\AU_Temp 2009-03-27 18:01 . 2009-03-27 18:01 -------- d-----w c:\windows\AU_Log 2009-03-27 18:01 . 2009-03-27 18:01 69689 ----a-w c:\windows\UNZIP.DLL 2009-03-27 18:01 . 2009-03-27 18:01 507904 ----a-w c:\windows\TMUPDATE.DLL 2009-03-27 16:58 . 2009-03-27 16:58 -------- d-----w c:\documents and settings\pat\Application Data\Ahead 2009-03-27 16:57 . 2009-03-26 15:49 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-03-27 16:57 . 2009-03-26 15:49 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-03-27 00:59 . 2009-01-09 19:19 1089883 -c----w c:\windows\system32\dllcache\ntprint.cat 2009-03-26 13:57 . 2006-06-29 12:07 14048 ------w c:\windows\system32\spmsg2.dll 2009-03-26 13:46 . 2009-03-26 13:46 -------- d-----w c:\windows\system32\XPSViewer 2009-03-26 13:44 . 2008-07-06 12:06 89088 -c----w c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-03-26 13:44 . 2008-07-06 12:06 575488 -c----w c:\windows\system32\dllcache\xpsshhdr.dll 2009-03-26 13:44 . 2008-07-06 12:06 575488 ------w c:\windows\system32\xpsshhdr.dll 2009-03-26 13:44 . 2008-07-06 12:06 117760 ------w c:\windows\system32\prntvpt.dll 2009-03-26 13:44 . 2008-07-06 10:50 597504 -c----w c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-03-26 13:44 . 2009-03-26 13:59 -------- d-----w C:\26ebef344a4584be13f9cd797300e9 2009-03-26 13:44 . 2008-07-06 12:06 1676288 -c----w c:\windows\system32\dllcache\xpssvcs.dll 2009-03-26 13:44 . 2008-07-06 12:06 1676288 ------w c:\windows\system32\xpssvcs.dll 2009-03-25 21:48 . 2009-04-14 15:01 -------- d-----w c:\documents and settings\pat\.housecall6.6 2009-03-25 18:06 . 2009-03-25 17:47 15688 ----a-w c:\windows\system32\lsdelete.exe 2009-03-25 17:47 . 2009-03-25 17:47 64160 ----a-w c:\windows\system32\drivers\Lbd.sys 2009-03-25 17:43 . 2009-03-25 17:43 142592 ----a-w c:\windows\system32\drivers\sp_rsdrv2.sys 2009-03-25 17:43 . 2009-04-14 14:12 -------- d-----w c:\documents and settings\All Users\Application Data\Spyware Terminator 2009-03-25 17:40 . 2009-03-25 17:40 -------- dc-h--w c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800} 2009-03-20 18:27 . 2009-03-20 18:27 -------- d-----w c:\windows\system32\Kaspersky Lab . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-15 14:22 . 2008-10-02 10:56 -------- d-----w c:\program files\Wanadoo 2009-04-15 14:22 . 2009-03-25 22:41 16242 ----a-w C:\aaw7boot.log 2009-04-15 13:23 . 2009-04-15 13:23 -------- d-----w c:\program files\AIDA32 - Enterprise System Information 2009-04-15 11:54 . 2008-10-25 13:38 -------- d-----w c:\program files\Panda Security 2009-04-15 11:49 . 2008-10-02 09:32 -------- d-----w c:\program files\ma-config.com 2009-04-15 11:49 . 2008-10-02 09:32 -------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com 2009-04-15 11:07 . 2009-04-15 11:07 -------- d-----w c:\program files\Trend Micro 2009-04-15 06:52 . 2008-10-02 12:27 -------- d-----w c:\program files\eMule 2009-04-15 06:52 . 2004-08-05 12:00 80856 ----a-w c:\windows\system32\perfc00C.dat 2009-04-15 06:52 . 2004-08-05 12:00 500814 ----a-w c:\windows\system32\perfh00C.dat 2009-04-14 17:01 . 2008-10-14 16:38 -------- d-----w c:\documents and settings\pat\Application Data\Spyware Terminator 2009-04-14 17:00 . 2008-10-14 16:38 -------- d-----w c:\program files\Spyware Terminator 2009-04-14 16:41 . 2009-04-14 13:15 -------- d-----w c:\program files\Norton Security Scan 2009-04-14 16:14 . 2009-04-14 15:48 135 ----a-w C:\VundoFix.txt 2009-04-14 15:35 . 2009-04-14 13:12 -------- d-----w c:\program files\Google 2009-04-14 14:20 . 2008-09-29 16:29 -------- d-----w c:\program files\Fichiers communs\Adobe 2009-04-14 14:05 . 2009-04-14 13:15 -------- d-----w c:\program files\Fichiers communs\Symantec Shared 2009-04-14 13:15 . 2009-04-14 13:14 -------- d-----w c:\program files\Picasa2 2009-04-13 13:59 . 2008-09-29 17:48 98304 ----a-w c:\windows\DUMP449a.tmp 2009-04-13 13:58 . 2004-08-05 12:00 14336 ----a-w c:\windows\system32\svchost.exe 2009-04-13 09:12 . 2004-08-05 12:00 14336 ----a-w c:\windows\system32\wscntfy.exe 2009-04-09 12:18 . 2009-04-09 11:18 -------- d-----w c:\program files\i2p 2009-03-28 15:47 . 2008-10-14 16:39 -------- d-----w c:\program files\Crawler 2009-03-28 14:40 . 2009-02-08 09:43 -------- d-----w c:\documents and settings\pat\Application Data\ESTsoft 2009-03-28 14:40 . 2009-02-08 09:43 -------- d-----w c:\documents and settings\All Users\Application Data\ESTsoft 2009-03-28 13:33 . 2009-03-28 13:27 2857 ----a-w C:\rapport.txt 2009-03-27 18:49 . 2009-03-27 18:01 12868337 ----a-w C:\xscan.txt 2009-03-27 18:15 . 2008-10-25 15:37 -------- d-----w c:\program files\Avira 2009-03-27 18:15 . 2008-10-25 15:37 -------- d-----w c:\documents and settings\All Users\Application Data\Avira 2009-03-27 17:47 . 2008-10-03 10:05 -------- d-----w c:\program files\Spybot - Search & Destroy 2009-03-27 17:47 . 2008-10-03 10:05 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-03-27 16:57 . 2009-03-27 16:57 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-03-26 14:02 . 2008-09-29 16:20 13688 ----a-w c:\documents and settings\pat\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-03-26 13:45 . 2009-03-26 13:45 -------- d-----w c:\program files\MSBuild 2009-03-26 13:45 . 2009-03-26 13:45 -------- d-----w c:\program files\Reference Assemblies 2009-03-25 17:39 . 2008-10-20 07:33 -------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard 2009-03-25 16:18 . 2008-10-17 12:15 -------- d-----w c:\program files\a-squared Free 2009-03-14 16:29 . 2009-03-14 15:28 -------- d-----w c:\program files\ANtsP2P 2009-03-14 15:28 . 2009-03-14 15:28 -------- d--h--w c:\program files\Zero G Registry 2009-03-14 15:18 . 2008-10-05 14:32 -------- d-----w c:\documents and settings\pat\Application Data\Azureus 2009-03-06 14:20 . 2004-08-05 12:00 286720 ----a-w c:\windows\system32\pdh.dll 2009-03-03 00:13 . 2004-08-05 12:00 826368 ----a-w c:\windows\system32\wininet.dll 2009-02-28 17:51 . 2009-01-09 18:36 -------- d-----w c:\program files\Microsoft Silverlight 2009-02-26 15:34 . 2008-10-02 14:18 -------- d-----w c:\documents and settings\pat\Application Data\vlc 2009-02-24 13:15 . 2009-02-24 13:11 -------- d-----w c:\program files\Vuze 2009-02-21 18:56 . 2008-10-03 14:53 -------- d-----w c:\program files\Windows Live 2009-02-20 20:29 . 2009-02-20 20:29 -------- d-----w c:\documents and settings\pat\Application Data\Flood Light Games 2009-02-20 20:29 . 2009-02-20 20:29 -------- d-----w c:\documents and settings\All Users\Application Data\Flood Light Games 2009-02-20 20:28 . 2009-02-20 20:28 -------- d-----w c:\program files\GamesBar 2009-02-20 20:28 . 2009-02-20 20:28 -------- d-----w c:\program files\orange 2009-02-20 20:28 . 2009-02-20 20:28 -------- d-----w c:\program files\Oberon Media 2009-02-20 20:28 . 2009-02-20 20:28 -------- d-----w c:\program files\Fichiers communs\Oberon Media 2009-02-20 17:10 . 2004-08-05 12:00 78336 ----a-w c:\windows\system32\ieencode.dll 2009-02-10 17:06 . 2004-08-04 00:48 2068096 ----a-w c:\windows\system32\ntkrnlpa.exe 2009-02-09 14:05 . 2004-08-05 12:00 1846912 ----a-w c:\windows\system32\win32k.sys 2009-02-09 11:24 . 2004-08-05 12:00 2191104 ----a-w c:\windows\system32\ntoskrnl.exe 2009-02-09 11:23 . 2004-08-05 12:00 111104 ----a-w c:\windows\system32\services.exe 2009-02-09 10:53 . 2004-08-05 12:00 735744 ----a-w c:\windows\system32\lsasrv.dll 2009-02-09 10:53 . 2004-08-05 12:00 739840 ----a-w c:\windows\system32\ntdll.dll 2009-02-09 10:53 . 2004-08-05 12:00 685568 ----a-w c:\windows\system32\advapi32.dll 2009-02-09 10:53 . 2004-08-05 12:00 401408 ----a-w c:\windows\system32\rpcss.dll 2009-02-07 14:35 . 2009-02-07 14:35 107888 ----a-w c:\windows\system32\CmdLineExt.dll 2009-02-06 18:39 . 2009-02-06 18:39 308600 ----a-w c:\windows\WLXPGSS.SCR 2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll 2009-02-06 10:39 . 2004-08-05 12:00 35328 ----a-w c:\windows\system32\sc.exe 2009-02-03 19:58 . 2004-08-05 12:00 56832 ----a-w c:\windows\system32\secur32.dll 2008-10-12 12:32 . 2008-10-12 12:24 246 ----a-w c:\documents and settings\pat\YtdSettings.bin 2008-10-12 12:24 . 2008-10-12 12:23 393 ----a-w c:\documents and settings\pat\Settings.bin . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-14 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000] "SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-03-25 2176000] "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-25 515416] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-04-14 30192] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "WOOWATCH"="c:\progra~1\Wanadoo\Watch.exe" [2004-08-23 20480] "WOOTASKBARICON"="c:\progra~1\Wanadoo\GestMaj.exe" [2004-10-14 32768] "SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2005-09-22 90112] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil9f.exe" [2008-03-25 218496] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3acm"= l3codecp.acm [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveMonitor] 2008-04-30 16:30 498176 ----a-w c:\program files\MSI\Live Update 3\LMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 02:34 1695232 ------w c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 10:50 155648 ----a-r c:\windows\system32\NeroCheck.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\eMule\\emule.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"= "c:\\WINDOWS\\system32\\java.exe"= R3 GoogleDesktopManager-110408-113106;Google Desktop Manager 5.8.811.4345;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-04-14 30192] R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-03-15 216232] R3 QCEmerald;QuickCam Web Logitech;c:\windows\system32\DRIVERS\OVCE.sys [2001-08-17 31872] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-03-25 64160] S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-06-19 28544] S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-03-25 142592] S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136] S2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-25 951632] S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{25eec64b-9147-11dd-94ae-0013d3a856ef}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com h: \Shell\Open\command - d:\resycled\boot.com h: [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6d39569-d1c1-11dd-94d0-0013d3a856ef}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com h: \Shell\Open\command - h:\resycled\boot.com h: . Contenu du dossier 'Tâches planifiées' 2009-04-13 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 17:47] 2009-04-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2009-04-15 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-14 13:12] 2009-04-14 c:\windows\Tasks\Norton Security Scan for pat.job - c:\program files\Norton Security Scan\Nss.exe [2008-09-19 18:20] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.orange.fr uInternet Connection Wizard,ShellNext = iexplore IE: { - c:\program files\Messenger\msmsgs.exe DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-15 16:22 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(732) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3468) c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\progra~1\Wanadoo\TaskBarIcon.exe c:\program files\a-squared Free\a2service.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\FTRTSVC.exe c:\program files\Spyware Terminator\sp_rsser.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Heure de fin: 2009-04-15 16:26 - La machine a redémarré ComboFix-quarantined-files.txt 2009-04-15 14:26 Avant-CF: 133 871 976 448 octets libres Après-CF: 134 039 236 608 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect 293 --- E O F --- 2009-04-15 01:01

merci thanos de m aider alors pour combo fix je sais j aurais peut etre pas du l utiliser seul sans l avis d un connaisseur le resultat a ete qu il m a efface une dizaine de fichiers mes filles m ont engueule y a plus de msn et tout leur bataclan mais bon le systeme a l air plus stable pas de rapport j ai vire combo fix apres sinon voila ce que tu m as demande encore merci de t occupe de moi je rame un peu avec internet info.txt logfile of random's system information tool 1.06 2009-04-15 22:39:10 ======Uninstall list====== -->MsiExec /X{65F1CF63-31E0-450B-96F3-4A88BE7361A6} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} AGEIA PhysX v7.07.09-->MsiExec.exe /X{65F1CF63-31E0-450B-96F3-4A88BE7361A6} Ahead ImageDrive-->C:\WINDOWS\UNIDRV.exe /UNINSTALL AIDA32 v3.93-->"C:\Program Files\AIDA32 - Enterprise System Information\unins000.exe" Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe a-squared Free 3.5-->"C:\Program Files\a-squared Free\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean ATI HYDRAVISION-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{083F79E4-6FE9-46FB-A6C6-4F8862742947}\setup.exe" ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7} ATI Problem Report Wizard-->MsiExec.exe /X{5DA6F06A-B389-407B-BF8C-1548767914D8} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE AVIVO-->MsiExec.exe /X{5399ACAF-7B15-43D5-9233-4E797B184FD2} Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" eMule-->"C:\Program Files\eMule\Uninstall.exe" Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF} Gestionnaire Internet-->C:\PROGRA~1\Wanadoo\uninstall.exe Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall HijackThis 2.0.2-->"C:\Documents and Settings\pat\Local Settings\Temporary Internet Files\Content.IE5\J5K4VGY5\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634} Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe K-Lite Codec Pack 4.1.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly Ma-Config.com-->MsiExec.exe /X{560BD6E0-0BA6-43AF-B423-E1DF4D2EB3C3} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe MSI Live Update 3-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MSI\Live Update 3\Uninst.isu" MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Navigateur Orange-->C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl Nero Media Player-->C:\WINDOWS\UNNMP.exe /UNINSTALL Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL NeroVision Express 2 SE-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL Norton Security Scan (Symantec Corporation)-->"C:\Program Files\Fichiers communs\Symantec Shared\NSSSetup\{795AF20A-51C5-4BAF-9EF5-AA38105C6141}_2_0_0\NSSSetup.exe" /X Norton Security Scan-->MsiExec.exe /X{795AF20A-51C5-4BAF-9EF5-AA38105C6141} OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74} Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe" QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB} Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe Samsung PC Studio 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe" VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" VLC media player 0.9.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe Vuze-->C:\Program Files\Vuze\uninstall.exe Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe ======Security center information====== AV: Avira AntiVir PersonalEdition ======System event log====== Computer Name: ARCHANGE-277B22 Event Code: 7036 Message: Le service Configuration automatique sans fil est entré dans l'état : arrêté. Record Number: 9938 Source Name: Service Control Manager Time Written: 20090330144123.000000+120 Event Type: Informations User: Computer Name: ARCHANGE-277B22 Event Code: 7035 Message: Un contrôle Arrêter a correctement été envoyé au service Configuration automatique sans fil. Record Number: 9937 Source Name: Service Control Manager Time Written: 20090330144121.000000+120 Event Type: Informations User: ARCHANGE-277B22\pat Computer Name: ARCHANGE-277B22 Event Code: 7036 Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution. Record Number: 9936 Source Name: Service Control Manager Time Written: 20090330144107.000000+120 Event Type: Informations User: Computer Name: ARCHANGE-277B22 Event Code: 7036 Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté. Record Number: 9935 Source Name: Service Control Manager Time Written: 20090330144107.000000+120 Event Type: Informations User: Computer Name: ARCHANGE-277B22 Event Code: 7036 Message: Le service Service de la passerelle de la couche Application est entré dans l'état : en cours d'exécution. Record Number: 9934 Source Name: Service Control Manager Time Written: 20090330144107.000000+120 Event Type: Informations User: =====Application event log===== Computer Name: ARCHANGE-277B22 Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 5 Source Name: SecurityCenter Time Written: 20090413113504.000000+120 Event Type: Informations User: Computer Name: ARCHANGE-277B22 Event Code: 1 Message: Record Number: 4 Source Name: Bonjour Service Time Written: 20090413113503.000000+120 Event Type: Informations User: Computer Name: ARCHANGE-277B22 Event Code: 0 Message: Record Number: 3 Source Name: SeaPort Time Written: 20090413113503.000000+120 Event Type: Informations User: Computer Name: ARCHANGE-277B22 Event Code: 0 Message: Service started Record Number: 2 Source Name: fsssvc Time Written: 20090413113500.000000+120 Event Type: Informations User: Computer Name: ARCHANGE-277B22 Event Code: 105 Message: The service was started. Record Number: 1 Source Name: ATI Smart Time Written: 20090413113457.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\ESTsoft\ALZip "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 0, AuthenticAMD "PROCESSOR_REVISION"=2f00 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip -----------------EOF----------------- Logfile of random's system information tool 1.06 (written by random/random) Run by pat at 2009-04-15 22:38:50 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 128 GB (81%) free of 157 GB Total RAM: 510 MB (39% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:39:06, on 15/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Live\Family Safety\fsui.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Windows Live\Family Safety\fsssvc.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Wanadoo\GestionnaireInternet.exe C:\Program Files\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Wanadoo\Watch.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\pat\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\pat.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (User 'Default user') O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://config.zebulon.fr/plugins/hardwared...ion_3_1_2_0.cab O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Desktop Manager 5.8.811.4345 (GoogleDesktopManager-110408-113106) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 9899 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\Norton Security Scan for pat.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2009-02-06 73072] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-14 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-15 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-15 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-09-22 90112] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-15 148888] "fssui"=C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-02-06 454000] "SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-03-25 2176000] "Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-03-25 515416] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-04-14 30192] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "WOOWATCH"=C:\PROGRA~1\Wanadoo\Watch.exe [2004-08-23 20480] "WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\GestMaj.exe [2004-10-14 32768] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-04-06 401040] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-14 39408] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe [2008-04-30 498176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2007-06-27 118784] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Java\jre1.6.0_07\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_07\bin\javaw.exe:*:Enabled:Java Platform SE binary" "C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java Platform SE binary" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{25eec64b-9147-11dd-94ae-0013d3a856ef}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com h: shell\Open\command - D:\resycled\boot.com h: [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6d39569-d1c1-11dd-94d0-0013d3a856ef}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com h: shell\Open\command - H:\resycled\boot.com h: ======List of files/folders created in the last 1 months====== 2009-04-15 22:38:50 ----D---- C:\rsit 2009-04-15 17:38:00 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-04-15 17:37:59 ----A---- C:\WINDOWS\system32\javaws.exe 2009-04-15 17:37:59 ----A---- C:\WINDOWS\system32\javaw.exe 2009-04-15 17:37:59 ----A---- C:\WINDOWS\system32\java.exe 2009-04-15 16:33:03 ----SHD---- C:\RECYCLER 2009-04-15 16:26:53 ----D---- C:\WINDOWS\temp 2009-04-15 16:26:52 ----A---- C:\ComboFix.txt 2009-04-15 16:11:52 ----A---- C:\Boot.bak 2009-04-15 16:11:48 ----RASHD---- C:\cmdcons 2009-04-15 16:08:49 ----A---- C:\WINDOWS\zip.exe 2009-04-15 16:08:49 ----A---- C:\WINDOWS\vFind.exe 2009-04-15 16:08:49 ----A---- C:\WINDOWS\SWXCACLS.exe 2009-04-15 16:08:49 ----A---- C:\WINDOWS\SWSC.exe 2009-04-15 16:08:49 ----A---- C:\WINDOWS\SWREG.exe 2009-04-15 16:08:49 ----A---- C:\WINDOWS\sed.exe 2009-04-15 16:08:49 ----A---- C:\WINDOWS\NIRCMD.exe 2009-04-15 16:08:49 ----A---- C:\WINDOWS\grep.exe 2009-04-15 16:08:44 ----D---- C:\WINDOWS\ERDNT 2009-04-15 16:06:27 ----D---- C:\Qoobox 2009-04-15 15:23:47 ----HD---- C:\WINDOWS\PIF 2009-04-15 15:23:03 ----D---- C:\Program Files\AIDA32 - Enterprise System Information 2009-04-15 13:07:10 ----D---- C:\Program Files\Trend Micro 2009-04-15 03:01:25 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-04-15 03:01:22 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$ 2009-04-15 03:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2009-04-15 03:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2009-04-15 03:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2009-04-15 03:00:14 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2009-04-14 17:48:14 ----D---- C:\VundoFix Backups 2009-04-14 17:48:14 ----A---- C:\VundoFix.txt 2009-04-14 17:36:00 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2009-04-14 16:19:34 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-04-14 15:25:56 ----D---- C:\Documents and Settings\pat\Application Data\Google 2009-04-14 15:15:53 ----D---- C:\Program Files\Fichiers communs\Symantec Shared 2009-04-14 15:15:43 ----D---- C:\Program Files\Norton Security Scan 2009-04-14 15:15:15 ----N---- C:\WINDOWS\system32\vxblock.dll 2009-04-14 15:15:15 ----N---- C:\WINDOWS\system32\pxwave.dll 2009-04-14 15:15:15 ----N---- C:\WINDOWS\system32\pxmas.dll 2009-04-14 15:15:15 ----N---- C:\WINDOWS\system32\pxhpinst.exe 2009-04-14 15:15:15 ----N---- C:\WINDOWS\system32\pxdrv.dll 2009-04-14 15:15:14 ----N---- C:\WINDOWS\system32\px.dll 2009-04-14 15:14:53 ----D---- C:\Program Files\Picasa2 2009-04-14 15:12:19 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater 2009-04-14 15:12:15 ----D---- C:\Program Files\Google 2009-04-14 14:30:13 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-04-13 11:10:19 ----A---- C:\spry.exe 2009-04-09 13:18:37 ----D---- C:\Program Files\i2p 2009-03-28 17:13:39 ----A---- C:\WINDOWS\system32\MSSTDFMT.DLL 2009-03-28 15:27:24 ----A---- C:\WINDOWS\system32\tmp.txt 2009-03-28 15:27:06 ----A---- C:\rapport.txt 2009-03-27 20:02:31 ----D---- C:\WINDOWS\report 2009-03-27 20:02:11 ----D---- C:\WINDOWS\AU_Backup 2009-03-27 20:02:11 ----A---- C:\WINDOWS\vsapi32.dll 2009-03-27 20:02:11 ----A---- C:\WINDOWS\tsc.ini 2009-03-27 20:02:11 ----A---- C:\WINDOWS\tsc.exe 2009-03-27 20:02:11 ----A---- C:\WINDOWS\hcextoutput.dll 2009-03-27 20:02:11 ----A---- C:\WINDOWS\BPMNT.dll 2009-03-27 20:01:40 ----A---- C:\WINDOWS\GetServer.ini 2009-03-27 20:01:39 ----D---- C:\WINDOWS\AU_Temp 2009-03-27 20:01:39 ----D---- C:\WINDOWS\AU_Log 2009-03-27 20:01:38 ----A---- C:\xscan.txt 2009-03-27 20:01:35 ----A---- C:\WINDOWS\UNZIP.DLL 2009-03-27 20:01:35 ----A---- C:\WINDOWS\TMUPDATE.DLL 2009-03-27 18:58:51 ----D---- C:\Documents and Settings\pat\Application Data\Ahead 2009-03-27 18:57:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-03-27 04:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2009-03-26 17:23:45 ----HDC---- C:\WINDOWS\ie7 2009-03-26 15:57:34 ----N---- C:\WINDOWS\system32\spmsg2.dll 2009-03-26 15:57:32 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$ 2009-03-26 15:46:00 ----D---- C:\WINDOWS\system32\XPSViewer 2009-03-26 15:45:55 ----D---- C:\Program Files\MSBuild 2009-03-26 15:45:53 ----D---- C:\WINDOWS\system32\en-US 2009-03-26 15:45:42 ----D---- C:\Program Files\Reference Assemblies 2009-03-26 15:44:52 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2009-03-26 15:44:52 ----N---- C:\WINDOWS\system32\prntvpt.dll 2009-03-26 15:44:51 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2009-03-26 15:44:51 ----D---- C:\26ebef344a4584be13f9cd797300e9 2009-03-25 20:06:50 ----A---- C:\WINDOWS\system32\lsdelete.exe 2009-03-25 19:43:52 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator 2009-03-25 19:40:05 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800} 2009-03-20 20:27:28 ----D---- C:\WINDOWS\system32\Kaspersky Lab ======List of files/folders modified in the last 1 months====== 2009-04-15 22:38:56 ----D---- C:\WINDOWS\Prefetch 2009-04-15 21:26:01 ----D---- C:\Program Files\eMule 2009-04-15 20:37:10 ----SD---- C:\Documents and Settings\pat\Application Data\Microsoft 2009-04-15 17:39:07 ----SHD---- C:\WINDOWS\Installer 2009-04-15 17:38:00 ----D---- C:\WINDOWS\system32 2009-04-15 17:36:49 ----D---- C:\Program Files\Java 2009-04-15 17:27:40 ----SD---- C:\WINDOWS\Tasks 2009-04-15 17:16:53 ----D---- C:\WINDOWS\system32\drivers 2009-04-15 16:36:36 ----D---- C:\Program Files\Wanadoo 2009-04-15 16:35:25 ----D---- C:\WINDOWS 2009-04-15 16:34:42 ----RD---- C:\Program Files 2009-04-15 16:34:02 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-04-15 16:24:59 ----D---- C:\WINDOWS\system32\CatRoot2 2009-04-15 16:23:10 ----A---- C:\WINDOWS\system.ini 2009-04-15 16:20:59 ----D---- C:\WINDOWS\system32\config 2009-04-15 16:19:47 ----D---- C:\WINDOWS\AppPatch 2009-04-15 16:19:44 ----D---- C:\Program Files\Fichiers communs 2009-04-15 16:11:52 ----RASH---- C:\boot.ini 2009-04-15 15:44:11 ----D---- C:\WINDOWS\Minidump 2009-04-15 13:54:33 ----D---- C:\Program Files\Panda Security 2009-04-15 13:53:18 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-04-15 13:49:58 ----D---- C:\Program Files\ma-config.com 2009-04-15 13:49:57 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2009-04-15 13:49:33 ----HD---- C:\WINDOWS\inf 2009-04-15 08:52:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-04-15 03:07:35 ----D---- C:\WINDOWS\system32\wbem 2009-04-15 03:01:28 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-04-15 03:01:11 ----D---- C:\WINDOWS\system32\fr-fr 2009-04-15 03:01:11 ----D---- C:\Program Files\Internet Explorer 2009-04-15 03:00:34 ----HD---- C:\WINDOWS\$hf_mig$ 2009-04-14 19:01:14 ----D---- C:\Documents and Settings\pat\Application Data\Spyware Terminator 2009-04-14 19:00:57 ----D---- C:\Program Files\Spyware Terminator 2009-04-14 18:47:23 ----A---- C:\WINDOWS\NeroDigital.ini 2009-04-14 16:20:15 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-04-14 16:19:59 ----D---- C:\WINDOWS\WinSxS 2009-04-14 16:18:29 ----D---- C:\Program Files\Adobe 2009-04-13 15:59:38 ----A---- C:\WINDOWS\DUMP449a.tmp 2009-04-13 15:58:13 ----A---- C:\WINDOWS\system32\svchost.exe 2009-04-13 15:53:13 ----D---- C:\WINDOWS\network diagnostic 2009-04-13 12:00:44 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-04-13 11:12:27 ----A---- C:\WINDOWS\system32\wscntfy.exe 2009-04-06 16:57:24 ----A---- C:\WINDOWS\system32\MRT.exe 2009-03-28 17:47:18 ----D---- C:\Program Files\Crawler 2009-03-28 16:40:54 ----D---- C:\Documents and Settings\pat\Application Data\ESTsoft 2009-03-28 16:40:54 ----D---- C:\Documents and Settings\All Users\Application Data\ESTsoft 2009-03-28 16:19:41 ----D---- C:\WINDOWS\Debug 2009-03-27 20:15:36 ----D---- C:\Program Files\Avira 2009-03-27 20:15:36 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-03-27 19:47:47 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-03-27 19:47:46 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-03-27 04:02:35 ----D---- C:\WINDOWS\system32\CatRoot 2009-03-27 04:01:04 ----D---- C:\WINDOWS\ie7updates 2009-03-26 18:01:57 ----D---- C:\WINDOWS\Microsoft.NET 2009-03-26 18:01:55 ----RSD---- C:\WINDOWS\assembly 2009-03-26 17:24:50 ----D---- C:\WINDOWS\WBEM 2009-03-26 15:56:47 ----D---- C:\WINDOWS\system32\mui 2009-03-26 15:45:52 ----RSD---- C:\WINDOWS\Fonts 2009-03-26 15:45:04 ----D---- C:\WINDOWS\system32\spool 2009-03-25 19:47:49 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-03-25 19:39:48 ----D---- C:\WINDOWS\BDOSCAN8 2009-03-25 19:39:28 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard 2009-03-25 18:18:48 ----D---- C:\Program Files\a-squared Free 2009-03-25 16:40:42 ----D---- C:\WINDOWS\system32\LogFiles 2009-03-21 16:07:58 ----A---- C:\WINDOWS\system32\kernel32.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-27 75072] R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-12-28 5632] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-09-22 3727680] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-06-27 2303488] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536] R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-07-12 96384] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056] S1 lusbaudio;Microphone USB Logitech; C:\WINDOWS\system32\drivers\OVSound2.sys [2001-08-18 25216] S3 ajgul3yz;ajgul3yz; C:\WINDOWS\system32\drivers\ajgul3yz.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\GTNDIS5.SYS [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 QCEmerald;QuickCam Web Logitech; C:\WINDOWS\system32\DRIVERS\OVCE.sys [2001-08-18 31872] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320] S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336] S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-09-10 32000] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 WUSB54GPV4SRV;Wireless-G Portable USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2004-07-16 140416] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-03-20 425080] R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2009-03-27 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2009-03-27 151297] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-06-27 483328] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-15 152984] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-25 951632] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-03-25 487424] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-04-13 14336] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-06-29 520192] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-14 183280] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 GoogleDesktopManager-110408-113106;Google Desktop Manager 5.8.811.4345; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-04-14 30192] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- KASPERSKY ONLINE SCANNER 7.0 REPORT Wednesday, April 15, 2009 Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Program database last update: Wednesday, April 15, 2009 18:20:21 Records in database: 2047727 Scan settings Scan using the following database extended Scan archives yes Scan mail databases yes Scan area Critical Areas C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage C:\Documents and Settings\pat\Menu Démarrer\Programmes\Démarrage C:\Program Files C:\WINDOWS Scan statistics Files scanned 36318 Threat name 0 Infected objects 0 Suspicious objects 0 Duration of the scan 00:48:52 No malware has been detected. The scan area is clean. The selected area was scanned. Malwarebytes' Anti-Malware 1.36 Version de la base de données: 1987 Windows 5.1.2600 Service Pack 3 15/04/2009 17:59:02 mbam-log-2009-04-15 (17-59-02).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 112439 Temps écoulé: 40 minute(s), 22 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

quelqu un peut m eclairer s il vous plait??ce rapport indique t il que tout va bien??? merci d avance

MERCI ENCORE POPUP de t etre penche sur mon cas

bonjour popup m a dit de poster mon rapport hijackthis ici pour analyse l ordi marche deja mieux depuis que j ai execute combo fix en lisant d autres posts. la antivir est en analyse et malwarebytes vient de terminer un trojan de virer merci de votre aide si quelqu un a un peu de temps a me consacrer Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:54:55, on 15/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Windows Live\Family Safety\fsui.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Windows Live\Family Safety\fsssvc.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Wanadoo\GestionnaireInternet.exe C:\Program Files\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Wanadoo\Watch.exe c:\program files\avira\antivir personaledition classic\avcenter.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (User 'Default user') O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://config.zebulon.fr/plugins/hardwared...ion_3_1_2_0.cab O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Desktop Manager 5.8.811.4345 (GoogleDesktopManager-110408-113106) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 9720 bytes ps

je voulais verifier si mon disque etait integre mais la commande fsutil dirty query/C NE marche meme plus je ne sais pas si ca sert a kekchose enfin je suis loin d etre un pro

les resultats d analyse en ligne me disent que tout est bon j ai fait une analyse avec hijackthis mais je narrive pas a l interpreter je crois k il y a quelquechose quand je demande des infos sur le log

merci popup de prendre un peu de ton temps pour moi en antivirus j ai antivir et sinon malwaresbytes que je n arrive plus a lancer y a plus grand chose qui marche sur l ordi

bonjour j aurais besoin d un peu d aide s il vous plait je commence par ma barre des taches qui n affiche plus mes petites icones l impossibilite de lancer spybot et d autres programmes mon ordi qui s eteint tout seul quelquefois au redemarrage. sur google il faut du temps pour afficher la recherche etde retour sur la page google certaines lettres sont changes pas des symboles et autres.l ordi rame plus de mille j ai effectue plusieurs analyses en ligne avec des antivirus je ne sais plus quoi faire merci de votre aide