K1FF

Bon c'est fait! Une boîte de dialogue c'est ouverte qui disait que je pouvais le faire réaparaitre via le paneau de config... J'ai pas tout compris et je pense pas que ça est fait de mal au système. Sur ce je vais faire dormir le truc qu'y a entre mes oreilles et qui est en surchauffe ce soir... Merci pour ta collaboration Apollo passe une bonne fin de soirée Tcho .: K1FF :.

Oui et il a l'air de se plaire dans cette dimension! Eh ben il n'apparait pas dans winrar... Je vais tenter de le supprimer!!

Fait plus étrange encore Dans le menu contextuel je n'ai que: couper; Créer un raccourci ou Supprimer... Je vais tenter de le compresser et de te l'envoyer.

Ouf j'ai réussi! Le PC a galéré d'un coup... enfin bon voilà le lien: Ce matin ce fichier portaait le nom de "fichier système" ou quelque chose du genre. je n'y ai pas trop fait attention vu les rapports et autres dossiers dus aux antimalwares... C'est louche non?

Alors j'ai fais une capture... Comment dois je la poster?

Une dernière petite chose s'il te plait Apollo, Je viens de constater que j'ai une icône d'aplication inconnu et sans nom dans le poste de travail... Ce matin il était intitulé "fichier système" il me semble... Qu'en penses tu? Est-ce que je dois le supprimer?

Voici le rapport de MBAM: Malwarebytes' Anti-Malware 1.36 Database version: 2059 Windows 5.1.2600 Service Pack 3 29/04/2009 23:34:44 mbam-log-2009-04-29 (23-34-44).txt Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|N:\|) Objects scanned: 205146 Time elapsed: 1 hour(s), 26 minute(s), 40 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Il apparait qu'il n'y a plus d'infections... Mais avant que tu m'aides à éradiquer les malwares de mon système MBAM ne décelait rien non plus. Je deviens surement parano après la lecture du post concernant le peer to peer. Dans tout les cas je te remercie beaucoup pour ton aide. Ma soeur confirme que l'ordinateur ne rame plus autant qu'avant. Le PC a du apprécier toutes ces manipulations. Encore un grand merci et porte toi bien Apollo. @ + .:: K1FF ::.

Bonsoir et merci encore de vous pencher sur mon cas. :] Voici le rpport TB après suppression: -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : Intel® Celeron® CPU 2.80GHz ) BIOS : Phoenix - AwardBIOS v6.00PG USER : oem ( Administrator ) BOOT : Normal boot Antivirus : AVG Anti-Virus Free 8.0 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:38 Go (Free:8 Go) D:\ (Local Disk) - NTFS - Total:195 Go (Free:151 Go) E:\ (Local Disk) - NTFS - Total:35 Go (Free:6 Go) F:\ (Local Disk) - NTFS - Total:195 Go (Free:16 Go) G:\ (Local Disk) - NTFS - Total:74 Go (Free:42 Go) H:\ (CD or DVD) I:\ (CD or DVD) J:\ (USB) K:\ (USB) L:\ (USB) M:\ (USB) N:\ (Local Disk) - FAT32 - Total:465 Go (Free:206 Go) O:\ (USB) - FAT - Total:1994 Mo (Free:0 Go) P:\ (USB) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 29/04/2009| 0:37 ) -----------\\ SUPPRESSION Supprime! - C:\Program Files\AskBarDis\bar Supprime! - C:\Program Files\AskBarDis\PopSwatter Supprime! - C:\Program Files\AskBarDis\unins000.dat Supprime! - C:\Program Files\AskBarDis\unins000.exe Supprime! - C:\DOCUME~1\oem\LOCALS~1\Temp\nsu14.tmp Supprime! - C:\DOCUME~1\oem\LOCALS~1\Temp\nsx1D.tmp Supprime! - C:\Program Files\AskBarDis -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (oem) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar (oem) - {fe37be35-b028-49f9-bb0c-6a38c4e55b97} => p2p_max_france -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.google.com/ig?hl=fr&gl=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\oem\Application Data\BitTorrent\DFX 9 Audio Enhancer - ALL PRODUCTS + Keygen.torrent C:\DOCUME~1\oem\Application Data\BitTorrent\DFX.for.Windows.Media.Player.v8.352 + keygen.rar.torrent C:\DOCUME~1\oem\Application Data\BitTorrent\Smart.PC.Professional.5.4.keygen-SND.rar.torrent C:\DOCUME~1\oem\Recent\The Secrets Of Da Vinci - Le Manuscrit Interdit - Crack No-Cd- Le Bon!!!!.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 28/04/2009|10:52 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 29/04/2009| 0:38 - Option : [2] -----------\\ Fin du rapport a 0:38:57,53 Puis le rapport USBFix: ############################## [ UsbFix V3.014 ] # User : oem (Administrateurs) # OEM-KOX78FPG404 # Update on 27/04/09 by C_XX & Chiquitine29 # Start at: 00:42:08 | 29/04/2009 # Intel® Celeron® CPU 2.80GHz # Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 7.0.5730.13 # Windows Firewall Status : Enabled # AV : AVG Anti-Virus Free 8.0 [ Enabled | Updated ] # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 38,54 Go (8,71 Go free) # NTFS # D:\ # Disque fixe local # 195,91 Go (151,23 Go free) [ZiKS] # NTFS # E:\ # Disque fixe local # 35,99 Go (6,58 Go free) [ACERDATA] # NTFS # F:\ # Disque fixe local # 195,32 Go (16,59 Go free) [ViDeoS] # NTFS # G:\ # Disque fixe local # 74,54 Go (42,78 Go free) [PRoGZ] # NTFS # H:\ # Disque CD-ROM # I:\ # Disque CD-ROM # J:\ # Disque amovible # K:\ # Disque amovible # L:\ # Disque amovible # M:\ # Disque amovible # N:\ # Disque fixe local # 465,65 Go (206,37 Go free) [LaCie] # FAT32 # O:\ # Disque amovible # 1,95 Go (37,56 Mo free) # FAT # P:\ # Disque amovible ############################## [ Processus actifs ] C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\logonui.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\alg.exe ################## [ Fichiers # Dossiers infectieux ] Deleted ! C:\DOCUME~1\oem\LOCALS~1\Temp\NERO1002529\setupx.exe Deleted ! D:\autorun.inf Deleted ! F:\autorun.inf Deleted ! G:\autorun.inf ################## [ Registre # Clés Run infectieuses ] ################## [ Registre # Mountpoints2 ] Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{3c40b521-e210-11dc-939e-00016cc462b8}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{3c40b521-e210-11dc-939e-00016cc462b8}\Shell\explore\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{3c40b521-e210-11dc-939e-00016cc462b8}\Shell\open\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{3c40b522-e210-11dc-939e-00016cc462b8}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{3c40b522-e210-11dc-939e-00016cc462b8}\Shell\explore\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{3c40b522-e210-11dc-939e-00016cc462b8}\Shell\open\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{a3a28be7-29a5-11de-9fc7-00016cc462b8}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{a3a28be7-29a5-11de-9fc7-00016cc462b8}\Shell\explore\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{a3a28be7-29a5-11de-9fc7-00016cc462b8}\Shell\open\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{a9caa9ec-d914-11dd-b0b2-00016cc462b8}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{c4e65ad2-9d5a-11dd-aae8-00016cc462b8}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{c4e65ad2-9d5a-11dd-aae8-00016cc462b8}\Shell\explore\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{c4e65ad2-9d5a-11dd-aae8-00016cc462b8}\Shell\open\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{cdc6a788-9f7b-11dd-b027-806d6172696f}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{cdc6a788-9f7b-11dd-b027-806d6172696f}\Shell\explore\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{cdc6a788-9f7b-11dd-b027-806d6172696f}\Shell\open\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{cdc6a789-9f7b-11dd-b027-806d6172696f}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{cdc6a789-9f7b-11dd-b027-806d6172696f}\Shell\explore\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{cdc6a789-9f7b-11dd-b027-806d6172696f}\Shell\open\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{cdc6a78a-9f7b-11dd-b027-806d6172696f}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{cdc6a78a-9f7b-11dd-b027-806d6172696f}\Shell\explore\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{cdc6a78a-9f7b-11dd-b027-806d6172696f}\Shell\open\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{cdc6a78b-9f7b-11dd-b027-806d6172696f}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{cdc6a78b-9f7b-11dd-b027-806d6172696f}\Shell\explore\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{cdc6a78b-9f7b-11dd-b027-806d6172696f}\Shell\open\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e06ded16-7433-11dd-aa98-0014d154bd74}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e06ded16-7433-11dd-aa98-0014d154bd74}\Shell\explore\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e06ded16-7433-11dd-aa98-0014d154bd74}\Shell\open\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e1146478-7cdb-11dd-aaaa-00016cc462b8}\Shell\AutoRun\command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e1146478-7cdb-11dd-aaaa-00016cc462b8}\Shell\explore\Command Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e1146478-7cdb-11dd-aaaa-00016cc462b8}\Shell\open\Command ################## [ Listing des fichiers présent ] [23/02/2008 12:56|--a------|0] - C:\AUTOEXEC.BAT [22/10/2008 13:36|--a------|220] - C:\Boot.bak [14/12/2008 17:01|-rahs----|290] - C:\boot.ini [28/08/2001 14:00|-rahs----|4952] - C:\Bootfont.bin [04/08/2004 00:00|--a------|263488] - C:\cmldr [14/12/2008 17:13|--a------|15272] - C:\ComboFix.txt [23/02/2008 12:56|--a------|0] - C:\CONFIG.SYS [23/02/2008 12:56|-rahs----|0] - C:\IO.SYS [25/03/2008 22:02|--a------|90] - C:\LogiSetup.log [23/02/2008 12:56|-rahs----|0] - C:\MSDOS.SYS [23/02/2008 14:34|-rahs----|47564] - C:\NTDETECT.COM [12/12/2008 09:53|-rahs----|252240] - C:\ntldr [?|?|?] - C:\pagefile.sys [29/02/2008 20:47|--ah-----|268] - C:\sqmdata00.sqm [14/03/2008 23:54|--ah-----|268] - C:\sqmdata01.sqm [15/03/2008 00:13|--ah-----|268] - C:\sqmdata02.sqm [15/03/2008 00:15|--ah-----|268] - C:\sqmdata03.sqm [15/03/2008 01:26|--ah-----|268] - C:\sqmdata04.sqm [15/03/2008 13:42|--ah-----|268] - C:\sqmdata05.sqm [15/03/2008 18:35|--ah-----|268] - C:\sqmdata06.sqm [25/11/2008 22:40|--ah-----|268] - C:\sqmdata07.sqm [25/11/2008 22:52|--ah-----|232] - C:\sqmdata08.sqm [29/02/2008 20:47|--ah-----|244] - C:\sqmnoopt00.sqm [14/03/2008 23:54|--ah-----|244] - C:\sqmnoopt01.sqm [15/03/2008 00:13|--ah-----|244] - C:\sqmnoopt02.sqm [15/03/2008 00:15|--ah-----|244] - C:\sqmnoopt03.sqm [15/03/2008 01:26|--ah-----|244] - C:\sqmnoopt04.sqm [15/03/2008 13:42|--ah-----|244] - C:\sqmnoopt05.sqm [15/03/2008 18:35|--ah-----|244] - C:\sqmnoopt06.sqm [25/11/2008 22:40|--ah-----|244] - C:\sqmnoopt07.sqm [25/11/2008 22:52|--ah-----|244] - C:\sqmnoopt08.sqm [29/04/2009 00:39|--a------|2920] - C:\TB.txt [29/04/2009 00:44|--a------|7610] - C:\UsbFix.txt [16/04/2009 01:29|--a------|2896443] - D:\04_The Wild Rover (With Soldat Louis & Shane Macgowan).mp3 [12/04/2009 17:00|--a------|438074330] - D:\Adobe.Dreamweaver.CS4.v10.0.rar [26/12/2008 16:10|--a------|4147253] - D:\Audioslave - Another Brick In The Wall (Pink Floyd Cover).mp3 [13/04/2009 22:28|--a------|14809851] - D:\DFX v8.017 for WMP ,10,11 & MP3 REMIX PLUS.rar [21/10/2008 12:59|--a------|763322228] - D:\DIVX(version fran‡aise)-Maradona par Kusturica.wmv [24/02/2009 20:09|--a------|730411008] - D:\Filles.Perdues.Cheveux.Gras.FRENCH.DVDRiP.DiVX-Ulysse.[emule-island.com].avi [11/04/2009 17:29|--a------|495911162] - D:\IntǸgrale Michel Polnareff - 10 albums + 45 tours + toutes les pochettes - Excellent.rar [12/04/2009 18:58|--a------|60195344] - D:\Los Aldeanos ( aldo) MISERIA HUMANA By Rapdiacionlocal.blogspot.com.rar [12/04/2009 19:47|--a------|59525155] - D:\Los Aldeanos - Censurados by rapdiacionlocal.blogspot.com.rar [12/04/2009 14:37|--a------|734017536] - D:\Macromedia Studio 8 Full Edition.avi.rar [11/04/2009 15:53|--a------|73916474] - D:\Maniacx.-.2005.-.1er.album.-.Hip-hop.festif.(.Puppetmastaz,Svinkels,Lexicon).by.Ronchhon.rar [12/04/2009 14:27|--a------|13384740] - D:\manif de droite 2 GoogleÿVideo [13/08/2008 05:28|--ah-----|71738] - D:\Maxtor_Desktop.ico [12/04/2009 14:27|--a------|4] - D:\meta [12/04/2009 08:57|--a------|23338126] - D:\Puppetmastaz - Clones!.avi [12/04/2009 06:39|--a------|76942230] - D:\Puppetmastaz - Western.avi [11/04/2009 14:02|--a------|98681709] - D:\Puppetmastaz.The.Takeover.2008.MP3.[192kbps].RIPP.BY BuCHERON.rar [11/04/2009 04:12|--a------|4543889391] - E:\Scrubs Saison 4 Fr.rar [10/04/2009 14:12|--a------|4549662070] - E:\scrubs saison 5 fr de 1 a 24 bonne qualit‚.rar [13/08/2008 05:28|--ah-----|71738] - F:\Maxtor_Desktop.ico [13/04/2009 23:34|--a------|3190688] - G:\ccsetup218.exe [13/04/2009 21:19|--a------|1707056] - G:\DFX.for.Windows.Media.Player.v8.352 + keygen.rar [13/08/2008 05:28|--ah-----|71738] - G:\Maxtor_Desktop.ico [13/04/2009 21:47|--a------|12349952] - G:\P2PMaxFR_Vuze_4.2.0.0_windows.exe [14/05/2008 07:33|--a------|2228472] - G:\smartpcpro.exe [13/02/2009 18:42|--ahs----|21504] - G:\Thumbs.db [13/04/2009 23:31|--a------|343017] - G:\ToolBarSD.exe [13/04/2009 23:34|--a------|275698] - G:\xp-AntiSpy_french.zip [29/03/2006 14:08|--ah-----|82] - N:\._System Volume Information [11/11/2006 15:43|--a------|525950976] - N:\CD1.iso [12/04/2009 16:12|--a------|429025604] - N:\Poupee CD2.zip [12/04/2009 16:10|--a------|406577441] - N:\Poupee CD1.zip [05/03/2009 19:42|--a------|179200] - O:\cvmoon.doc [22/03/2009 11:14|--a------|1608] - O:\BOOTEX.LOG [27/03/2009 10:22|--a------|138240] - O:\cvmoontheatre.doc [14/03/2009 16:21|--a------|130066] - O:\G‚n‚rique TV - Le Journal De France 2-G‚n‚riques TV.mp3 [29/03/2009 20:38|--a------|7762755] - O:\Jean-Marie Bigard - Le lacher de Salopes.mp3 [29/03/2009 17:09|--a------|3329252] - O:\Sarkozy Remix De Discours (Drogue, Brutalit‚, Violence).mp3 ################## [ Vaccination ] # C:\autorun.inf -> Folder created by UsbFix. # D:\autorun.inf -> Folder created by UsbFix. # E:\autorun.inf -> Folder created by UsbFix. # F:\autorun.inf -> Folder created by UsbFix. # G:\autorun.inf -> Folder created by UsbFix. # N:\autorun.inf -> Folder created by UsbFix. # O:\autorun.inf -> Folder created by UsbFix. ################## [ Cracks / Keygens / Serials ] C:\Documents and Settings\oem\Bureau\OPTiMiSaTioN\TuneUp.Utilities.2009.v8.0.2000.35.FR.Incl-Serial.[emule-island.com].rar G:\DFX.for.Windows.Media.Player.v8.352 + keygen.rar ################## [ ! Fin du rapport # UsbFix V3.014 ! ] Et enfin le Log HiJackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:54:29, on 29/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\explorer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [eMuleAutoStart] E:\emule\emule.exe -AutoStart O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1203773015484 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_12.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BEC711BF-3635-42AE-927E-EA597580139B}: NameServer = 192.168.1.1 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- End of file - 6272 bytes

Merci de ù'aider Apollo, Voici le rapport de USBFix: ############################## [ UsbFix V3.014 ] # User : oem (Administrateurs) # OEM-KOX78FPG404 # Update on 27/04/09 by C_XX & Chiquitine29 # Start at: 10:44:26 | 28/04/2009 # Intel® Celeron® CPU 2.80GHz # Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 7.0.5730.13 # Windows Firewall Status : Enabled # AV : AVG Anti-Virus Free 8.0 [ Enabled | Updated ] # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 38,54 Go (8,77 Go free) # NTFS # D:\ # Disque fixe local # 195,91 Go (151,23 Go free) [ZiKS] # NTFS # E:\ # Disque fixe local # 35,99 Go (7,37 Go free) [ACERDATA] # NTFS # F:\ # Disque fixe local # 195,32 Go (16,59 Go free) [ViDeoS] # NTFS # G:\ # Disque fixe local # 74,54 Go (41,95 Go free) [PRoGZ] # NTFS # H:\ # Disque CD-ROM # I:\ # Disque CD-ROM # J:\ # Disque amovible # 1,87 Go (708,28 Mo free) # FAT # K:\ # Disque amovible # L:\ # Disque amovible # M:\ # Disque amovible # N:\ # Disque fixe local # 465,65 Go (206,37 Go free) [LaCie] # FAT32 ############################## [ Processus actifs ] C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\DNA\btdna.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ################## [ Registre # Startup ] HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm" HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" HKCU_Main: "Start Page"="http://www.google.com/ig?hl=fr&gl="'>http://www.google.com/ig?hl=fr&gl=" HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," HKLM_logon: "DefaultUserName"="oem" HKLM_logon: "AltDefaultUserName"="oem" HKLM_logon: "LegalNoticeCaption"="" HKLM_logon: "LegalNoticeText"="" HKLM_Run: SoundMan=SOUNDMAN.EXE HKLM_Run: BluetoothAuthenticationAgent=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent HKLM_Run: AVG8_TRAY=C:\PROGRA~1\AVG\AVG8\avgtray.exe HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime HKLM_Run: VirtualCloneDrive="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe HKCU_Run: MSMSGS="C:\Program Files\Messenger\msmsgs.exe" /background HKCU_Run: OM2_Monitor="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart HKCU_Run: MsnMsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKCU_Run: BitTorrent DNA="C:\Program Files\DNA\btdna.exe" HKCU_Run: eMuleAutoStart=E:\emule\emule.exe -AutoStart ################## [ Informations ] ################## [ Fichiers # Dossiers infectieux ] Found ! C:\DOCUME~1\oem\LOCALS~1\Temp\NERO1002529\setupx.exe Found ! D:\autorun.inf Found ! F:\autorun.inf Found ! G:\autorun.inf Found ! J:\msvcr71.dll ################## [ Registre # Clés Run infectieuses ] ################## [ Registre # Mountpoints2 ] HKCU\Software\Microsoft\....\MountPoints2\{3c40b521-e210-11dc-939e-00016cc462b8}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{3c40b521-e210-11dc-939e-00016cc462b8}\Shell\explore\Command HKCU\Software\Microsoft\....\MountPoints2\{3c40b521-e210-11dc-939e-00016cc462b8}\Shell\open\Command HKCU\Software\Microsoft\....\MountPoints2\{3c40b522-e210-11dc-939e-00016cc462b8}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{3c40b522-e210-11dc-939e-00016cc462b8}\Shell\explore\Command HKCU\Software\Microsoft\....\MountPoints2\{3c40b522-e210-11dc-939e-00016cc462b8}\Shell\open\Command HKCU\Software\Microsoft\....\MountPoints2\{a3a28be7-29a5-11de-9fc7-00016cc462b8}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{a3a28be7-29a5-11de-9fc7-00016cc462b8}\Shell\explore\Command HKCU\Software\Microsoft\....\MountPoints2\{a3a28be7-29a5-11de-9fc7-00016cc462b8}\Shell\open\Command HKCU\Software\Microsoft\....\MountPoints2\{a9caa9ec-d914-11dd-b0b2-00016cc462b8}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{c4e65ad2-9d5a-11dd-aae8-00016cc462b8}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{c4e65ad2-9d5a-11dd-aae8-00016cc462b8}\Shell\explore\Command HKCU\Software\Microsoft\....\MountPoints2\{c4e65ad2-9d5a-11dd-aae8-00016cc462b8}\Shell\open\Command HKCU\Software\Microsoft\....\MountPoints2\{cdc6a788-9f7b-11dd-b027-806d6172696f}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{cdc6a788-9f7b-11dd-b027-806d6172696f}\Shell\explore\Command HKCU\Software\Microsoft\....\MountPoints2\{cdc6a788-9f7b-11dd-b027-806d6172696f}\Shell\open\Command HKCU\Software\Microsoft\....\MountPoints2\{cdc6a789-9f7b-11dd-b027-806d6172696f}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{cdc6a789-9f7b-11dd-b027-806d6172696f}\Shell\explore\Command HKCU\Software\Microsoft\....\MountPoints2\{cdc6a789-9f7b-11dd-b027-806d6172696f}\Shell\open\Command HKCU\Software\Microsoft\....\MountPoints2\{cdc6a78a-9f7b-11dd-b027-806d6172696f}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{cdc6a78a-9f7b-11dd-b027-806d6172696f}\Shell\explore\Command HKCU\Software\Microsoft\....\MountPoints2\{cdc6a78a-9f7b-11dd-b027-806d6172696f}\Shell\open\Command HKCU\Software\Microsoft\....\MountPoints2\{cdc6a78b-9f7b-11dd-b027-806d6172696f}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{cdc6a78b-9f7b-11dd-b027-806d6172696f}\Shell\explore\Command HKCU\Software\Microsoft\....\MountPoints2\{cdc6a78b-9f7b-11dd-b027-806d6172696f}\Shell\open\Command HKCU\Software\Microsoft\....\MountPoints2\{e06ded16-7433-11dd-aa98-0014d154bd74}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{e06ded16-7433-11dd-aa98-0014d154bd74}\Shell\explore\Command HKCU\Software\Microsoft\....\MountPoints2\{e06ded16-7433-11dd-aa98-0014d154bd74}\Shell\open\Command HKCU\Software\Microsoft\....\MountPoints2\{e1146478-7cdb-11dd-aaaa-00016cc462b8}\Shell\AutoRun\command HKCU\Software\Microsoft\....\MountPoints2\{e1146478-7cdb-11dd-aaaa-00016cc462b8}\Shell\explore\Command HKCU\Software\Microsoft\....\MountPoints2\{e1146478-7cdb-11dd-aaaa-00016cc462b8}\Shell\open\Command ################## [ ! Fin du rapport # UsbFix V3.014 ! ] et voici le rapport TB -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : Intel® Celeron® CPU 2.80GHz ) BIOS : Phoenix - AwardBIOS v6.00PG USER : oem ( Administrator ) BOOT : Normal boot Antivirus : AVG Anti-Virus Free 8.0 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:38 Go (Free:8 Go) D:\ (Local Disk) - NTFS - Total:195 Go (Free:151 Go) E:\ (Local Disk) - NTFS - Total:35 Go (Free:7 Go) F:\ (Local Disk) - NTFS - Total:195 Go (Free:16 Go) G:\ (Local Disk) - NTFS - Total:74 Go (Free:41 Go) H:\ (CD or DVD) I:\ (CD or DVD) J:\ (USB) - FAT - Total:1919 Mo (Free:0 Go) K:\ (USB) L:\ (USB) M:\ (USB) N:\ (Local Disk) - FAT32 - Total:465 Go (Free:206 Go) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 28/04/2009|10:50 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\AskBarDis C:\Program Files\AskBarDis\bar C:\Program Files\AskBarDis\PopSwatter C:\Program Files\AskBarDis\unins000.dat C:\Program Files\AskBarDis\unins000.exe C:\Program Files\AskBarDis\bar\bin C:\Program Files\AskBarDis\bar\Cache C:\Program Files\AskBarDis\bar\History C:\Program Files\AskBarDis\bar\Settings C:\Program Files\AskBarDis\bar\bin\askBar.dll C:\Program Files\AskBarDis\bar\bin\askPopStp.dll C:\Program Files\AskBarDis\bar\bin\psvince.dll C:\Program Files\AskBarDis\bar\Cache\00526B8C C:\Program Files\AskBarDis\bar\Cache\005276C7 C:\Program Files\AskBarDis\bar\Cache\00527A32.bin C:\Program Files\AskBarDis\bar\Cache\00527E49.bin C:\Program Files\AskBarDis\bar\Cache\0052809B.bin C:\Program Files\AskBarDis\bar\Cache\0052829E.bin C:\Program Files\AskBarDis\bar\Cache\00528609.bin C:\Program Files\AskBarDis\bar\Cache\0052885B.bin C:\Program Files\AskBarDis\bar\Cache\files.ini C:\Program Files\AskBarDis\bar\History\search C:\Program Files\AskBarDis\bar\Settings\config.dat C:\Program Files\AskBarDis\bar\Settings\config.dat.bak C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm C:\Program Files\AskBarDis\PopSwatter\History C:\Program Files\AskBarDis\PopSwatter\History\allowed C:\Program Files\AskBarDis\PopSwatter\History\notallow C:\DOCUME~1\oem\LOCALS~1\Temp\nsu14.tmp C:\DOCUME~1\oem\LOCALS~1\Temp\nsx1D.tmp -----------\\ Extensions (oem) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar (oem) - {fe37be35-b028-49f9-bb0c-6a38c4e55b97} => p2p_max_france -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.google.com/ig?hl=fr&gl=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\oem\Application Data\BitTorrent\DFX 9 Audio Enhancer - ALL PRODUCTS + Keygen.torrent C:\DOCUME~1\oem\Application Data\BitTorrent\DFX.for.Windows.Media.Player.v8.352 + keygen.rar.torrent C:\DOCUME~1\oem\Application Data\BitTorrent\Smart.PC.Professional.5.4.keygen-SND.rar.torrent C:\DOCUME~1\oem\Recent\The Secrets Of Da Vinci - Le Manuscrit Interdit - Crack No-Cd- Le Bon!!!!.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 28/04/2009|10:52 - Option : [1] -----------\\ Fin du rapport a 10:52:06,51

Bonsoir, Mon PC rame depuis quelques mois, surtout lorsque je suis connecté sur internet. J'ai analysé tout les disques avec mon antivirus, avg pour ne pas le citer, qui ne décèle rien d'anormal. J'ai lancé une autre analyse cette fois avec malwarebytes et toujours rien. En consultant le forum je me rend compte que je ne suis pas tout seul dans ce cas... J'ai envoyé une analyse avec RSIT dont voici le rapport: Logfile of random's system information tool 1.06 (written by random/random) Run by oem at 2009-04-28 00:04:10 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 9 GB (23%) free of 39 GB Total RAM: 479 MB (17% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:04:26, on 28/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Executive Software\Diskeeper\DkService.exe E:\emule\emule.exe C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\oem\Bureau\RSIT.exe C:\Program Files\trend micro\oem.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [eMuleAutoStart] E:\emule\emule.exe -AutoStart O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1203773015484 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_12.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BEC711BF-3635-42AE-927E-EA597580139B}: NameServer = 192.168.1.1 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- End of file - 6799 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-21 308832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-02-01 1078552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}] AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-02-01 1968920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-02-01 1968920] {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536] "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent [] "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-02-01 1601304] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624] "VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2005-04-12 45056] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] "OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2008-11-07 95536] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-04-25 321344] "eMuleAutoStart"=E:\emule\emule.exe [2009-02-22 5668864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] bthprops.cpl,,BluetoothAuthenticationAgent [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower] SiSPower.dll,ModeAgent [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2004-12-14 29696] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Wireless Configuration Utility.lnk - C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] C:\WINDOWS\system32\avgrsstx.dll [2009-02-01 10520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDrives"=0 "NoDriveAutoRun"=67108863 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "E:\emule\emule.exe"="E:\emule\emule.exe:*:Enabled:eMule" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe" "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe" "D:\Program Files\BitTorrent\bittorrent.exe"="D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA" "E:\Program Files\adslTV\vlc.exe"="E:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player" "C:\Program Files\SiSoftware\SiSoftware Sandra Professional Affaires 2009.SP1\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Professional Affaires 2009.SP1\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "E:\Program Files\BitTorrent\bittorrent.exe"="E:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c40b521-e210-11dc-939e-00016cc462b8}] shell\AutoRun\command - 3g08.bat shell\explore\command - 3g08.bat shell\open\command - 3g08.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c40b522-e210-11dc-939e-00016cc462b8}] shell\AutoRun\command - 3g08.bat shell\explore\command - 3g08.bat shell\open\command - 3g08.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3a28be7-29a5-11de-9fc7-00016cc462b8}] shell\AutoRun\command - F:\ shell\explore\command - RECYCLER\INFO.exe shell\open\command - RECYCLER\INFO.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a9caa9ec-d914-11dd-b0b2-00016cc462b8}] shell\AutoRun\command - D:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c4e65ad2-9d5a-11dd-aae8-00016cc462b8}] shell\AutoRun\command - K:\2fiji.com shell\explore\command - K:\2fiji.com shell\open\command - K:\2fiji.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cdc6a788-9f7b-11dd-b027-806d6172696f}] shell\AutoRun\command - D:\xlk9.com shell\explore\command - D:\xlk9.com shell\open\command - D:\xlk9.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cdc6a789-9f7b-11dd-b027-806d6172696f}] shell\AutoRun\command - F:\xlk9.com shell\explore\command - F:\xlk9.com shell\open\command - F:\xlk9.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cdc6a78a-9f7b-11dd-b027-806d6172696f}] shell\AutoRun\command - G:\xlk9.com shell\explore\command - G:\xlk9.com shell\open\command - G:\xlk9.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cdc6a78b-9f7b-11dd-b027-806d6172696f}] shell\AutoRun\command - I:\xlk9.com shell\explore\command - I:\xlk9.com shell\open\command - I:\xlk9.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e06ded16-7433-11dd-aa98-0014d154bd74}] shell\AutoRun\command - 83fgj.com shell\explore\command - 83fgj.com shell\open\command - 83fgj.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e1146478-7cdb-11dd-aaaa-00016cc462b8}] shell\AutoRun\command - 68.exe shell\explore\command - 68.exe shell\open\command - 68.exe ======List of files/folders created in the last 1 months====== 2009-04-27 19:11:00 ----D---- C:\Program Files\trend micro 2009-04-27 19:10:40 ----D---- C:\rsit 2009-04-19 14:44:54 ----D---- C:\Program Files\AskBarDis 2009-04-19 14:44:32 ----D---- C:\Program Files\Fichiers communs\DVDVideoSoft 2009-04-19 14:44:32 ----D---- C:\Program Files\DVDVideoSoft 2009-04-17 09:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-04-17 09:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$ 2009-04-17 09:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2009-04-17 09:06:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2009-04-17 09:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2009-04-17 09:06:24 ----A---- C:\WINDOWS\imsins.BAK 2009-04-17 09:06:18 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2009-04-13 23:36:47 ----D---- C:\Program Files\CCleaner 2009-04-13 22:25:46 ----D---- C:\Program Files\DOSBox-0.72 2009-04-12 17:44:29 ----D---- C:\Documents and Settings\oem\Application Data\Smart PC Solutions 2009-04-12 17:44:10 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-04-12 17:42:36 ----D---- C:\Program Files\Smart PC Solutions 2009-04-11 18:41:27 ----D---- C:\Program Files\Executive Software 2009-04-02 20:07:51 ----D---- C:\Program Files\Microsoft 2009-04-02 20:07:28 ----D---- C:\Program Files\Windows Live SkyDrive ======List of files/folders modified in the last 1 months====== 2009-04-27 23:57:58 ----D---- C:\Documents and Settings\oem\Application Data\DNA 2009-04-27 23:49:54 ----A---- C:\WINDOWS\RTacDbg.txt 2009-04-27 23:38:29 ----D---- C:\WINDOWS\Temp 2009-04-27 23:38:08 ----D---- C:\WINDOWS 2009-04-27 23:37:55 ----D---- C:\Program Files\DNA 2009-04-27 23:36:27 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-04-27 19:26:40 ----D---- C:\WINDOWS\Prefetch 2009-04-27 19:26:34 ----D---- C:\Program Files\RamBoost XP 2009-04-27 19:11:00 ----RD---- C:\Program Files 2009-04-27 17:27:03 ----D---- C:\Documents and Settings\oem\Application Data\dvdcss 2009-04-25 12:38:42 ----D---- C:\Documents and Settings\oem\Application Data\BitTorrent 2009-04-25 12:21:38 ----HD---- C:\$AVG8.VAULT$ 2009-04-25 11:55:16 ----D---- C:\WINDOWS\system32\CatRoot2 2009-04-23 18:56:07 ----D---- C:\Documents and Settings\oem\Application Data\OpenOffice.org2 2009-04-19 14:44:32 ----D---- C:\Program Files\Fichiers communs 2009-04-17 19:49:32 ----D---- C:\WINDOWS\system32 2009-04-17 19:49:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-04-17 19:44:36 ----D---- C:\WINDOWS\system32\wbem 2009-04-17 19:44:35 ----D---- C:\WINDOWS\AppPatch 2009-04-17 09:09:52 ----HD---- C:\WINDOWS\inf 2009-04-17 09:09:50 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-04-17 09:09:26 ----D---- C:\WINDOWS\system32\fr-fr 2009-04-17 09:09:26 ----D---- C:\Program Files\Internet Explorer 2009-04-17 09:07:09 ----D---- C:\WINDOWS\Debug 2009-04-17 09:06:43 ----HD---- C:\WINDOWS\$hf_mig$ 2009-04-14 15:16:59 ----SHD---- C:\Config.Msi 2009-04-14 00:29:17 ----SHD---- C:\WINDOWS\Installer 2009-04-14 00:28:32 ----D---- C:\Program Files\Fichiers communs\Nero 2009-04-14 00:28:32 ----D---- C:\Documents and Settings\All Users\Application Data\Nero 2009-04-14 00:04:32 ----D---- C:\Program Files\Nero 2009-04-14 00:02:29 ----A---- C:\WINDOWS\Irremote.ini 2009-04-13 23:43:21 ----D---- C:\Program Files\Xilisoft 2009-04-13 22:15:23 ----HD---- C:\WINDOWS\PIF 2009-04-13 22:02:38 ----D---- C:\WINDOWS\system32\drivers 2009-04-13 22:02:15 ----D---- C:\Program Files\Elaborate Bytes 2009-04-13 03:35:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-04-11 18:44:47 ----D---- C:\WINDOWS\Help 2009-04-11 18:41:47 ----D---- C:\WINDOWS\Downloaded Installations 2009-04-11 14:33:07 ----D---- C:\Program Files\Jasc Software Inc 2009-04-11 03:28:10 ----A---- C:\WINDOWS\cdplayer.ini 2009-04-06 16:57:24 ----A---- C:\WINDOWS\system32\MRT.exe 2009-04-02 20:11:41 ----D---- C:\Program Files\Windows Live 2009-04-02 20:11:32 ----D---- C:\WINDOWS\WinSxS 2009-04-02 20:07:33 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-04-02 20:07:33 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-02-01 325128] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-01 27656] R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-02-01 107272] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2007-10-03 18944] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-08-25 21035] R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2005-11-21 16512] R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS [] R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-01-24 4127488] R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608] R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2007-10-03 322560] R3 SISNIC;Pilote de carte Fast Ethernet PCI SiS; C:\WINDOWS\System32\DRIVERS\sisnic.sys [2004-08-03 32768] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120] S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768] S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [] S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136] S3 RTL8187B;TRENDnet TEW-424UB 54M USB Dongle; C:\WINDOWS\system32\DRIVERS\RTL8187B.sys [2007-07-19 264576] S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Professional Affaires 2009.SP1\WNt500x86\Sandra.sys [] S3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2003-09-01 104064] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-02-01 903960] R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-02-01 298264] R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 Diskeeper;Diskeeper; C:\Program Files\Executive Software\Diskeeper\DkService.exe [2003-08-22 241664] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-29 138168] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] -----------------EOF----------------- Qu'en pensez vous? Suis je victime d'un malware bien caché? Merci d'avance

ok desolé

Désolé pour le désagrément...