heldryn

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:28:52, on 05/07/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\eMule\emule.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\mqsvc.exe C:\Program Files\RALINK\Common\RaUI.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\mqtgsvc.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Wanadoo\EspaceWanadoo.exe C:\Program Files\Wanadoo\ComComp.exe C:\Program Files\Wanadoo\Watch.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Skype\Phone\Skype.exe C:\Documents and Settings\Boubou\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=64&bd=pavilion&pf=laptop O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_10.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Br...018/flashax.cab O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - http://bobtv.fr/download/cfweb_www.bobtv.f..._instmodule.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{2237F8A4-306F-47E4-9329-B45B9A73F60A}: NameServer = 80.10.246.130 81.253.149.10 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 12305 bytes Comment fais tu pour décripter tout ça? lol

Non hormis quand j'ai redémarrer mon pc antivir ma trouver un cheval de troie donc j'ai coché supprimer et voilà si tu as des conseil à me donner je les prends avec grand plaisir Un grand merci encore pour tout!!!!

ça y est c fait, j'ai supprimer eurobarre. Connaitrai tu un site ou un lien qui pourrai m'expliquer un peu tout ça car ça me frustre de rien comprendre lol

Oui pourquoi pas car je crois qu'ils ne me paieront jamais ;(

voilà Merci Encore !!! Peux-tu me dire ou je dois aller pour essayer de comprendre les bases de tout ça STP Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:16:57, on 04/07/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\PROGRA~1\Wanadoo\CnxMon.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\eMule\emule.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe C:\Program Files\Eurobarre\eb.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Wanadoo\EspaceWanadoo.exe C:\Program Files\Wanadoo\ComComp.exe C:\Program Files\Wanadoo\Watch.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Boubou\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {A057A204-BACC-4D26-8287-79A187E26987} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: (no name) - {A057A204-BACC-4D26-8287-79A187E26987} - (no file) O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=64&bd=pavilion&pf=laptop O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_10.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Br...018/flashax.cab O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - http://bobtv.fr/download/cfweb_www.bobtv.f..._instmodule.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{2237F8A4-306F-47E4-9329-B45B9A73F60A}: NameServer = 81.253.149.9 80.10.246.132 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 14106 bytes

super:) Merci!!! Comment je fais pour poster un rapport à HijackThis stp? Je colle juste le dernier rapport antivir ? Et la version de koi je dois supprimer ? Dsl pour mon incompétence lol

Voici le rapport antivir, j'ai l'impression que je suis sorti d'affaire non? Avira AntiVir Personal Date de création du fichier de rapport : samedi 4 juillet 2009 15:29 La recherche porte sur 1284893 souches de virus. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows XP Version de Windows : (Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : Boubou Nom de l'ordinateur : PC563316784159 Informations de version : BUILD.DAT : 9.0.0.65 17959 Bytes 22/04/2009 12:06:00 AVSCAN.EXE : 9.0.3.6 466689 Bytes 21/04/2009 12:20:54 AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02 LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11 LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36 ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 19:33:26 ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 06:41:14 ANTIVIR3.VDF : 7.1.2.127 110592 Bytes 05/03/2009 13:58:20 Version du moteur : 8.2.0.100 AEVDF.DLL : 8.1.1.0 106868 Bytes 27/01/2009 16:36:42 AESCRIPT.DLL : 8.1.1.56 352634 Bytes 26/02/2009 19:01:56 AESCN.DLL : 8.1.1.7 127347 Bytes 12/02/2009 10:44:25 AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 17:24:41 AEPACK.DLL : 8.1.3.10 397686 Bytes 04/03/2009 12:06:10 AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 19:01:56 AEHEUR.DLL : 8.1.0.100 1618295 Bytes 25/02/2009 14:49:16 AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 19:01:56 AEGEN.DLL : 8.1.1.24 336244 Bytes 04/03/2009 12:06:10 AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 13:32:40 AECORE.DLL : 8.1.6.6 176501 Bytes 17/02/2009 13:22:44 AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30 AVPREF.DLL : 9.0.0.1 43777 Bytes 03/12/2008 10:39:26 AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28 AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42 AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37 SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57 NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59 RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 17/02/2009 12:49:32 RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 09:07:05 Configuration pour la recherche actuelle : Nom de la tâche...............................: Bref contrôle système après installation Fichier de configuration......................: c:\program files\avira\antivir desktop\setupprf.dat Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: arrêt Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Sélection de fichiers intelligente Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Catégories de dangers divergentes.............: +APPL,+GAME,+JOKE,+PCK,+SPR, Début de la recherche : samedi 4 juillet 2009 15:29 La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avconfig.exe' - '1' module(s) sont contrôlés Processus de recherche 'notepad.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'setup.exe' - '1' module(s) sont contrôlés Processus de recherche 'msiexec.exe' - '1' module(s) sont contrôlés Processus de recherche 'presetup.exe' - '1' module(s) sont contrôlés Processus de recherche 'avira_antivir_personal_fr.exe' - '1' module(s) sont contrôlés Processus de recherche 'Watch.exe' - '1' module(s) sont contrôlés Processus de recherche 'ComComp.exe' - '1' module(s) sont contrôlés Processus de recherche 'EspaceWanadoo.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'usnsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'firefox.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmiapsrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmiprvse.exe' - '1' module(s) sont contrôlés Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés Processus de recherche 'dllhost.exe' - '1' module(s) sont contrôlés Processus de recherche 'ehmsas.exe' - '1' module(s) sont contrôlés Processus de recherche 'mqtgsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmpnetwk.exe' - '1' module(s) sont contrôlés Processus de recherche 'mqsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpqimzone.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpqwmiex.exe' - '1' module(s) sont contrôlés Processus de recherche 'mcrdsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'StarWindServiceAE.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'RegSrvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés Processus de recherche 'LSSrvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'EvtEng.exe' - '1' module(s) sont contrôlés Processus de recherche 'ehSched.exe' - '1' module(s) sont contrôlés Processus de recherche 'ehrecvr.exe' - '1' module(s) sont contrôlés Processus de recherche 'ONENOTEM.EXE' - '1' module(s) sont contrôlés Processus de recherche 'eb.exe' - '1' module(s) sont contrôlés Processus de recherche 'HPWebcam.exe' - '1' module(s) sont contrôlés Processus de recherche 'msdtc.exe' - '1' module(s) sont contrôlés Processus de recherche 'dslmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'emule.exe' - '1' module(s) sont contrôlés Processus de recherche 'Skype.exe' - '1' module(s) sont contrôlés Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleToolbarNotifier.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'issch.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpwuSchd2.exe' - '1' module(s) sont contrôlés Processus de recherche 'TaskBarIcon.exe' - '1' module(s) sont contrôlés Processus de recherche 'CnxMon.exe' - '1' module(s) sont contrôlés Processus de recherche 'iFrmewrk.exe' - '1' module(s) sont contrôlés Processus de recherche 'ZCfgSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'LVCOMSX.EXE' - '1' module(s) sont contrôlés Processus de recherche 'QLBCTRL.exe' - '1' module(s) sont contrôlés Processus de recherche 'QPService.exe' - '1' module(s) sont contrôlés Processus de recherche 'SynTPEnh.exe' - '1' module(s) sont contrôlés Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'HP Wireless Assistant.exe' - '1' module(s) sont contrôlés Processus de recherche 'ehtray.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'S24EvMon.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '78' processus ont été contrôlés avec '78' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : La recherche sur les renvois aux fichiers exécutables (registre) commence : Le registre a été contrôlé ( '94' fichiers). Fin de la recherche : samedi 4 juillet 2009 15:29 Temps nécessaire: 00:17 Minute(s) La recherche a été effectuée intégralement 0 Les répertoires ont été contrôlés 537 Des fichiers ont été contrôlés 0 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 0 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 0 Impossible de contrôler des fichiers 537 Fichiers non infectés 3 Les archives ont été contrôlées 0 Avertissements 0 Consignes

Voici le nouveau rapport combofix: ComboFix 09-07-03.03 - Boubou 04/07/2009 13:18.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.386 [GMT 2:00] Lancé depuis: c:\documents and settings\Boubou\Bureau\TRALALA.exe Commutateurs utilisés :: c:\documents and settings\Boubou\Bureau\CFScript.txt FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Boubou\Application Data\drivers\downld c:\documents and settings\Boubou\Application Data\vmntoolbar c:\documents and settings\Boubou\Application Data\vmntoolbar\__slider.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\1\_lastfeeds.xml c:\documents and settings\Boubou\Application Data\vmntoolbar\a.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\amazon.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\an.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\arrow.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\arrow_down.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\arrow_up.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\arrowB.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\arrowT.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\astro_gemini.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\astro_gemini2.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\autofill.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\b.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\bg_pub.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\bg_ttl.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\bn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\bottom.png c:\documents and settings\Boubou\Application Data\vmntoolbar\bottom_left.png c:\documents and settings\Boubou\Application Data\vmntoolbar\bottom_right.png c:\documents and settings\Boubou\Application Data\vmntoolbar\btn_addstations.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\btn_delete.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\c.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\CAlogo.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\canalblog.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\cn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\d.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\dictionary2.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\dn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\DownloadCOM.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\dropdown.css c:\documents and settings\Boubou\Application Data\vmntoolbar\email_b.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\equalizer_loading.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\equalizer_off.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\equalizer_on.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\ErrorPageTemplate.css c:\documents and settings\Boubou\Application Data\vmntoolbar\ErrorPageTemplate_search.css c:\documents and settings\Boubou\Application Data\vmntoolbar\f.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\fn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\g.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\gaming.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\gn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\graphred0.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\graphred0_5.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\graphred1.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\graphred1_5.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\graphred2.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\graphred2_5.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\graphred3.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\graphred3_5.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\graphred4.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\graphred4_5.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\graphred5.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\h.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\h_aquarius.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\h_aries.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\h_cancer.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\h_capricorn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\h_gemini.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\h_leo.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\h_libra.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\h_pisces.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\h_sagittarius.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\h_scorpio.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\h_taurus.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\h_virgo.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\help.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\hideremove.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\highlight.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\hn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\horoscope.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\i.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\IEtab2_2gemv2.zip c:\documents and settings\Boubou\Application Data\vmntoolbar\images01.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\in.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\j.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\jn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\k.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\kn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\l.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\left.png c:\documents and settings\Boubou\Application Data\vmntoolbar\ln.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\loading.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\logo.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\logo_facebook.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\minus.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\minus_on.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\music2.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\n.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\New York_NY_weather.txt c:\documents and settings\Boubou\Application Data\vmntoolbar\news.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\news.html c:\documents and settings\Boubou\Application Data\vmntoolbar\newsb.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\nn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\o.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\on.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\p.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\p_yahoo.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\p_yahoo_fr.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\pixsy.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\play.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\play_on.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\plus.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\plus_on.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\pn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\popup_off.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\popup_on.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\popup_ona.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\q.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\qn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\r.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\radio_bg.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\radiocfgdlg.html c:\documents and settings\Boubou\Application Data\vmntoolbar\RadioStations.list c:\documents and settings\Boubou\Application Data\vmntoolbar\relatedlinks.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\report.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\right.png c:\documents and settings\Boubou\Application Data\vmntoolbar\rn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\rss.xsl c:\documents and settings\Boubou\Application Data\vmntoolbar\rss1.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\rsslib.js c:\documents and settings\Boubou\Application Data\vmntoolbar\rssmenu1_7a.zip c:\documents and settings\Boubou\Application Data\vmntoolbar\s.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\search.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\search.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\search_fr.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\settings.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\shop2.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\sinfo.txt c:\documents and settings\Boubou\Application Data\vmntoolbar\siteinfo.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\slider.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\sn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\spacer.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\stars-red1.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\stars-red2.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\stars-red3.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\stars-red4.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\stars-red5.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\stop.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\stop_on.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\t.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\tab_icon.png c:\documents and settings\Boubou\Application Data\vmntoolbar\tabdataV3.js c:\documents and settings\Boubou\Application Data\vmntoolbar\tabwelcome_en.html c:\documents and settings\Boubou\Application Data\vmntoolbar\tabwelcome_fr.html c:\documents and settings\Boubou\Application Data\vmntoolbar\technorati.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\tn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\tools.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\top.png c:\documents and settings\Boubou\Application Data\vmntoolbar\top_left.png c:\documents and settings\Boubou\Application Data\vmntoolbar\top_right.png c:\documents and settings\Boubou\Application Data\vmntoolbar\translate.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\ttl_add.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\u.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\un.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\UserStations.list c:\documents and settings\Boubou\Application Data\vmntoolbar\utf8.js c:\documents and settings\Boubou\Application Data\vmntoolbar\v.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\vmlib.js c:\documents and settings\Boubou\Application Data\vmntoolbar\vmntoolbartb1501.cfg c:\documents and settings\Boubou\Application Data\vmntoolbar\vn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\w.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\web_en.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\web_fr.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\wikipedia.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\wn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\x.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\xp_close_small.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\yahoo_search.gif c:\documents and settings\Boubou\Application Data\vmntoolbar\YouTube.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\z.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\zn.bmp c:\documents and settings\Boubou\Application Data\vmntoolbar\zoom.bmp c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe c:\program files\vmntoolbar c:\program files\vmntoolbar\install.ico c:\program files\vmntoolbar\tbuninstall.exe c:\program files\vmntoolbar\toolbar.ini c:\program files\vmntoolbar\uninst_ff.exe c:\program files\vmntoolbar\uninstall.exe c:\program files\vmntoolbar\vmntoolbar.dll . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ASWSP -------\Service_aswSP ((((((((((((((((((((((((((((( Fichiers créés du 2009-06-04 au 2009-07-04 )))))))))))))))))))))))))))))))))))) . 2009-07-03 17:29 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-07-03 17:29 . 2009-02-05 20:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-07-03 17:29 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe 2009-07-03 13:54 . 2009-07-04 11:24 -------- d--h--w- c:\documents and settings\Boubou\Application Data\drivers 2009-07-03 13:44 . 2009-07-03 13:44 -------- d-----w- c:\program files\NFO viewer 2009-06-27 15:14 . 2009-06-27 15:15 -------- d-----w- c:\program files\CFWebAdvancedU_BOBTV.FR 2009-06-27 14:27 . 2009-06-27 14:27 -------- d-----w- c:\documents and settings\Boubou\Application Data\Playrix Entertainment 2009-06-27 14:23 . 2009-06-27 14:23 -------- d-----w- c:\program files\Common Files 2009-06-27 14:22 . 2009-06-27 14:23 -------- d-----w- c:\program files\CA VMN Anti-Spyware 2009-06-27 14:22 . 2009-06-29 01:04 -------- d-----w- c:\documents and settings\Boubou\Application Data\EmailNotifier 2009-06-27 14:22 . 2009-06-27 14:23 -------- d-----w- c:\documents and settings\All Users\Application Data\EmailNotifier 2009-06-27 14:21 . 2007-11-06 16:46 106496 ----a-w- c:\documents and settings\Boubou\Application Data\Astro Gemini Software\Screensaver Manager 2.0\Astro Gemini Screensaver Manager.exe 2009-06-27 14:21 . 2007-11-06 16:46 106496 ----a-w- c:\windows\system32\Astro Gemini Screensaver Manager.scr 2009-06-27 14:21 . 2008-01-11 21:36 528384 ----a-w- c:\documents and settings\Boubou\Application Data\Astro Gemini Software\Screensaver Manager 2.0\Data\Manager.exe 2009-06-27 14:20 . 2009-06-27 14:20 -------- d-----w- c:\documents and settings\Boubou\Application Data\Astro Gemini Software 2009-06-27 14:19 . 2009-06-27 14:21 -------- d-----w- c:\program files\Astro Gemini Software 2009-06-27 14:01 . 2009-06-27 16:06 -------- d-----w- c:\documents and settings\Boubou\Application Data\Aquatica 3D 2009-06-15 04:11 . 2009-06-15 04:11 1915520 ----a-w- c:\documents and settings\Boubou\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe 2009-06-14 20:24 . 2009-06-14 20:24 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2009-06-14 19:05 . 2009-06-14 19:05 -------- d-sh--w- c:\documents and settings\Boubou\PrivacIE 2009-06-14 18:58 . 2009-06-14 18:58 -------- d-sh--w- c:\documents and settings\Boubou\IETldCache 2009-06-14 18:55 . 2009-06-14 18:55 -------- d-----w- c:\windows\ie8updates 2009-06-14 18:52 . 2009-06-14 18:54 -------- dc-h--w- c:\windows\ie8 2009-06-14 18:07 . 2009-04-30 21:16 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2009-06-14 18:06 . 2009-04-30 21:16 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll 2009-06-14 18:03 . 2009-05-12 05:11 102912 ------w- c:\windows\system32\dllcache\iecompat.dll 2009-06-10 19:28 . 2009-06-11 08:49 1878984 ----a-w- c:\documents and settings\Boubou\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe 2009-06-10 00:12 . 2009-06-10 00:13 -------- d-----w- c:\program files\Fichiers communs\Adobe 2009-06-08 14:45 . 2009-06-08 14:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage 2009-06-07 14:59 . 2009-06-07 14:58 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-06-07 14:57 . 2009-06-07 14:57 152576 ----a-w- c:\documents and settings\Boubou\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-06-07 10:20 . 2009-06-07 10:22 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip 2009-06-06 14:40 . 2009-06-06 14:42 -------- d-----w- c:\documents and settings\Boubou\Application Data\foobar2000 2009-06-06 14:40 . 2009-06-06 14:40 -------- d-----w- c:\program files\foobar2000 2009-06-06 14:02 . 2009-01-08 16:00 16640 ----a-w- c:\windows\system32\drivers\AsAudioDevice_351.sys 2009-06-06 14:01 . 2009-06-06 14:01 -------- d-----w- c:\program files\Aimersoft . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-04 11:38 . 2007-05-09 23:02 -------- d-----w- c:\program files\eMule 2009-07-04 11:17 . 2007-05-09 15:52 -------- d-----w- c:\program files\Wanadoo 2009-07-04 08:00 . 2009-05-19 18:58 -------- d-----w- c:\documents and settings\Boubou\Application Data\Skype 2009-07-03 17:05 . 2009-05-19 19:10 -------- d-----w- c:\documents and settings\Boubou\Application Data\skypePM 2009-07-03 14:00 . 2006-09-13 13:31 54224 -c--a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-27 15:19 . 2007-06-17 22:06 -------- d-----w- c:\documents and settings\Boubou\Application Data\CamfrogWEB 2009-06-11 04:29 . 2008-09-27 11:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-06-07 14:58 . 2006-09-13 21:25 -------- d-----w- c:\program files\Java 2009-06-07 14:40 . 2007-11-28 00:03 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys 2009-06-07 14:39 . 2009-02-21 20:41 -------- d-----w- c:\program files\DivX 2009-06-07 14:36 . 2008-12-21 01:45 -------- d-----w- c:\program files\PokerStars.NET 2009-06-07 14:35 . 2006-09-13 21:25 -------- d-----w- c:\program files\Fichiers communs\Sonic Shared 2009-06-07 14:34 . 2006-09-13 21:25 -------- d-----w- c:\program files\Sonic 2009-06-07 14:23 . 2009-03-01 03:48 -------- d-----w- c:\program files\AviSynth 2.5 2009-06-06 12:40 . 2008-08-27 20:54 -------- d-----w- c:\documents and settings\Boubou\Application Data\uTorrent 2009-06-04 09:04 . 2007-05-31 00:22 -------- d-----w- c:\program files\Messenger Plus! Live 2009-06-02 10:21 . 2009-05-28 11:22 -------- d-----w- c:\program files\The GodFather 2009-06-01 17:27 . 2009-06-01 08:24 -------- d-----w- c:\program files\Sony 2009-06-01 16:48 . 2009-06-01 09:02 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-06-01 09:07 . 2009-06-01 09:07 -------- d-----w- c:\documents and settings\Boubou\Application Data\Publish Providers 2009-06-01 09:02 . 2009-06-01 09:02 -------- d-----w- c:\documents and settings\Boubou\Application Data\Sony 2009-06-01 00:53 . 2006-06-29 09:24 86956 ----a-w- c:\windows\system32\perfc00C.dat 2009-06-01 00:53 . 2006-06-29 09:24 516868 ----a-w- c:\windows\system32\perfh00C.dat 2009-06-01 00:48 . 2009-06-01 00:48 -------- d-----w- c:\program files\MSBuild 2009-06-01 00:48 . 2009-06-01 00:48 2272 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-05-31 23:54 . 2009-05-31 23:54 -------- d-----w- c:\program files\Reference Assemblies 2009-05-31 22:59 . 2009-05-31 22:54 52770576 ----a-w- c:\documents and settings\Boubou\Application Data\Sony Setup\64993CD0-67D1-4244-A2BC-FD73F4DA5B62\dotnetfx3.exe 2009-05-31 22:54 . 2009-05-31 22:54 -------- d-----w- c:\documents and settings\Boubou\Application Data\Sony Setup 2009-05-31 22:52 . 2009-05-31 22:52 -------- d-----w- c:\program files\Sony Setup 2009-05-19 19:10 . 2009-05-19 19:10 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-05-19 18:57 . 2009-05-19 18:57 -------- d-----r- c:\program files\Skype 2009-05-19 18:57 . 2009-05-19 18:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-05-19 18:57 . 2009-05-19 18:57 -------- d-----w- c:\program files\Fichiers communs\Skype 2009-05-13 05:04 . 2006-03-25 04:00 915456 ----a-w- c:\windows\system32\wininet.dll 2009-05-08 18:37 . 2009-05-08 18:32 -------- d-----w- c:\program files\VirtualDJ 2009-05-07 15:55 . 2009-05-07 15:55 -------- d-----w- c:\program files\Iolo 2009-05-07 15:33 . 2006-03-25 04:00 348672 ----a-w- c:\windows\system32\localspl.dll 2009-04-19 19:50 . 2006-03-25 04:00 1847296 ----a-w- c:\windows\system32\win32k.sys 2009-04-15 14:53 . 2006-03-25 04:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll 2009-04-09 13:26 . 2009-04-09 13:26 861184 ----a-w- c:\documents and settings\All Users\Application Data\EmailNotifier\EmailNotifierAPI.dll 2009-04-09 13:26 . 2009-04-09 13:26 851968 ----a-w- c:\documents and settings\All Users\Application Data\EmailNotifier\EmailNotifier.exe . ((((((((((((((((((((((((((((( SnapShot@2009-07-04_07.58.40 ))))))))))))))))))))))))))))))))))))))))) . + 2009-07-04 11:26 . 2009-07-04 11:26 16384 c:\windows\temp\Perflib_Perfdata_5f0.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-15 68856] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-02-23 203928] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-04-21 24264488] "eMuleAutoStart"="c:\program files\eMule\emule.exe" [2006-09-14 5001216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 458752] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-07 148888] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 794713] "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-07-19 102400] "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 163840] "Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 40960] "RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840] "Reminder"="c:\windows\CREATOR\Remind_XP.exe" [2006-02-09 643072] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-05-27 221184] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-10-08 995328] "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-10-08 1101824] "WooCnxMon"="c:\progra~1\Wanadoo\CnxMon.exe" [2004-10-13 24576] "WOOWATCH"="c:\progra~1\Wanadoo\Watch.exe" [2004-10-13 24576] "WOOTASKBARICON"="c:\progra~1\Wanadoo\TaskbarIcon.exe" [2004-10-13 49152] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 221184] "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-07-03 81000] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-07-20 1519616] "MsmqIntCert"="mqrt.dll" - c:\windows\system32\mqrt.dll [2008-04-14 177152] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" - c:\windows\system32\CHDAudPropShortcut.exe [2006-07-27 61952] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Boubou\Menu D‚marrer\Programmes\D‚marrage\ Eurobarre.lnk - c:\program files\Eurobarre\eb.exe [2008-6-12 113664] OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2007-7-6 962661] D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728] HP Pavilion Webcam Tray Icon.lnk - c:\program files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe [2006-12-24 102400] Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2009-2-21 667648] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\mqsvc.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R3 AsAudioDevice_351;AsAudioDevice_351;c:\windows\system32\drivers\AsAudioDevice_351.sys [06/06/2009 16:02 16640] S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?] S3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ;c:\windows\system32\drivers\5U870CAP.sys [06/06/2006 22:39 61952] . Contenu du dossier 'Tâches planifiées' 2009-07-03 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] 2009-07-04 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] 2009-07-04 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20] . - - - - ORPHELINS SUPPRIMES - - - - BHO-{A057A204-BACC-4D26-8287-79A187E26987} - c:\progra~1\VMNTOO~1\VMNTOO~1.DLL HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=64&bd=pavilion&pf=laptop uInternet Settings,ProxyOverride = localhost uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: { - c:\program files\Messenger\msmsgs.exe DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - hxxp://bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe FF - ProfilePath - c:\documents and settings\Boubou\Application Data\Mozilla\Firefox\Profiles\6m8tvryr.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-04 13:36 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ????Y??????`?@?????L?@ Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(2684) c:\windows\system32\nview.dll c:\windows\system32\NVWRSFR.DLL c:\windows\system32\eappprxy.dll c:\windows\system32\nvwddi.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\netprovcredman.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Intel\Wireless\Bin\S24EvMon.exe c:\windows\system32\msdtc.exe c:\windows\ehome\ehrecvr.exe c:\windows\ehome\ehSched.exe c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\windows\system32\nvsvc32.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\mqsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\windows\system32\mqtgsvc.exe c:\windows\system32\dllhost.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\system32\wscntfy.exe c:\windows\ehome\ehmsas.exe c:\windows\system32\rundll32.exe c:\program files\HP\Digital Imaging\bin\hpqimzone.exe . ************************************************************************** . Heure de fin: 2009-07-04 13:41 - La machine a redémarré ComboFix-quarantined-files.txt 2009-07-04 11:41 ComboFix2.txt 2009-07-04 08:08 Avant-CF: 18 928 775 168 octets libres Après-CF: 18 935 386 112 octets libres Current=4 Default=4 Failed=3 LastKnownGood=5 Sets=1,3,4,5 435 --- E O F --- 2009-06-11 04:29 D'après la taille de ce rapport je ne sais pas si je peux désinstaller combofix maintenant ou si je dois attendre de faire d'autres manip ? Et j'ai également un disque dur externe que je branche de temps en temps sur mon PC et au cas ou il est vérolé dois-je attendre d'avoir installer un nouvel antivirus avant de le rebrancher? Merci encore pour tout ce que vous faites pour moi !!!

Voilà le rapport: ComboFix 09-07-03.03 - Boubou 04/07/2009 9:45.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.671 [GMT 2:00] Lancé depuis: c:\documents and settings\Boubou\Bureau\TRALALA.exe FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Boubou\Application Data\drivers\111wfs1intwq.sys c:\documents and settings\Boubou\Application Data\Drivers\11s11ro1s1a2.sys c:\documents and settings\Boubou\Application Data\drivers\downld c:\documents and settings\Boubou\Application Data\drivers\downld\1970437.exe c:\documents and settings\Boubou\Application Data\drivers\downld\1992125.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2022296.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2094796.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2100437.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2101765.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2118765.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2121156.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2149531.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2263187.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2265234.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2268171.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2277640.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2278796.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2278828.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2287281.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2288875.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2289609.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2290453.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2310390.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2380140.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2380562.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2380593.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2547421.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2551171.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2551671.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2551781.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2552218.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2553421.exe c:\documents and settings\Boubou\Application Data\drivers\downld\2553640.exe c:\documents and settings\Boubou\Application Data\drivers\downld\406515.exe c:\documents and settings\Boubou\Application Data\drivers\downld\422671.exe c:\documents and settings\Boubou\Application Data\drivers\downld\441500.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49556343.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49566625.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49588609.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49598203.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49600937.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49602296.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49616109.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49627656.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49664265.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49771093.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49772093.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49772687.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49778968.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49779937.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49779953.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49786703.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49788968.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49789843.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49790609.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49809046.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49832359.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49833281.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49833406.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49940859.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49946906.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49948031.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49948546.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49949000.exe c:\documents and settings\Boubou\Application Data\drivers\downld\49949968.exe c:\documents and settings\Boubou\Application Data\drivers\downld\501171.exe c:\documents and settings\Boubou\Application Data\drivers\downld\503843.exe c:\documents and settings\Boubou\Application Data\drivers\downld\505140.exe c:\documents and settings\Boubou\Application Data\drivers\downld\521718.exe c:\documents and settings\Boubou\Application Data\drivers\downld\529328.exe c:\documents and settings\Boubou\Application Data\drivers\downld\563312.exe c:\documents and settings\Boubou\Application Data\drivers\downld\748546.exe c:\documents and settings\Boubou\Application Data\drivers\downld\749609.exe c:\documents and settings\Boubou\Application Data\drivers\downld\749687.exe c:\documents and settings\Boubou\Application Data\drivers\downld\760515.exe c:\documents and settings\Boubou\Application Data\drivers\downld\763218.exe c:\documents and settings\Boubou\Application Data\drivers\downld\764609.exe c:\documents and settings\Boubou\Application Data\drivers\downld\764640.exe c:\documents and settings\Boubou\Application Data\drivers\downld\769343.exe c:\documents and settings\Boubou\Application Data\drivers\downld\784125.exe c:\documents and settings\Boubou\Application Data\drivers\downld\796968.exe c:\documents and settings\Boubou\Application Data\drivers\downld\826296.exe c:\documents and settings\Boubou\Application Data\drivers\downld\867062.exe c:\documents and settings\Boubou\Application Data\drivers\downld\867593.exe c:\documents and settings\Boubou\Application Data\drivers\downld\867625.exe c:\documents and settings\Boubou\Application Data\drivers\downld\904750.exe c:\documents and settings\Boubou\Application Data\drivers\downld\914062.exe c:\documents and settings\Boubou\Application Data\drivers\downld\916062.exe c:\documents and settings\Boubou\Application Data\drivers\downld\945593.exe c:\documents and settings\Boubou\Application Data\drivers\downld\975562.exe c:\documents and settings\Boubou\Application Data\drivers\downld\976687.exe c:\documents and settings\Boubou\Application Data\drivers\downld\977062.exe c:\documents and settings\Boubou\Application Data\drivers\downld\978687.exe c:\documents and settings\Boubou\Application Data\drivers\downld\979812.exe c:\documents and settings\Boubou\Application Data\drivers\winupgro.exe c:\documents and settings\Boubou\Application Data\m c:\documents and settings\Boubou\Application Data\m\data.oct c:\documents and settings\Boubou\Application Data\m\flec006.exe c:\documents and settings\Boubou\Application Data\m\list.oct c:\documents and settings\Boubou\Application Data\m\shared\12Ghosts_Startup_8.11_(Crack).zip c:\documents and settings\Boubou\Application Data\m\shared\AaxBattery_1.0.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Access2PostgreSQL PRO 1.7.1 [With Crack].zip c:\documents and settings\Boubou\Application Data\m\shared\Activity & Expense Tracker Workgroup Edition 5.7.9.2.zip c:\documents and settings\Boubou\Application Data\m\shared\Akala_EXE_Lock_3.2_build_31122.zip c:\documents and settings\Boubou\Application Data\m\shared\All Audio To Mp3 Converter 5.8.zip c:\documents and settings\Boubou\Application Data\m\shared\AMI_GIF_3D_Effects_1_2.0a.03_(Crack).zip c:\documents and settings\Boubou\Application Data\m\shared\Aplus_DVD_Copy_3.zip c:\documents and settings\Boubou\Application Data\m\shared\ArcSoft PhotoStudio Darkroom 1.5.9.42.zip c:\documents and settings\Boubou\Application Data\m\shared\Arcv2CAD_4.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Armed Forces Screen Saver 2.0.zip c:\documents and settings\Boubou\Application Data\m\shared\AsyncFileUpload 1.3.1.zip c:\documents and settings\Boubou\Application Data\m\shared\Babya PDF Converter 1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Backround Cycler 3.0.0.0.zip c:\documents and settings\Boubou\Application Data\m\shared\BB_UpTime_1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Best_Business_Letters_1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Bibirmer Extension For Firefox 1.5.0.12.zip c:\documents and settings\Boubou\Application Data\m\shared\Black_Queen_Chronicles_(The_Elder_Scrolls_III_Morrowind)_2.2_patch.zip c:\documents and settings\Boubou\Application Data\m\shared\Bocazas_Live_Support_1.3.zip c:\documents and settings\Boubou\Application Data\m\shared\CalNet Phone Dialler 1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\CamPanel_2.6.4.56.zip c:\documents and settings\Boubou\Application Data\m\shared\Cheez 3.3.zip c:\documents and settings\Boubou\Application Data\m\shared\Chocolate Recipes For Chocolate Lovers 1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Cli-Mate_2.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Clipper_Data_Entry_Program_Generator_1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\CoinManage_2006.zip c:\documents and settings\Boubou\Application Data\m\shared\Contact_Form_Killer_1.4.zip c:\documents and settings\Boubou\Application Data\m\shared\Costume_Vision_1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\CyberLeader_4.1.zip c:\documents and settings\Boubou\Application Data\m\shared\Descent_3_custom_weapons_model.zip c:\documents and settings\Boubou\Application Data\m\shared\Dictionary_English_-_French_for_Nokia_1.0.6.zip c:\documents and settings\Boubou\Application Data\m\shared\Dynamic Info Screen 9.2.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Easy_Photo_Frame_5.6.zip c:\documents and settings\Boubou\Application Data\m\shared\eMill 5.1.44 Rev 0002.zip c:\documents and settings\Boubou\Application Data\m\shared\EZ Beans Simple Business Cards 1.1.zip c:\documents and settings\Boubou\Application Data\m\shared\Firefly 1.0.24.zip c:\documents and settings\Boubou\Application Data\m\shared\Flick! 2.0.zip c:\documents and settings\Boubou\Application Data\m\shared\FreeStrike_1.3.zip c:\documents and settings\Boubou\Application Data\m\shared\From Space to Earth - World 1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Full_Convert_Professional_MySQL_Edition_1.3.zip c:\documents and settings\Boubou\Application Data\m\shared\GCalQuickTab 0.3.3.zip c:\documents and settings\Boubou\Application Data\m\shared\Geeksdev-PHP code generator.zip c:\documents and settings\Boubou\Application Data\m\shared\GoodOK ASF Video Converter 4.0.zip c:\documents and settings\Boubou\Application Data\m\shared\GSN 0.0.1.7.zip c:\documents and settings\Boubou\Application Data\m\shared\HandyDialogs 2.01.zip c:\documents and settings\Boubou\Application Data\m\shared\Helpmatic Pro 1.4.2 [Cracked].zip c:\documents and settings\Boubou\Application Data\m\shared\Hosting Controller Software 8.00.0001.zip c:\documents and settings\Boubou\Application Data\m\shared\Hot DVD to PSP Converter 2.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Intellipool Network Monitor 3.2.1 Build 2168 (Cracked).zip c:\documents and settings\Boubou\Application Data\m\shared\Internet Book 5.1.zip c:\documents and settings\Boubou\Application Data\m\shared\Interval_Trainer_For_Guitar_1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\iPod-Cloner 1.3 Build 828.zip c:\documents and settings\Boubou\Application Data\m\shared\jaLog 1.06.zip c:\documents and settings\Boubou\Application Data\m\shared\Jessica_Simpson_Player_toolbar_for_IE_4.5.133.0.zip c:\documents and settings\Boubou\Application Data\m\shared\JIKANKEI for Windows 1.5.3.zip c:\documents and settings\Boubou\Application Data\m\shared\LingvoSoft Learning PhraseBook 2007 Polish - Lithuanian 2.2.75.zip c:\documents and settings\Boubou\Application Data\m\shared\Link_Verify_1.86.zip c:\documents and settings\Boubou\Application Data\m\shared\Live_TV_Player_2.1.zip c:\documents and settings\Boubou\Application Data\m\shared\LiveVue_Geo_1.1.3_[serial].zip c:\documents and settings\Boubou\Application Data\m\shared\Mailing List Deluxe 6.21 [With Crack].zip c:\documents and settings\Boubou\Application Data\m\shared\Man With A Cause 1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\mariahw.zoomshare.com toolbar for Firefox 1.0.1.30.zip c:\documents and settings\Boubou\Application Data\m\shared\McAfee.SpamKiller.for.Microsoft.Exchange.Small.Business.v2.0.Retail.zip c:\documents and settings\Boubou\Application Data\m\shared\Media_Center_for_TomTom_1.3.4.1_Crack.zip c:\documents and settings\Boubou\Application Data\m\shared\MIDISPC 1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Movie Converter 3.1.zip c:\documents and settings\Boubou\Application Data\m\shared\Moyea PPT to Video Converter 1.0.1.20.zip c:\documents and settings\Boubou\Application Data\m\shared\MultiInspectorFree 1.1.3.zip c:\documents and settings\Boubou\Application Data\m\shared\Music2Messenger_1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\My_Movie_Collection_2.0.zip c:\documents and settings\Boubou\Application Data\m\shared\naisQuest 1.0.2 build 4966 (Patch).zip c:\documents and settings\Boubou\Application Data\m\shared\NTimer2_1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\ODF_Viewer_Beta2.zip c:\documents and settings\Boubou\Application Data\m\shared\omniViewer_1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Paraben's Password Manager 2.1.4.zip c:\documents and settings\Boubou\Application Data\m\shared\Password-It_3.0_(Serial).zip c:\documents and settings\Boubou\Application Data\m\shared\PC-Controller_1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\PC meter 1.4.zip c:\documents and settings\Boubou\Application Data\m\shared\Phonewebcam Explorer 3.2.zip c:\documents and settings\Boubou\Application Data\m\shared\PieceOfCake 2.2 (Key+Serial).zip c:\documents and settings\Boubou\Application Data\m\shared\Pop-Up Stopper Companion 4.0.1000.zip c:\documents and settings\Boubou\Application Data\m\shared\Power AutoPlay Menu Wizard 3.1 build 081006 (Serial).zip c:\documents and settings\Boubou\Application Data\m\shared\Prism 1.1.zip c:\documents and settings\Boubou\Application Data\m\shared\Private_InfoKeeper_2.8_[Key].zip c:\documents and settings\Boubou\Application Data\m\shared\Professor_Teaches_Office_2007_1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\PyBact 1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\QuarkCopyDesk 7.0.zip c:\documents and settings\Boubou\Application Data\m\shared\RapidShop Free Shopping Cart & ECommerce 3.3.zip c:\documents and settings\Boubou\Application Data\m\shared\RCDD_Practice_Exam_Testing_Engine_Software_1.0_[With_Crack].zip c:\documents and settings\Boubou\Application Data\m\shared\Rebecca de Mornay Theme 1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Registry_Healer_4.5.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Remote_Queue_Manager_Professional_4.0.151_Beta_Key.zip c:\documents and settings\Boubou\Application Data\m\shared\RepairCost Estimator for Excel 5.00.zip c:\documents and settings\Boubou\Application Data\m\shared\River_Past_MPEG-4_Booster_Pack_2.5_(Key+Serial).zip c:\documents and settings\Boubou\Application Data\m\shared\Router Status 0.1.7.8.zip c:\documents and settings\Boubou\Application Data\m\shared\SafeIT Secure Disk 1.6.0.2.zip c:\documents and settings\Boubou\Application Data\m\shared\Send Tab URLs 0.4.zip c:\documents and settings\Boubou\Application Data\m\shared\Shadow_Nanny_2.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Shedko Ogg Vorbis Propertysheet 1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Shock_4Way_2.7.zip c:\documents and settings\Boubou\Application Data\m\shared\SkyCar 3D Desktop Toy 1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\SmartPlay_1.0.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Soft191 MP3 Player 1.0.7.zip c:\documents and settings\Boubou\Application Data\m\shared\Sqirlz 1.2.zip c:\documents and settings\Boubou\Application Data\m\shared\SQL_Populator_1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\SureThing_CD_Labeler_4.0.zip c:\documents and settings\Boubou\Application Data\m\shared\Surfmaster 1.21.zip c:\documents and settings\Boubou\Application Data\m\shared\The Math Solver 8.zip c:\documents and settings\Boubou\Application Data\m\shared\TivoSlimserverClient 0.1a.zip c:\documents and settings\Boubou\Application Data\m\shared\Total_Recorder_Standard_Edition_6.zip c:\documents and settings\Boubou\Application Data\m\shared\uCertify_-_MCSD.NET_Practice_Test_for_Exam_70-316_-_305+_Questions_8.04.05.zip c:\documents and settings\Boubou\Application Data\m\shared\Undelete for Windows 2.9 Key.zip c:\documents and settings\Boubou\Application Data\m\shared\URL Suffix 0.3.3.zip c:\documents and settings\Boubou\Application Data\m\shared\Utore_Cycad_EasyBase_SA_1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\uTorrent Icon Pack v2.zip c:\documents and settings\Boubou\Application Data\m\shared\VIC OnCall Firewall 5.00 build 704.zip c:\documents and settings\Boubou\Application Data\m\shared\ViewletQuiz Professional 3.1.1 Build 1413.zip c:\documents and settings\Boubou\Application Data\m\shared\Visipage 1.0.11.zip c:\documents and settings\Boubou\Application Data\m\shared\Visual Stuio.NET Bug Tracking Add-in 1.zip c:\documents and settings\Boubou\Application Data\m\shared\Vortex_1.22g_KeyGen.zip c:\documents and settings\Boubou\Application Data\m\shared\Warplanes 3D 1.0 Patch.zip c:\documents and settings\Boubou\Application Data\m\shared\Webcam Nurburgring Nordschleife 1.0.zip c:\documents and settings\Boubou\Application Data\m\shared\WebMail2Contact_1.0.2_(Cracked).zip c:\documents and settings\Boubou\Application Data\m\shared\Windows Mobile 6 Professional and Standard Software Development Kits Refresh.zip c:\documents and settings\Boubou\Application Data\m\shared\Wine_Library_1.1_build_98.zip c:\documents and settings\Boubou\Application Data\m\shared\XSecurePro_8.0_[With_Crack].zip c:\documents and settings\Boubou\Application Data\m\shared\yhWallpaper Changer 1.0.0.0.zip c:\documents and settings\Boubou\Application Data\m\srvlist.oct c:\documents and settings\Boubou\Favoris\Online Security Test.url c:\program files\Video Add-on c:\program files\Video Add-on\ot.ico c:\program files\Video Add-on\Thumbs.db c:\program files\Video Add-on\ts.ico c:\windows\Installer\WMEncoder.msi c:\windows\kb913800.exe c:\windows\system32\ban_list.txt c:\windows\system32\drivers\down c:\windows\system32\drivers\down\760187.exe c:\windows\system32\mdelk.exe c:\windows\system32\skinboxer43.dll c:\windows\system32\wintems.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_111111S1RO1S1A -------\Legacy_111111S1RO1S1A -------\Legacy_SK9OU0S -------\Service_sK9Ou0s ((((((((((((((((((((((((((((( Fichiers créés du 2009-06-04 au 2009-07-04 )))))))))))))))))))))))))))))))))))) . 2009-07-03 17:29 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-07-03 17:29 . 2009-02-05 20:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-07-03 17:29 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe 2009-07-03 13:54 . 2009-07-04 07:58 -------- d--h--w- c:\documents and settings\Boubou\Application Data\drivers 2009-07-03 13:44 . 2009-07-03 13:44 -------- d-----w- c:\program files\NFO viewer 2009-06-27 15:14 . 2009-06-27 15:15 -------- d-----w- c:\program files\CFWebAdvancedU_BOBTV.FR 2009-06-27 14:27 . 2009-06-27 14:27 -------- d-----w- c:\documents and settings\Boubou\Application Data\Playrix Entertainment 2009-06-27 14:23 . 2009-06-27 14:23 -------- d-----w- c:\program files\Common Files 2009-06-27 14:22 . 2009-06-27 14:23 -------- d-----w- c:\program files\CA VMN Anti-Spyware 2009-06-27 14:22 . 2009-06-29 01:04 -------- d-----w- c:\documents and settings\Boubou\Application Data\EmailNotifier 2009-06-27 14:22 . 2009-06-27 14:23 -------- d-----w- c:\documents and settings\All Users\Application Data\EmailNotifier 2009-06-27 14:22 . 2009-06-27 14:24 -------- d-----w- c:\program files\vmntoolbar 2009-06-27 14:21 . 2009-06-27 14:51 -------- d-----w- c:\documents and settings\Boubou\Application Data\vmntoolbar 2009-06-27 14:21 . 2007-11-06 16:46 106496 ----a-w- c:\documents and settings\Boubou\Application Data\Astro Gemini Software\Screensaver Manager 2.0\Astro Gemini Screensaver Manager.exe 2009-06-27 14:21 . 2007-11-06 16:46 106496 ----a-w- c:\windows\system32\Astro Gemini Screensaver Manager.scr 2009-06-27 14:21 . 2008-01-11 21:36 528384 ----a-w- c:\documents and settings\Boubou\Application Data\Astro Gemini Software\Screensaver Manager 2.0\Data\Manager.exe 2009-06-27 14:20 . 2009-06-27 14:20 -------- d-----w- c:\documents and settings\Boubou\Application Data\Astro Gemini Software 2009-06-27 14:19 . 2009-06-27 14:21 -------- d-----w- c:\program files\Astro Gemini Software 2009-06-27 14:01 . 2009-06-27 16:06 -------- d-----w- c:\documents and settings\Boubou\Application Data\Aquatica 3D 2009-06-15 04:11 . 2009-06-15 04:11 1915520 ----a-w- c:\documents and settings\Boubou\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe 2009-06-14 20:24 . 2009-06-14 20:24 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2009-06-14 19:05 . 2009-06-14 19:05 -------- d-sh--w- c:\documents and settings\Boubou\PrivacIE 2009-06-14 18:58 . 2009-06-14 18:58 -------- d-sh--w- c:\documents and settings\Boubou\IETldCache 2009-06-14 18:55 . 2009-06-14 18:55 -------- d-----w- c:\windows\ie8updates 2009-06-14 18:52 . 2009-06-14 18:54 -------- dc-h--w- c:\windows\ie8 2009-06-14 18:07 . 2009-04-30 21:16 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2009-06-14 18:06 . 2009-04-30 21:16 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll 2009-06-14 18:03 . 2009-05-12 05:11 102912 ------w- c:\windows\system32\dllcache\iecompat.dll 2009-06-10 19:28 . 2009-06-11 08:49 1878984 ----a-w- c:\documents and settings\Boubou\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe 2009-06-10 00:12 . 2009-06-10 00:13 -------- d-----w- c:\program files\Fichiers communs\Adobe 2009-06-08 14:45 . 2009-06-08 14:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage 2009-06-07 14:59 . 2009-06-07 14:58 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-06-07 14:57 . 2009-06-07 14:57 152576 ----a-w- c:\documents and settings\Boubou\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-06-07 10:20 . 2009-06-07 10:22 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip 2009-06-06 14:40 . 2009-06-06 14:42 -------- d-----w- c:\documents and settings\Boubou\Application Data\foobar2000 2009-06-06 14:40 . 2009-06-06 14:40 -------- d-----w- c:\program files\foobar2000 2009-06-06 14:02 . 2009-01-08 16:00 16640 ----a-w- c:\windows\system32\drivers\AsAudioDevice_351.sys 2009-06-06 14:01 . 2009-06-06 14:01 -------- d-----w- c:\program files\Aimersoft . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-04 08:00 . 2007-05-09 23:02 -------- d-----w- c:\program files\eMule 2009-07-04 08:00 . 2009-05-19 18:58 -------- d-----w- c:\documents and settings\Boubou\Application Data\Skype 2009-07-04 07:20 . 2007-05-09 15:52 -------- d-----w- c:\program files\Wanadoo 2009-07-03 17:05 . 2009-05-19 19:10 -------- d-----w- c:\documents and settings\Boubou\Application Data\skypePM 2009-07-03 14:00 . 2006-09-13 13:31 54224 -c--a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-27 15:19 . 2007-06-17 22:06 -------- d-----w- c:\documents and settings\Boubou\Application Data\CamfrogWEB 2009-06-11 04:29 . 2008-09-27 11:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-06-07 14:58 . 2006-09-13 21:25 -------- d-----w- c:\program files\Java 2009-06-07 14:40 . 2007-11-28 00:03 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys 2009-06-07 14:39 . 2009-02-21 20:41 -------- d-----w- c:\program files\DivX 2009-06-07 14:36 . 2008-12-21 01:45 -------- d-----w- c:\program files\PokerStars.NET 2009-06-07 14:35 . 2006-09-13 21:25 -------- d-----w- c:\program files\Fichiers communs\Sonic Shared 2009-06-07 14:34 . 2006-09-13 21:25 -------- d-----w- c:\program files\Sonic 2009-06-07 14:23 . 2009-03-01 03:48 -------- d-----w- c:\program files\AviSynth 2.5 2009-06-06 12:40 . 2008-08-27 20:54 -------- d-----w- c:\documents and settings\Boubou\Application Data\uTorrent 2009-06-04 09:04 . 2007-05-31 00:22 -------- d-----w- c:\program files\Messenger Plus! Live 2009-06-02 10:21 . 2009-05-28 11:22 -------- d-----w- c:\program files\The GodFather 2009-06-01 17:27 . 2009-06-01 08:24 -------- d-----w- c:\program files\Sony 2009-06-01 16:48 . 2009-06-01 09:02 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-06-01 09:07 . 2009-06-01 09:07 -------- d-----w- c:\documents and settings\Boubou\Application Data\Publish Providers 2009-06-01 09:02 . 2009-06-01 09:02 -------- d-----w- c:\documents and settings\Boubou\Application Data\Sony 2009-06-01 00:53 . 2006-06-29 09:24 86956 ----a-w- c:\windows\system32\perfc00C.dat 2009-06-01 00:53 . 2006-06-29 09:24 516868 ----a-w- c:\windows\system32\perfh00C.dat 2009-06-01 00:48 . 2009-06-01 00:48 -------- d-----w- c:\program files\MSBuild 2009-06-01 00:48 . 2009-06-01 00:48 2272 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-05-31 23:54 . 2009-05-31 23:54 -------- d-----w- c:\program files\Reference Assemblies 2009-05-31 22:59 . 2009-05-31 22:54 52770576 ----a-w- c:\documents and settings\Boubou\Application Data\Sony Setup\64993CD0-67D1-4244-A2BC-FD73F4DA5B62\dotnetfx3.exe 2009-05-31 22:54 . 2009-05-31 22:54 -------- d-----w- c:\documents and settings\Boubou\Application Data\Sony Setup 2009-05-31 22:52 . 2009-05-31 22:52 -------- d-----w- c:\program files\Sony Setup 2009-05-19 19:10 . 2009-05-19 19:10 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-05-19 18:57 . 2009-05-19 18:57 -------- d-----r- c:\program files\Skype 2009-05-19 18:57 . 2009-05-19 18:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-05-19 18:57 . 2009-05-19 18:57 -------- d-----w- c:\program files\Fichiers communs\Skype 2009-05-13 05:04 . 2006-03-25 04:00 915456 ----a-w- c:\windows\system32\wininet.dll 2009-05-08 18:37 . 2009-05-08 18:32 -------- d-----w- c:\program files\VirtualDJ 2009-05-07 15:55 . 2009-05-07 15:55 -------- d-----w- c:\program files\Iolo 2009-05-07 15:33 . 2006-03-25 04:00 348672 ----a-w- c:\windows\system32\localspl.dll 2009-04-19 19:50 . 2006-03-25 04:00 1847296 ----a-w- c:\windows\system32\win32k.sys 2009-04-15 14:53 . 2006-03-25 04:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll 2009-04-09 13:26 . 2009-04-09 13:26 861184 ----a-w- c:\documents and settings\All Users\Application Data\EmailNotifier\EmailNotifierAPI.dll 2009-04-09 13:26 . 2009-04-09 13:26 851968 ----a-w- c:\documents and settings\All Users\Application Data\EmailNotifier\EmailNotifier.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2006-08-05 868352] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-15 68856] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-02-23 203928] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-04-21 24264488] "eMuleAutoStart"="c:\program files\eMule\emule.exe" [2006-09-14 5001216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 458752] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-07 148888] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 794713] "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-07-19 102400] "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 163840] "Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 40960] "RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840] "Reminder"="c:\windows\CREATOR\Remind_XP.exe" [2006-02-09 643072] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-05-27 221184] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-10-08 995328] "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-10-08 1101824] "WooCnxMon"="c:\progra~1\Wanadoo\CnxMon.exe" [2004-10-13 24576] "WOOWATCH"="c:\progra~1\Wanadoo\Watch.exe" [2004-10-13 24576] "WOOTASKBARICON"="c:\progra~1\Wanadoo\TaskbarIcon.exe" [2004-10-13 49152] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 221184] "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-07-03 81000] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-07-20 1519616] "MsmqIntCert"="mqrt.dll" - c:\windows\system32\mqrt.dll [2008-04-14 177152] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" - c:\windows\system32\CHDAudPropShortcut.exe [2006-07-27 61952] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Boubou\Menu D‚marrer\Programmes\D‚marrage\ Eurobarre.lnk - c:\program files\Eurobarre\eb.exe [2008-6-12 113664] OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2007-7-6 962661] D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728] HP Pavilion Webcam Tray Icon.lnk - c:\program files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe [2006-12-24 102400] Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2009-2-21 667648] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\mqsvc.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R3 AsAudioDevice_351;AsAudioDevice_351;c:\windows\system32\drivers\AsAudioDevice_351.sys [06/06/2009 16:02 16640] S1 aswSP;avast! Self Protection; [x] S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?] S3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ;c:\windows\system32\drivers\5U870CAP.sys [06/06/2006 22:39 61952] . Contenu du dossier 'Tâches planifiées' 2009-07-03 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] 2009-07-04 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] 2009-07-04 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20] . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-RegistryMechanic - (no file) . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=64&bd=pavilion&pf=laptop uInternet Settings,ProxyOverride = localhost uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: { - c:\program files\Messenger\msmsgs.exe DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - hxxp://bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe FF - ProfilePath - c:\documents and settings\Boubou\Application Data\Mozilla\Firefox\Profiles\6m8tvryr.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-04 09:58 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ????Y??????`?@?????L?@ Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(1884) c:\windows\system32\nview.dll c:\windows\system32\NVWRSFR.DLL c:\windows\system32\nvwddi.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Intel\Wireless\Bin\S24EvMon.exe c:\windows\system32\msdtc.exe c:\windows\ehome\ehrecvr.exe c:\windows\ehome\ehSched.exe c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\windows\system32\nvsvc32.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\mqsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\windows\system32\mqtgsvc.exe c:\windows\system32\dllhost.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\ehome\ehmsas.exe c:\windows\system32\rundll32.exe c:\program files\HP\Digital Imaging\bin\hpqimzone.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2009-07-04 10:08 - La machine a redémarré ComboFix-quarantined-files.txt 2009-07-04 08:08 Avant-CF: 17 926 897 664 octets libres Après-CF: 18 940 936 192 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect Current=4 Default=4 Failed=3 LastKnownGood=5 Sets=1,3,4,5 504 --- E O F --- 2009-06-11 04:29 Que dois-je faire maintenant? Merci encore!!!

Bonjour, Je suis novice et en voulant ouvrir un fichier .exe ça m'a fermé avast et impossible de le réouvrir même en le réinstallant ;( ça me marque ashAvast n'est pas une application Win32 valide Et avant ça depuis un mois mes vidéos sacade et il redémarre tout seul 4 voir 5 fois de suite Que Faire SVP ???? Merci d'avance pour l'aide que vous saurez m'apporter...