roxas

Merci infiniment encore une fois J'ai suivi vos conseil concernant Malware Complaints. Bon surf^^

Le pc va mieux ! La connexion est revenue à la normale. Il n'est plus du tout infecté selon vous ? En tout cas merci infiniment pour votre aide. Merci, merci^^

Bnjour Gof Voici le rapport SystemLook v1.0 by jpshortstuff (22.05.09) Log created at 16:45 on 01/06/2009 by Angélique (Administrator - Elevation successful) ========== filefind ========== Searching for "CF*.exe" C:\Combo-Fix\CF31471.exe --a--- 401408 bytes [19:39 31/05/2009] [19:39 31/05/2009] C152DEEF8BB93DC9FCCB0F2183C2E44E C:\WINDOWS\$NtServicePackUninstall$\cfgwiz.exe -----c 188480 bytes [15:03 30/09/2008] [14:52 24/03/2003] C91B0AF008E40FB467AE75520DC5261A C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe ------ 188480 bytes [02:33 14/04/2008] [02:33 14/04/2008] 78A750DE7DA0424AA509F5F36D6305D1 -=End Of File=-

Je ne parviens pas à retrouver le fichier CF8538.exe Est-il possible qu'il se soit effacé ?

Non pas aux deux endroit, lorsque je l'ai supprimé d'abord par IE et lorsque je suis allé sans connexion réseaux il avait disparu également. J'ai vérifié en redémarrant et il n'y est plus.

Apparemment ce "z-connect" est bel et bien parti ! Quant au pc, il reste un peu long avant de charger une page, mais c'est déjà mieux qu'avant (il est probable que ma connexion livebox y soit pour quelque chose...)

Ok, il reste ce "z-connect" dans ma liste de connexion. J'ai l'impression que ma ligne est "détournée"( le navigateur Orange est parfois déconnecté, mais j'arrive quand même à aller sur le net) Quels outils faut-il désinstallés à présent ?

Logfile of random's system information tool 1.06 (written by random/random) Run by Angélique at 2009-05-31 20:13:11 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 183 GB (60%) free of 305 GB Total RAM: 511 MB (10% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:13:45, on 31/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe C:\WINDOWS\system32\svchost.exe C:\Documents and Settings\Angélique\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Wanadoo\GestionnaireInternet.exe C:\Program Files\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Wanadoo\Watch.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Documents and Settings\Angélique\Bureau\RSIT.exe C:\Program Files\trend micro\Angélique.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Notification de cadeaux MSN.lnk = ? O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: TrayMin210.exe.lnk = ? O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_12.cab O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.vm-wl.com/DownloadManager/Relea...rod/DownMan.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 8240 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-05-15 352256] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-24 259696] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-03-21 185896] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-14 39408] "PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2008-12-03 1205760] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe TrayMin210.exe.lnk - C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe C:\Documents and Settings\Angélique\Menu Démarrer\Programmes\Démarrage Notification de cadeaux MSN.lnk - C:\Documents and Settings\Angélique\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDrives"=0 "NoDriveAutoRun"=67108863 "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "HonorAutoRunSetting"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Disabled:eMule" "C:\Program Files\InterVideo\DVD8\WinDVD.exe"="C:\Program Files\InterVideo\DVD8\WinDVD.exe:*:Disabled:WinDVD" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Disabled:Veoh Client" "C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process " "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Disabled:Nokia Software Updater" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" ======List of files/folders created in the last 1 months====== 2009-05-31 18:24:43 ----HDC---- C:\WINDOWS\ie8 2009-05-30 20:57:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-05-30 20:51:27 ----SHD---- C:\RECYCLER 2009-05-30 19:50:20 ----A---- C:\ComboFix.txt 2009-05-30 19:34:49 ----A---- C:\Boot.bak 2009-05-30 19:34:39 ----RASHD---- C:\cmdcons 2009-05-30 19:23:16 ----D---- C:\Program Files\ma-config.com 2009-05-30 19:23:16 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2009-05-30 18:20:37 ----D---- C:\rsit 2009-05-29 17:33:07 ----A---- C:\WINDOWS\zip.exe 2009-05-29 17:33:07 ----A---- C:\WINDOWS\SWXCACLS.exe 2009-05-29 17:33:07 ----A---- C:\WINDOWS\SWSC.exe 2009-05-29 17:33:07 ----A---- C:\WINDOWS\SWREG.exe 2009-05-29 17:33:07 ----A---- C:\WINDOWS\sed.exe 2009-05-29 17:33:07 ----A---- C:\WINDOWS\PEV.exe 2009-05-29 17:33:07 ----A---- C:\WINDOWS\grep.exe 2009-05-29 17:32:46 ----SD---- C:\ComboFix 2009-05-23 18:45:37 ----D---- C:\_OTMoveIt 2009-05-23 18:30:23 ----RASHD---- C:\autorun.inf 2009-05-23 18:28:32 ----A---- C:\UsbFix.txt 2009-05-22 20:40:16 ----D---- C:\FindyKill 2009-05-22 19:42:11 ----D---- C:\Documents and Settings\Angélique\Application Data\Malwarebytes 2009-05-22 19:42:02 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-05-21 19:46:35 ----D---- C:\Rooter$ 2009-05-20 20:29:03 ----A---- C:\WINDOWS\ModemLog_SoftV90 Data Fax Voice Modem.txt ======List of files/folders modified in the last 1 months====== 2009-05-31 20:13:24 ----D---- C:\Program Files\Trend Micro 2009-05-31 20:09:21 ----D---- C:\WINDOWS\Prefetch 2009-05-31 19:53:02 ----D---- C:\WINDOWS\Temp 2009-05-31 19:38:44 ----D---- C:\Program Files\Mozilla Firefox 2009-05-31 19:04:16 ----D---- C:\Program Files\Wanadoo 2009-05-31 19:01:38 ----A---- C:\WINDOWS\win.ini 2009-05-31 18:41:49 ----D---- C:\WINDOWS\system32\CatRoot2 2009-05-31 18:33:04 ----D---- C:\Documents and Settings\Angélique\Application Data\OpenOffice.org2 2009-05-31 18:33:03 ----D---- C:\WINDOWS\system32 2009-05-31 18:32:57 ----D---- C:\WINDOWS 2009-05-31 18:32:14 ----D---- C:\WINDOWS\system32\fr-fr 2009-05-31 18:32:13 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-05-31 18:32:13 ----HD---- C:\WINDOWS\inf 2009-05-31 18:32:13 ----D---- C:\WINDOWS\Media 2009-05-31 18:32:13 ----D---- C:\WINDOWS\Help 2009-05-31 18:32:13 ----D---- C:\Program Files\Internet Explorer 2009-05-31 18:31:23 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-05-31 18:26:35 ----HD---- C:\WINDOWS\msdownld.tmp 2009-05-31 18:26:34 ----RD---- C:\Program Files 2009-05-31 18:20:27 ----SD---- C:\Documents and Settings\Angélique\Application Data\Microsoft 2009-05-30 23:07:00 ----HD---- C:\WINDOWS\system32\drivers 2009-05-30 19:50:24 ----D---- C:\QooBox 2009-05-30 19:48:58 ----SD---- C:\WINDOWS\Tasks 2009-05-30 19:48:52 ----D---- C:\WINDOWS\repair 2009-05-30 19:42:30 ----A---- C:\WINDOWS\system.ini 2009-05-30 19:38:59 ----D---- C:\WINDOWS\system32\config 2009-05-30 19:38:47 ----D---- C:\WINDOWS\erdnt 2009-05-30 19:37:47 ----D---- C:\WINDOWS\AppPatch 2009-05-30 19:37:44 ----D---- C:\Program Files\Fichiers communs 2009-05-30 19:34:50 ----RASH---- C:\boot.ini 2009-05-30 19:23:37 ----SHD---- C:\WINDOWS\Installer 2009-05-30 19:23:37 ----D---- C:\Config.Msi 2009-05-27 19:11:04 ----A---- C:\WINDOWS\WORDPAD.INI 2009-05-23 16:26:10 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-05-21 20:45:46 ----D---- C:\WINDOWS\Minidump 2009-05-21 19:13:44 ----D---- C:\WINDOWS\system 2009-05-18 18:09:50 ----D---- C:\WINDOWS\Debug 2009-05-15 22:47:30 ----D---- C:\Program Files\eMule 2009-05-08 17:47:52 ----RSD---- C:\WINDOWS\Fonts 2009-05-07 09:16:29 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944] R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032] R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys [] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-03 11868] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-01-24 4127488] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152] R3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536] R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032] R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] R3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664] R3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408] R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] R3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] R3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112] R3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288] S3 MPUSens;MPUSens; C:\WINDOWS\system32\drivers\MPUSens.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112] S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [] S3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800] S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800] S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688] S3 ZSMC301b;Philips SPC210NC Webcam; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2005-02-26 91527] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960] R2 IviRegMgr;IviRegMgr; C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe [2006-12-05 112152] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-08 152984] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872] R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-24 182768] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] -----------------EOF-----------------

SystemLook v1.0 by jpshortstuff (22.05.09) Log created at 20:05 on 31/05/2009 by Angélique (Administrator - Elevation successful) ========== filefind ========== Searching for "*autorun.inf" C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\autorun.inf --a--- 332343 bytes [15:40 10/08/2006] [15:40 10/08/2006] 1148C33E3EC62DF36ECA6D8A00C7D0FF C:\Program Files\HP\Temp\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\autorun.inf --a--- 332343 bytes [15:40 10/08/2006] [15:40 10/08/2006] 1148C33E3EC62DF36ECA6D8A00C7D0FF C:\Program Files\Nero\Nero8\Nero Burning Rom\SecurDisc\Autorun.inf --a--- 30 bytes [16:13 07/12/2006] [16:13 07/12/2006] 868F92861A541B9969EF4B97F3D4C01E ========== contents ========== C:\autorun.inf - Unable to open file. ========== dir ========== C:\autorun.inf - Parameters: "/s" ---Files--- lpt3.This folder was created by UsbFix --a--- 0 bytes [16:30 23/05/2009] [16:30 23/05/2009] No folders found. -=End Of File=-

Heu, pour del.bat, est-ce normal que la fenêtre noire n'apparaisse qu'une demi seconde ?!

Salut Le PC rame assez aujourd'hui pour aller sur le net Rapport log.txt Logfile of random's system information tool 1.06 (written by random/random) Run by Angélique at 2009-05-31 19:42:44 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 183 GB (60%) free of 305 GB Total RAM: 511 MB (19% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:43:12, on 31/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe C:\WINDOWS\system32\svchost.exe C:\Documents and Settings\Angélique\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\spider.exe C:\Program Files\Wanadoo\GestionnaireInternet.exe C:\Program Files\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Wanadoo\Watch.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Angélique\Bureau\RSIT.exe C:\Program Files\trend micro\Angélique.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Notification de cadeaux MSN.lnk = ? O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: TrayMin210.exe.lnk = ? O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_12.cab O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.vm-wl.com/DownloadManager/Relea...rod/DownMan.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 7925 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-05-15 352256] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-24 259696] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-03-21 185896] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-14 39408] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe TrayMin210.exe.lnk - C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe C:\Documents and Settings\Angélique\Menu Démarrer\Programmes\Démarrage Notification de cadeaux MSN.lnk - C:\Documents and Settings\Angélique\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDrives"=0 "NoDriveAutoRun"=67108863 "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "HonorAutoRunSetting"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Disabled:eMule" "C:\Program Files\InterVideo\DVD8\WinDVD.exe"="C:\Program Files\InterVideo\DVD8\WinDVD.exe:*:Disabled:WinDVD" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Disabled:Veoh Client" "C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process " "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Disabled:Nokia Software Updater" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" ======List of files/folders created in the last 1 months====== 2009-05-31 18:24:43 ----HDC---- C:\WINDOWS\ie8 2009-05-30 20:57:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-05-30 20:51:27 ----SHD---- C:\RECYCLER 2009-05-30 19:50:20 ----A---- C:\ComboFix.txt 2009-05-30 19:34:49 ----A---- C:\Boot.bak 2009-05-30 19:34:39 ----RASHD---- C:\cmdcons 2009-05-30 19:23:16 ----D---- C:\Program Files\ma-config.com 2009-05-30 19:23:16 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2009-05-30 18:20:37 ----D---- C:\rsit 2009-05-29 17:33:07 ----A---- C:\WINDOWS\zip.exe 2009-05-29 17:33:07 ----A---- C:\WINDOWS\SWXCACLS.exe 2009-05-29 17:33:07 ----A---- C:\WINDOWS\SWSC.exe 2009-05-29 17:33:07 ----A---- C:\WINDOWS\SWREG.exe 2009-05-29 17:33:07 ----A---- C:\WINDOWS\sed.exe 2009-05-29 17:33:07 ----A---- C:\WINDOWS\PEV.exe 2009-05-29 17:33:07 ----A---- C:\WINDOWS\grep.exe 2009-05-29 17:32:46 ----SD---- C:\ComboFix 2009-05-23 18:45:37 ----D---- C:\_OTMoveIt 2009-05-23 18:30:23 ----RASHD---- C:\autorun.inf 2009-05-23 18:28:32 ----A---- C:\UsbFix.txt 2009-05-22 20:40:16 ----D---- C:\FindyKill 2009-05-22 19:42:11 ----D---- C:\Documents and Settings\Angélique\Application Data\Malwarebytes 2009-05-22 19:42:02 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-05-21 19:46:35 ----D---- C:\Rooter$ 2009-05-20 20:29:03 ----A---- C:\WINDOWS\ModemLog_SoftV90 Data Fax Voice Modem.txt ======List of files/folders modified in the last 1 months====== 2009-05-31 19:42:58 ----D---- C:\Program Files\Trend Micro 2009-05-31 19:41:41 ----D---- C:\WINDOWS\Prefetch 2009-05-31 19:38:44 ----D---- C:\Program Files\Mozilla Firefox 2009-05-31 19:04:16 ----D---- C:\Program Files\Wanadoo 2009-05-31 19:01:38 ----A---- C:\WINDOWS\win.ini 2009-05-31 18:41:49 ----D---- C:\WINDOWS\system32\CatRoot2 2009-05-31 18:33:55 ----D---- C:\WINDOWS\Temp 2009-05-31 18:33:04 ----D---- C:\Documents and Settings\Angélique\Application Data\OpenOffice.org2 2009-05-31 18:33:03 ----D---- C:\WINDOWS\system32 2009-05-31 18:32:57 ----D---- C:\WINDOWS 2009-05-31 18:32:14 ----D---- C:\WINDOWS\system32\fr-fr 2009-05-31 18:32:13 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-05-31 18:32:13 ----HD---- C:\WINDOWS\inf 2009-05-31 18:32:13 ----D---- C:\WINDOWS\Media 2009-05-31 18:32:13 ----D---- C:\WINDOWS\Help 2009-05-31 18:32:13 ----D---- C:\Program Files\Internet Explorer 2009-05-31 18:31:23 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-05-31 18:26:35 ----HD---- C:\WINDOWS\msdownld.tmp 2009-05-31 18:26:34 ----RD---- C:\Program Files 2009-05-31 18:20:27 ----SD---- C:\Documents and Settings\Angélique\Application Data\Microsoft 2009-05-30 23:07:00 ----HD---- C:\WINDOWS\system32\drivers 2009-05-30 19:50:24 ----D---- C:\QooBox 2009-05-30 19:48:58 ----SD---- C:\WINDOWS\Tasks 2009-05-30 19:48:52 ----D---- C:\WINDOWS\repair 2009-05-30 19:42:30 ----A---- C:\WINDOWS\system.ini 2009-05-30 19:38:59 ----D---- C:\WINDOWS\system32\config 2009-05-30 19:38:47 ----D---- C:\WINDOWS\erdnt 2009-05-30 19:37:47 ----D---- C:\WINDOWS\AppPatch 2009-05-30 19:37:44 ----D---- C:\Program Files\Fichiers communs 2009-05-30 19:34:50 ----RASH---- C:\boot.ini 2009-05-30 19:23:37 ----SHD---- C:\WINDOWS\Installer 2009-05-30 19:23:37 ----D---- C:\Config.Msi 2009-05-27 19:11:04 ----A---- C:\WINDOWS\WORDPAD.INI 2009-05-23 16:26:10 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-05-21 20:45:46 ----D---- C:\WINDOWS\Minidump 2009-05-21 19:13:44 ----D---- C:\WINDOWS\system 2009-05-18 18:09:50 ----D---- C:\WINDOWS\Debug 2009-05-15 22:47:30 ----D---- C:\Program Files\eMule 2009-05-08 17:47:52 ----RSD---- C:\WINDOWS\Fonts 2009-05-07 09:16:29 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944] R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032] R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys [] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-03 11868] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-01-24 4127488] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536] R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032] R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408] R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288] S3 MPUSens;MPUSens; C:\WINDOWS\system32\drivers\MPUSens.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016] S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112] S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064] S3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800] S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800] S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688] S3 ZSMC301b;Philips SPC210NC Webcam; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2005-02-26 91527] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960] R2 IviRegMgr;IviRegMgr; C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe [2006-12-05 112152] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-08 152984] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-24 182768] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] -----------------EOF-----------------

Bonjour, voici le rapport Malwarebytes' Anti-Malware 1.37 Version de la base de données: 2198 Windows 5.1.2600 Service Pack 3 30/05/2009 23:05:43 mbam-log-2009-05-30 (23-05-43).txt Type de recherche: Examen complet (A:\|C:\|D:\|E:\|) Eléments examinés: 187688 Temps écoulé: 2 hour(s), 4 minute(s), 18 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 7 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\documents and settings\angélique\mes documents\angélique azizy\img000985215488524-jpeg.exe (Backdoor.Bot) -> Quarantined and deleted successfully. c:\program files\emule\incoming\windows_xp_vista_crack.exe (Backdoor.SdBot) -> Quarantined and deleted successfully. c:\system volume information\_restore{3c33dc1c-8530-4852-b732-a632acfd7429}\RP460\A0184530.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\system volume information\_restore{3c33dc1c-8530-4852-b732-a632acfd7429}\RP460\A0184542.exe (Backdoor.Bot) -> Quarantined and deleted successfully. c:\system volume information\_restore{3c33dc1c-8530-4852-b732-a632acfd7429}\RP466\A0185044.exe (Malware.Tool) -> Quarantined and deleted successfully. c:\system volume information\_restore{3c33dc1c-8530-4852-b732-a632acfd7429}\RP466\A0185152.exe (Backdoor.SdBot) -> Delete on reboot. c:\_otmoveit\movedfiles\05232009_184537\klikera.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.

Je viens de vérifier, j'ai bien coché et décoché les bonnes cases et meme en cherchant "manuellement" je ne les trouve pas, je passe a l'étape suivante alors

J'ai un probleme pour cette etape "Supprime les éléments suivants : C:\WINDOWS\system32\xnct.exe <= ce fichier c:\program files\MioNet <= ce répertoire" Je ne parviens pas à trouver ces fichiers, un message s'affiche en disant que windows ne les trouve pas (par contre la premiere fois j'ai tapé "C:\WINDOWS\system32\xnct.exe" dans executer, et avast s'est déclenché)

Oui je suis d'accord. Je n'utilise pas ce genre d'outil et encore moins les autres personnes utilisant ce pc (je suis persuadé qu'elles n'ont jamais entendu d'accès a distance !)