j0j0

Fausse joie! Mise à jour Manuelle impossible, "échec de l'actualisation de fichier"

J'ai trouvé les mises à jour sur le site Avira, je les installes manuellement pour cette fois.

Salut, J'ai un petit souci pour la mise à jour d'antivir : "lors de la tentative de lancement de la mise à jour via internet, l'erreur suivante s'est produite : Scheduler not loaded." Sinon OTM à fonctionné, je te posterai le rapport aprés avoir fait tourner Antivir.

Bonjour Thanos, je n'étais pas chez moi ce week end, je répond donc que maintenant. (Pour Proxifier et ProxyCap, c'est moi qui les aient installer pour essayer de jouer sur une connexion bridée, sans succès d'ailleurs...) L'autre jour avec combofix je n'en suis pas resté là, je pense avoir eu le bug car j'ai voulu le faire avec une connexion internet active. Donc 'ai retenté sans la connexion. Là combofix s'est lancé, mais avec un problème de récupération de console windows si mes souvenirs sont bons. Je te poste donc le seul fichier texte qui s'apparente à un rapport : ComboFix 09-11-19.05 - Administrateur 20/11/2009 3:26:30.1.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.510.284 [GMT 1:00] Lancé depuis: C:\Documents and Settings\Administrateur\Bureau\j0j0.exe AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . Pas de console, pas de rapport? Je suis la nouvelle procédure quand même? Je n'est pas trouver de fichier bug. Merci encore

Je viens de lancer ComboFix, j'ai une fenêtre bleu, en en-tête C:\. Et rien ne se passe... "Note: Ne ferme pas la fenêtre qui vient de s'ouvrir , tu te retrouverais avec un bureau vide !" J'ai peur de fermer la fenetre maintenant...

C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0081020.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0081021.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0081030.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0081031.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0081040.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0081041.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0081050.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0081051.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0081064.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0081065.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP258\A0081067.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP259\A0081081.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP259\A0081129.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP259\A0081130.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP259\A0081139.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP259\A0081142.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP259\A0081151.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP259\A0081153.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP260\A0081155.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP260\A0081164.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP260\A0081165.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP260\A0081176.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP260\A0081177.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP261\A0081199.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP261\A0081180.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP261\A0081188.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP261\A0081189.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP261\A0081198.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP261\A0081208.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP261\A0081209.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP262\A0081212.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP262\A0081214.exe (Trojan.Backdoor) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP262\A0081222.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP262\A0081223.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP262\A0081239.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP262\A0081241.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP262\A0081281.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP262\A0081282.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP262\A0081291.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP262\A0081292.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP263\A0081295.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP263\A0081305.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP263\A0081306.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP263\A0082305.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP263\A0082306.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP264\A0082331.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP264\A0082312.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP264\A0082320.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP264\A0082322.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP264\A0082330.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP265\A0082356.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP265\A0082340.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP265\A0082341.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP265\A0082351.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP265\A0082353.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP265\A0082363.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP265\A0082365.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP266\A0082367.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP266\A0082376.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP266\A0082377.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0082398.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0082482.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0082483.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0087549.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0082530.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0082531.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0083532.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0083535.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0084538.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0085532.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0085533.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0086534.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0086535.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0087534.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0087536.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0087547.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0087559.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0087563.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0088559.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0088562.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0088573.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP267\A0088574.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0090572.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0090575.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0091571.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0092573.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0092575.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0093573.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0093575.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0094575.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0094585.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0094587.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0094597.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0094599.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0095599.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0096597.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0091574.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0096599.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0096609.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0096610.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0097612.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0097626.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0097638.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP268\A0097639.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP269\A0097644.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP269\A0097646.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tdisp.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\~.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\zavupd32.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Bureau\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\removeMe0467.bat (Malware.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kr_done1 (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\qtplugin.exe (Rootkit.Agent) -> Delete on reboot. C:\Documents and Settings\Administrateur\Local Settings\Temp\60325cahp25ca0.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\get_file.php (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\media.php (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\video1166.cfg (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\video1166.cfg.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\wpv271257061249.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\wpv791257179558.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\wpv971255562528.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\restorer32_a.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\restorer32_a.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\a.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\b.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\c.exe (Trojan.Dropper) -> Quarantined and deleted successfully. J'espere que tu ne seras pas desesperé en voyant ça! Merci Si tu préfères je peu te mailer un fichier texte avec les 3 rapports. J'ai peur que tout les copier coller que j'ai du faire perturbent la lecture...

Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini" Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini" Canon Utilities CameraWindow-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini" Canon Utilities Digital Photo Professional 3.4-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\Digital Photo Professional\Uninst.ini" Canon Utilities EOS Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini" Canon Utilities MyCamera-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCamera\Uninst.ini" Canon Utilities Original Data Security Tools-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\Original Data Security Tools\Uninst.ini" Canon Utilities PhotoStitch-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini" Canon Utilities Picture Style Editor-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\Picture Style Editor\Uninst.ini" Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini" Canon Utilities WFT-E1/E2/E3 Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\WFT Utility\Uninst.ini" Canon Utilities ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini" Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX MCU\Uninst.ini" Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program Files\Combined Community Codec Pack\unins000.exe" Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240 DAEMON Tools-->MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0} Download Accelerator Plus (DAP)-->C:\PROGRA~1\DAP\DAPREMOVE.EXE DriverGuide DriverScan-->C:\Program Files\DriverGuide DriverScan\uninstall.exe EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe" foobar2000 v0.9.6.1-->"C:\Program Files\foobar2000\uninstall.exe" _?=C:\Program Files\foobar2000 Free Video to Mp3 Converter version 2.7-->"C:\Program Files\DVDVIDEOSOFT\Free Video to Mp3 Converter\unins000.exe" Freecorder 2.3 (with Skype Call Recording)-->C:\WINDOWS\iun6002.exe "C:\Program Files\Freecorder\irunin.ini" Freecorder Toolbar 3.02 Application-->"C:\WINDOWS\Freecorder Toolbar\uninstall.exe" "/U:C:\Program Files\Freecorder Toolbar\Uninstall\uninstall.xml" Freecorder Toolbar-->C:\PROGRA~1\FREECO~2\UNWISE.EXE C:\PROGRA~1\FREECO~2\INSTALL.LOG Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{3A05B900-A3E7-11DE-A9B7-005056806466} Guitar Pro 4-->MsiExec.exe /X{54A2CFDE-DC70-46E0-92AC-DC88F6303D39} Hattrick Organizer (remove only)-->C:\HattrickOrganizer\Uninstall.exe Hercules Webcam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A250D351-A07F-4D5D-AB6C-693C69B9BFAF}\Setup.exe" -l0x40c HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843} Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Kelly Slater's Pro Surfer-->MsiExec.exe /X{A4479693-378E-49EB-AD5A-C5A8B2BC097A} KnC-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71C554B9-79B7-4B5A-8AF0-C6E5CBE108CC}\setup.exe" -l0x40c -removeonly Ma-Config.com-->MsiExec.exe /X{B312D12A-0320-4462-B6F7-C9B69EB3DB5C} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Media Player Classic fr-->"C:\Program Files\Media Player Classic\uninstall.exe" MicroBR Effect Manager-->MsiExec.exe /I{C864758B-73FC-48AB-98AC-409CAB127F72} Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office Standard Edition 2003-->MsiExec.exe /I{9112040C-6000-11D3-8CFE-0150048383C9} Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Mozilla Firefox (3.0.15)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} MultiRes (remove only)-->C:\Program Files\MultiRes\uninstal.exe Open Video Converter version 3.22-->"C:\Program Files\VideoConverter\unins000.exe" OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U OpenOffice.org 3.0-->MsiExec.exe /I{1572F66F-F9AD-4D45-B0D2-0F45A0D5A0F6} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Outils de Guitare-Online - Accordeur (Version Light), version 2-->"C:\Program Files\Accordeur guitare\unins000.exe" Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpacm_18A9B92ED8DEDC602E49E767FA4BE98A30525207\shpacm.inf Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpusb_558D416BCEB984F35885804D3E1A9C3773F1B17C\shpusb.inf PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} Photomatix Pro version 3.2.5-->"C:\Program Files\PhotomatixPro3\unins000.exe" Pin High Country Club Golf-->C:\PROGRA~1\GAMEHO~1\PINHIG~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\PINHIG~1\INSTALL.LOG PKR-->"C:\Program Files\PKR\uninstall-pkr.exe" PokerStars-->"C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars Proxifier version 2.7-->"C:\Program Files\Proxifier\unins000.exe" ProxyCap-->MsiExec.exe /I{094D498F-466E-4822-97BF-FB43A961B669} QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB} Radeon Omega Drivers v4.8.442 Setup Files and Tools-->"C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe" "/U:C:\Program Files\Radeon Omega Drivers\v4.8.442\Omega Uninstall.xml" RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 River Past Audio Converter Pro-->"C:\WINDOWS\Audio Converter Pro Uninstaller.exe" SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} SLD Codec Pack-->C:\Program Files\SLD Codec Pack\uninstall.exe SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_00661025\HXFSETUP.EXE -U -Iqta00665.inf Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Stop Motion Animator 1.1.XP-->"C:\Program Files\Stop Motion Animator\setup\setup.exe" /u TrackMania Nations ESWC 1.7.9-->"C:\Program Files\TrackMania Nations ESWC\unins000.exe" TrackMania Nations Forever-->"C:\Program Files\Steam\steam.exe" steam://uninstall/11020 Trophy Bass 2007-->"C:\Program Files\Trophy Bass 2007\uninstall.exe" TVUPlayer 2.3.6.1-->C:\Program Files\TVUPlayer\uninst.exe Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E} Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM-->MsiExec.exe /I{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E} Visual C++ 8.0 MFC (x86) WinSXS MSM-->MsiExec.exe /I{9BAE13A2-E7AF-D6C3-FF1F-C8B3B9A1E18E} Visual C++ 8.0 MFC.Policy (x86) WinSXS MSM-->MsiExec.exe /I{68B7C6D9-1DF2-54C1-FF1F-C8B3B9A1E18E} VLC media player 0.9.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe Winamax Poker (remove only)-->"C:\Program Files\WinamaxPoker\uninst.exe" Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" Your Freedom 20071214-01-->C:\Program Files\Your Freedom\Uninstall.exe ======Security center information====== AV: Kaspersky Anti-Virus (disabled) (outdated) ======System event log====== Computer Name: MCE2005 Event Code: 7009 Message: Délai (30000 millisecondes) d'attente pour une connexion du service Service de planification Media Center. Record Number: 20673 Source Name: Service Control Manager Time Written: 20091102155914.000000+060 Event Type: erreur User: Computer Name: MCE2005 Event Code: 10005 Message: DCOM a reçu l'erreur "%1053" lors de la mise en route du service ehSched avec les arguments "-Service" pour démarrer le serveur : {4B635ECB-0887-4015-8CA6-D621362F98D1} Record Number: 20672 Source Name: DCOM Time Written: 20091102155913.000000+060 Event Type: erreur User: MCE2005\Administrateur Computer Name: MCE2005 Event Code: 4226 Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées. Record Number: 20671 Source Name: Tcpip Time Written: 20091102152915.000000+060 Event Type: Avertissement User: Computer Name: MCE2005 Event Code: 7000 Message: Le service Service de planification Media Center n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle. Record Number: 20670 Source Name: Service Control Manager Time Written: 20091102152913.000000+060 Event Type: erreur User: Computer Name: MCE2005 Event Code: 7009 Message: Délai (30000 millisecondes) d'attente pour une connexion du service Service de planification Media Center. Record Number: 20669 Source Name: Service Control Manager Time Written: 20091102152913.000000+060 Event Type: erreur User: =====Application event log===== Computer Name: MCE2005 Event Code: 1000 Message: Application défaillante qtplugin.exe, version 1.1.0.0, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0xfb1769db. Record Number: 6219 Source Name: Application Error Time Written: 20091113191145.000000+060 Event Type: erreur User: Computer Name: MCE2005 Event Code: 105 Message: The service was started. Record Number: 6218 Source Name: ATI Smart Time Written: 20091113191119.000000+060 Event Type: Informations User: Computer Name: MCE2005 Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 6217 Source Name: SecurityCenter Time Written: 20091112201139.000000+060 Event Type: Informations User: Computer Name: MCE2005 Event Code: 1 Message: Record Number: 6216 Source Name: Bonjour Service Time Written: 20091112201138.000000+060 Event Type: Informations User: Computer Name: MCE2005 Event Code: 105 Message: The service was started. Record Number: 6215 Source Name: ATI Smart Time Written: 20091112201132.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Samsung\Samsung PC Studio 3\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=0d06 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip -----------------EOF----------------- et Malwarebytes log : Malwarebytes' Anti-Malware 1.41 Version de la base de données: 3176 Windows 5.1.2600 Service Pack 2 16/11/2009 04:49:50 mbam-log-2009-11-16 (04-49-50).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 233505 Temps écoulé: 2 hour(s), 28 minute(s), 22 second(s) Processus mémoire infecté(s): 5 Module(s) mémoire infecté(s): 2 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 10 Elément(s) de données du Registre infecté(s): 3 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 199 Processus mémoire infecté(s): C:\WINDOWS\system32\sfhsncf.exe (Trojan.Dropper) -> Unloaded process successfully. C:\WINDOWS\Temp\_ex-08.exe (Trojan.Dropper) -> Unloaded process successfully. C:\WINDOWS\system32\qtplugin.exe (Rootkit.Agent) -> Unloaded process successfully. C:\Documents and Settings\Administrateur\restorer32_a.exe (Trojan.FakeAlert) -> Unloaded process successfully. C:\WINDOWS\system32\restorer32_a.exe (Trojan.FakeAlert) -> Unloaded process successfully. Module(s) mémoire infecté(s): C:\Documents and Settings\Administrateur\Local Settings\Temp\cvasds0.dll (Spyware.OnlineGames) -> Delete on reboot. C:\WINDOWS\system32\pqrs.tmo (Backdoor.Bredavi) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\tdisp.sys (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sfhsncf (Trojan.Dropper) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\promoreg (Trojan.Dropper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\registrymonitor1 (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\registrymonitor1 (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cdoosoft (Spyware.OnlineGames) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RList (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\kr_done1 (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\restorer32_a (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\restorer32_a (Trojan.FakeAlert) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe rundll32.exe pqrs.tmo printer) Good: (Explorer.exe) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (c:\windows\system32\userinit.exe,C:\Documents and Settings\Administrateur\octanwf.exe \s) Good: (Userinit.exe) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Documents and Settings\All Users.WINDOWS\Application Data\81280423 (Rogue.Multiple) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Documents and Settings\Administrateur\Local Settings\Temp\cvasds0.dll (Spyware.OnlineGames) -> Delete on reboot. C:\WINDOWS\system32\sfhsncf.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\_ex-08.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\WINDOWS\system32\pqrs.tmo (Backdoor.Bredavi) -> Delete on reboot. C:\Documents and Settings\Administrateur\Local Settings\Temp\herss.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\22yj2fy1.exe (Worm.AutoRun) -> Quarantined and deleted successfully. C:\ctu8r.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\autorun.inf (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\l61yyp.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\ph.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\afpfdtc.exe (Trojan.Backdoor) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\1BE.tmp (Backdoor.Bredavi) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\cvasds1.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\bcxafagy.exe (Trojan.Proxy) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\BN1C1.tmp (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\BN1C2.tmp (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\BN1C3.tmp (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\BN1C4.tmp (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\BN1C5.tmp (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\BN1C6.tmp (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\BN1C7.tmp (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\BN1C8.tmp (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\BN1C9.tmp (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\BN1CA.tmp (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\BN1CB.tmp (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\BN1CC.tmp (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\BN1CD.tmp (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\jugsiykb.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\TMP1FF.tmp (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\tqeefenu.exe (Trojan.Crypt) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users.WINDOWS\Application Data\81280423\81280423.exe (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Program Files\Samsung\Samsung PC Studio 3\util\ProfileLoadX800.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Program Files\Samsung\Samsung PC Studio 3\util\ProfileLoadZ510.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP250\A0080434.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP250\A0080504.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP250\A0080550.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP251\A0080554.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP251\A0080567.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP251\A0080613.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP252\A0080616.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP252\A0080625.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP252\A0080636.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP252\A0080648.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP252\A0080680.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP252\A0080694.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP252\A0080705.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP253\A0080710.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP253\A0080724.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP253\A0080738.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP253\A0080749.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP254\A0080774.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP254\A0080794.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP254\A0080795.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP254\A0080811.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP254\A0080812.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP255\A0080816.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP255\A0080824.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP255\A0080825.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP255\A0080842.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP255\A0080843.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP255\A0080852.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP255\A0080853.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP256\A0080874.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0080958.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0080986.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0080987.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0080996.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0080997.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0081010.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}\RP257\A0081011.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{71C39EDC-2092-4254-8FCA-A921A9BF9962}

S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-09-28 593920] S2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2004-08-10 103424] S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-01 133104] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-06-18 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-06-14 576680] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912] S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- désolé, si j'envoie une réponse trop longue ca me dit " connexion interrompue", je continu... RSIT info : info.txt logfile of random's system information tool 1.06 2009-11-19 16:07:46 ======Uninstall list====== -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Acoustica Beatcraft-->C:\PROGRA~1\ACOUST~1\UNWISE.EXE C:\PROGRA~1\ACOUST~1\INSTALL.LOG Acoustica Effects Pack-->C:\PROGRA~1\ACOUST~2\UNWISE.EXE C:\PROGRA~1\ACOUST~2\INSTALL.LOG Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7} Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2} Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\32e9033392a51340b32fdc6ad893ab7\Setup.exe Adobe Photoshop CS3-->MsiExec.exe /I{BF794769-8875-4E01-B7BE-E00104604F4A} Adobe Photoshop Lightroom 2.4-->MsiExec.exe /I{4FFB0B3B-BF82-4248-A275-630AC5F7EFC5} Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} Adobe Setup-->MsiExec.exe /I{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702} Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Ask & Record Toolbar 4.00 -->"C:\WINDOWS\Ask & Record Toolbar\uninstall.exe" "/U:C:\Program Files\Ask & Record Toolbar\Uninstall\uninstall.xml" Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Display Driver (Omega 3.8.442)-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959} BR Explorer-->C:\WINDOWS\uninst.exe -f"C:\Program Files\BR Explorer\DeIsL1.isu" -c"C:\Program Files\BR Explorer\_ISREG32.DLL" Broadcom 802.11 Wireless LAN Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver" Broadcom Advanced Control Suite-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2A6282FF-B75B-463F-90F5-0A43732F690D} /l1036 Canon Camera Access Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini" Canon Camera Support Core Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini" Canon EOS 5D Pilote WIA -->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BB3AB664-D92B-4CB5-8B3E-D841841F4E68} /l1036 CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini" Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini" Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini" Canon Utilities CameraWindow DC_DV 5

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 40320] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-12-07 5632] R1 tdisp.sys;tdisp.sys; \??\C:\WINDOWS\system32\tdisp.sys [] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032] R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059] R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-15 34064] R3 ac97intc;Service d'installation du pilote audio Intel® 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-12-05 2782208] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-10 1041536] R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-06-10 200064] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824] R3 NSCIRDA;Pilote de périphérique infrarouge NSC; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-04 28672] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 w29n51;Pilote de carte de connexion réseau Intel® PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2007-02-08 2209408] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-10 684800] S3 atimtai;atimtai; C:\WINDOWS\system32\DRIVERS\atimtai.sys [2001-08-23 281728] S3 AVPsys;AVPsys; \??\C:\WINDOWS\system32\drivers\cdaudio.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 dump_wmimmc;dump_wmimmc; \??\C:\Program Files\GOA\KnC\GameGuard\dump_wmimmc.sys [] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys [] S3 ovt530;Webcam Classic; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-12-05 495616] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2004-08-10 194560] R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-04 152984] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iP

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Documents and Settings\Administrateur\Local Settings\Application Data\F4\ClientUpdater\ClientUpdater.exe"="C:\Documents and Settings\Administrateur\Local Settings\Application Data\F4\ClientUpdater\ClientUpdater.exe:*:Enabled:F4 Game Client Updater" "C:\Program Files\River Past\Audio Converter Pro\AudioConverter.exe"="C:\Program Files\River Past\Audio Converter Pro\AudioConverter.exe:*:Enabled:River Past Audio Converter Pro" "C:\WINDOWS\system32\xtsocx.exe"="C:\WINDOWS\system32\xtsocx.exe:*:Enabled:ENABLE" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Documents and Settings\Administrateur\afpfdtc.exe"="C:\Documents and Settings\Administrateur\afpfdtc.exe:*:Enabled:ENABLE" "C:\Documents and Settings\Administrateur\octanwf.exe"="C:\Documents and Settings\Administrateur\octanwf.exe:*:Enabled:ENABLE" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\WINDOWS\system32\sfhsncf.exe"="C:\WINDOWS\system32\sfhsncf.exe:*:Enabled:ENABLE" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9b096e68-96f8-11dd-a70d-0012f06be270}] shell\AutoRun\command - F:\LaunchU3.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ec8b826e-16e2-11dd-8587-9bc57b5f4e43}] shell\AutoRun\command - G:\l61yyp.exe shell\open\command - G:\l61yyp.exe ======List of files/folders created in the last 1 months====== 2009-11-19 16:07:23 ----D---- C:\Program Files\trend micro 2009-11-19 16:07:20 ----D---- C:\rsit 2009-11-19 15:59:00 ----A---- C:\WINDOWS\system32\photo_id.exe 2009-11-16 02:27:47 ----SHD---- C:\Config.Msi 2009-11-16 02:08:03 ----D---- C:\WINDOWS\pss 2009-11-16 01:55:13 ----D---- C:\Qoobox 2009-11-16 01:55:12 ----A---- C:\Bug.txt 2009-11-16 01:54:54 ----D---- C:\32788R22FWJFW 2009-11-16 01:54:36 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes 2009-11-16 01:54:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-11-16 01:54:25 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes 2009-11-16 01:52:05 ----A---- C:\WINDOWS\ntbtlog.txt 2009-11-08 17:22:53 ----D---- C:\Program Files\WinPcap 2009-11-07 12:42:49 ----D---- C:\Program Files\Microsoft 2009-11-07 12:41:51 ----D---- C:\Program Files\Windows Live SkyDrive 2009-11-07 12:04:22 ----D---- C:\Program Files\Fichiers communs\Windows Live ======List of files/folders modified in the last 1 months====== 2009-11-19 16:07:23 ----D---- C:\Program Files 2009-11-19 16:07:17 ----D---- C:\WINDOWS\Prefetch 2009-11-19 16:01:13 ----D---- C:\Program Files\Mozilla Firefox 2009-11-19 15:59:00 ----AD---- C:\WINDOWS\system32 2009-11-19 15:58:50 ----D---- C:\WINDOWS\Temp 2009-11-19 15:51:47 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP 2009-11-19 05:52:13 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-11-19 02:42:26 ----D---- C:\Program Files\PokerStars 2009-11-18 20:34:12 ----A---- C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem with SmartCP.txt 2009-11-18 09:25:01 ----D---- C:\Program Files\WinamaxPoker 2009-11-18 09:05:08 ----D---- C:\WINDOWS\system32\CatRoot2 2009-11-18 09:01:43 ----D---- C:\WINDOWS\Registration 2009-11-18 09:01:40 ----D---- C:\WINDOWS 2009-11-17 04:01:43 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe 2009-11-16 17:24:08 ----D---- C:\Documents and Settings\Administrateur\Application Data\Winamp 2009-11-16 02:46:05 ----SHD---- C:\WINDOWS\Installer 2009-11-16 02:45:09 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab 2009-11-16 02:42:34 ----AD---- C:\WINDOWS\system32\drivers 2009-11-16 02:40:54 ----HD---- C:\WINDOWS\inf 2009-11-16 02:13:44 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-11-16 02:10:16 ----SH---- C:\boot.ini 2009-11-16 02:10:16 ----A---- C:\WINDOWS\win.ini 2009-11-16 02:10:16 ----A---- C:\WINDOWS\system.ini 2009-11-08 23:43:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-11-07 12:42:03 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft 2009-11-07 12:42:02 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-11-07 12:41:16 ----RSD---- C:\WINDOWS\Fonts 2009-11-07 12:41:07 ----D---- C:\Program Files\Windows Live 2009-11-07 12:04:22 ----D---- C:\Program Files\Fichiers commu

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-04 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-04 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2009-09-10 2215960] {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-02-11 365960] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2004-08-10 59392] ""= [] "DownloadAccelerator"=C:\Program Files\DAP\DAP.EXE [2008-06-13 3053056] "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-10 37888] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-04 136600] "AtiPTA"=C:\WINDOWS\system32\atiptaxx.exe [2006-02-22 344064] "DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-07-10 185632] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "Ask and Record FLV Service"=C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe [2009-03-10 156672] "r7vejjwtdn8t"=C:\WINDOWS\system32\r7vejjttdnou.exe [2009-10-07 336896] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] "photo_id"=C:\WINDOWS\system32\photo_id.exe [2009-11-19 60012] "Regedit32"=C:\WINDOWS\system32\regedit.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360] "photo_id"=C:\WINDOWS\system32\config\system [2009-11-19 6815744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\81280423] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\81280423\81280423.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sysgif32] C:\WINDOWS\Temp\wpv791257179558.exe [] C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage sysupd32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2007-12-05 122880] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\TVUPlayer\TVUPlayer.exe"="C:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component" "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC" "C:\Program Files\Steam\steamapps\common\trackmania nations forever\TmForever.exe"="C:\Program Files\Steam\steamapps\common\trackmania nations forever\TmForever.exe:*:Enabled:TmForever" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Pr

O4 - HKCU\..\Run: [photo_id] C:\WINDOWS\system32\config\systemprofile\photo_id.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: sysupd32.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk (HKCU) O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\r7vejjutdn8u.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O10 - Unknown file in Winsock LSP: w2pxdrv.dll O10 - Unknown file in Winsock LSP: w2pxdrv.dll O10 - Unknown file in Winsock LSP: w2pxdrv.dll O10 - Unknown file in Winsock LSP: w2pxdrv.dll O10 - Unknown file in Winsock LSP: w2pxdrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\r7vejjutdn8u.dll O14 - IERESET.INF: START_PAGE_URL=www.generation-nt.com O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1213127469359 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe -- End of file - 9342 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2009-09-10 2215960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-02-11 365960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-05-04 320920] [HKEY_LO

Voila, les 3 rapports : RSIT log : Logfile of random's system information tool 1.06 (written by random/random) Run by Administrateur at 2009-11-19 16:07:20 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 28 GB (29%) free of 95 GB Total RAM: 510 MB (43% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:07:42, on 19/11/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\DAP\DAP.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe C:\WINDOWS\system32\r7vejjttdnou.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Java\jre6\bin\jqsnotify.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\photo_id.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Java\jre6\bin\jqsnotify.exe C:\Documents and Settings\Administrateur\Bureau\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\trend micro\Administrateur.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.generation-nt.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Ask and Record FLV Service] "C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe" /run O4 - HKLM\..\Run: [r7vejjwtdn8t] C:\WINDOWS\system32\r7vejjttdnou.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [photo_id] C:\WINDOWS\system32\photo_id.exe O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe O4 - HKCU\..\Run: [CTFMON.EXE]

Bonjour Thanos. Merci de bien vouloir essayer de m'aider pour mon PC. Il y a du nouveau. En parcourant le net j'ai trouver une procédure qui m'a permis de virer Security tools, grâce au mode sans échec (donc oui ça marche!) Voila la procédure décrite, je n'ai pas appliqué combofix à la fin! http://www.malekal.com/SecurityTool.php Je n'est donc plus le souci des alertes Security Tools, et j'ai récupéré mon bureau et mes programmes! Mais je pense qu'il reste des problèmes, je te poste un log Hitjackthis fait en mode sans échec? Je ne suis pas presser! Encore merci de partager ton temps

Bonjour à tous, Ayant vu que vous connaissez Security tool je me permet de poster ici, sur votre forum. Je ne peu quasi rien faire sur mon PC, plus de bureau, impossible d'exécuter un logiciel, impossible de lire un CD. J'aimerais juste pouvoir récupérer lecture de CD pour réinstaller XP, le lecteur est détecté mais pas les CD! Merci de bien vouloir essayer de m'aider