nissou2008

Bonjour, pour l'instant le pc va super bien, tout semble normal . merci beaucoup pour votre aide et bon courage.

bonjour, merci ma rhaja, je suis déjà passé par cette étape, l'état de ma machine est beaucoup mieux, j'attends juste les commentaires de pear sur le dernier rapport. merci quand même.

bonjour, j'avais copié le contenu du rapport le jeudi, en ouvrant ce matin je ne le trouve pas!! peut être que vous n'avez pas reçu, alors je refais. merci. All processes killed ========== FILES ========== LoadLibrary failed for C:\WINDOWS\system32\cvicvyyv.dll File move failed. C:\WINDOWS\system32\cvicvyyv.dll scheduled to be moved on reboot. ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 236 bytes ->Temporary Internet Files folder emptied: 10074221 bytes ->Java cache emptied: 3496300 bytes ->FireFox cache emptied: 30351790 bytes ->Google Chrome cache emptied: 50631478 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32768 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 201679 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2114937 bytes %systemroot%\System32 .tmp files removed: 3072 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 96 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 34816 bytes Total Files Cleaned = 93.00 mb OTM by OldTimer - Version 3.1.7.0 log created on 01282010_154327 Files moved on Reboot... File move failed. C:\WINDOWS\system32\cvicvyyv.dll scheduled to be moved on reboot. Registry entries deleted on Reboot...

j'ai réessayé plusieurs fois, avec IE, google chrome et j'ai même téléchargé firefox, ça ne marche pas!!! désolée de vous embêter comme ça!! (par contre une collègue ça a marché pour elle l'affichage du site ) merci.

bonjour; je n'ai pas pu afficher la page virustotal, 'lien interrompu', apparemment ma connexion ne le permets pas!! j'ai affiché une copie avec google, mais j'ai pas pu envoyer le fichier!! merci. plutôt 'lien corrompu' .

j'ai posté mais je vois rien afficher alors je refais! alors j'ai fais le scan, et voici le rapport: Avira AntiVir Personal Report file date: 27 جانفييه, 2010 12:35 Scanning for 1369550 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Save mode Username: Administrateur Computer name: DSI208SAIDA Version information: BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 11:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 14:54:15 ANTIVIR2.VDF : 7.0.5.20 142336 Bytes 30/06/2008 06:20:53 ANTIVIR3.VDF : 7.0.5.23 17408 Bytes 30/06/2008 10:24:47 Engineversion : 8.1.1.6 AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 09:46:50 AESCRIPT.DLL : 8.1.0.46 283002 Bytes 08/07/2008 07:33:29 AESCN.DLL : 8.1.0.22 119157 Bytes 09/07/2008 09:46:50 AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 09:46:50 AEPACK.DLL : 8.1.1.6 364918 Bytes 09/07/2008 09:46:50 AEOFFICE.DLL : 8.1.0.20 192891 Bytes 09/07/2008 09:46:50 AEHEUR.DLL : 8.1.0.35 1298806 Bytes 08/07/2008 07:33:29 AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 09:46:50 AEGEN.DLL : 8.1.0.29 307573 Bytes 09/07/2008 09:46:50 AEEMU.DLL : 8.1.0.6 430451 Bytes 09/07/2008 09:46:50 AECORE.DLL : 8.1.1.3 172404 Bytes 09/07/2008 09:46:50 AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 09:50:42 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01 AVREP.DLL : 7.0.0.1 155688 Bytes 30/06/2008 15:35:20 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: repair Secondary action.................: quarantine Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, E:, F:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR, Start of the scan: 27 جانفييه, 2010 12:35 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 11 processes with 11 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'E:\' [iNFO] No virus was found! Boot sector 'F:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '59' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_0000a9 [0] Archive type: RAR SFX (self extracting) --> 32788R22FWJFW\pv.com [DETECTION] Contains recognition pattern of the SPR/Tool.PV program --> 32788R22FWJFW\hidec.exe [DETECTION] Contains recognition pattern of the SPR/Tool.Hide.A program --> 32788R22FWJFW\n.pif [DETECTION] The file contains an executable program that is disguised by a harmless file extension (HIDDENEXT/Crypted) --> 32788R22FWJFW\License\pv_5_2_2.zip [1] Archive type: ZIP --> pv.exe [DETECTION] Contains recognition pattern of the SPR/Tool.PV program [NOTE] The file was moved to '4b902659.qua'! C:\Documents and Settings\Administrateur\Mes documents\Downloads\24781-CF.exe [0] Archive type: RAR SFX (self extracting) --> 32788R22FWJFW\pv.com [DETECTION] Contains recognition pattern of the SPR/Tool.PV program --> 32788R22FWJFW\hidec.exe [DETECTION] Contains recognition pattern of the SPR/Tool.Hide.A program --> 32788R22FWJFW\n.pif [DETECTION] The file contains an executable program that is disguised by a harmless file extension (HIDDENEXT/Crypted) --> 32788R22FWJFW\License\pv_5_2_2.zip [1] Archive type: ZIP --> pv.exe [DETECTION] Contains recognition pattern of the SPR/Tool.PV program [NOTE] The file was moved to '4b97263e.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\pjbfqyoz.dll.vir [DETECTION] Is the TR/Killav.28714 Trojan [NOTE] The file was moved to '4bc22ba5.qua'! C:\Qoobox\Quarantine\E\8paf1d.com.vir [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was moved to '4bc12bac.qua'! C:\Qoobox\Quarantine\E\y6yol.exe.vir [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was moved to '4bd92b73.qua'! C:\Qoobox\Quarantine\F\8paf1d.com.vir [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was moved to '4bc12bae.qua'! C:\Qoobox\Quarantine\F\y6yol.exe.vir [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was moved to '4bd92b76.qua'! C:\WINDOWS\system32\cvicvyyv.dll [WARNING] The file could not be opened! Begin scan in 'E:\' Begin scan in 'F:\' F:\Utilitaires\toad 8.0 sur Oracle Database Administrator (10.7.0.154)\toad 8.0 sur Oracle Database Administrator (10.7.0.154).rar [0] Archive type: RAR --> Quest[1] Toad For Oracle Xpert v8.0-Ror\Quest.Toad.for.Oracle.Xpert.v8.0-ROR\keygen.exe [DETECTION] Is the TR/Agent.34880.A Trojan [NOTE] The file was moved to '4bc1388c.qua'! End of the scan: 27 جانفييه, 2010 13:57 Used time: 1:21:57 Hour(s) The scan has been done completely. 11780 Scanning directories 602700 Files were scanned 14 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 8 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 602684 Files not concerned 9001 Archives were scanned 2 Warnings 8 Notes Merci.

bonjour, j'ai effectué un scan en mode sans échec et voici le rapport: merci. Avira AntiVir Personal Report file date: 27 جانفييه, 2010 12:35 Scanning for 1369550 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Save mode Username: Administrateur Computer name: DSI208SAIDA Version information: BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 11:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 14:54:15 ANTIVIR2.VDF : 7.0.5.20 142336 Bytes 30/06/2008 06:20:53 ANTIVIR3.VDF : 7.0.5.23 17408 Bytes 30/06/2008 10:24:47 Engineversion : 8.1.1.6 AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 09:46:50 AESCRIPT.DLL : 8.1.0.46 283002 Bytes 08/07/2008 07:33:29 AESCN.DLL : 8.1.0.22 119157 Bytes 09/07/2008 09:46:50 AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 09:46:50 AEPACK.DLL : 8.1.1.6 364918 Bytes 09/07/2008 09:46:50 AEOFFICE.DLL : 8.1.0.20 192891 Bytes 09/07/2008 09:46:50 AEHEUR.DLL : 8.1.0.35 1298806 Bytes 08/07/2008 07:33:29 AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 09:46:50 AEGEN.DLL : 8.1.0.29 307573 Bytes 09/07/2008 09:46:50 AEEMU.DLL : 8.1.0.6 430451 Bytes 09/07/2008 09:46:50 AECORE.DLL : 8.1.1.3 172404 Bytes 09/07/2008 09:46:50 AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 09:50:42 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01 AVREP.DLL : 7.0.0.1 155688 Bytes 30/06/2008 15:35:20 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: repair Secondary action.................: quarantine Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, E:, F:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR, Start of the scan: 27 جانفييه, 2010 12:35 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 11 processes with 11 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'E:\' [iNFO] No virus was found! Boot sector 'F:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '59' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_0000a9 [0] Archive type: RAR SFX (self extracting) --> 32788R22FWJFW\pv.com [DETECTION] Contains recognition pattern of the SPR/Tool.PV program --> 32788R22FWJFW\hidec.exe [DETECTION] Contains recognition pattern of the SPR/Tool.Hide.A program --> 32788R22FWJFW\n.pif [DETECTION] The file contains an executable program that is disguised by a harmless file extension (HIDDENEXT/Crypted) --> 32788R22FWJFW\License\pv_5_2_2.zip [1] Archive type: ZIP --> pv.exe [DETECTION] Contains recognition pattern of the SPR/Tool.PV program [NOTE] The file was moved to '4b902659.qua'! C:\Documents and Settings\Administrateur\Mes documents\Downloads\24781-CF.exe [0] Archive type: RAR SFX (self extracting) --> 32788R22FWJFW\pv.com [DETECTION] Contains recognition pattern of the SPR/Tool.PV program --> 32788R22FWJFW\hidec.exe [DETECTION] Contains recognition pattern of the SPR/Tool.Hide.A program --> 32788R22FWJFW\n.pif [DETECTION] The file contains an executable program that is disguised by a harmless file extension (HIDDENEXT/Crypted) --> 32788R22FWJFW\License\pv_5_2_2.zip [1] Archive type: ZIP --> pv.exe [DETECTION] Contains recognition pattern of the SPR/Tool.PV program [NOTE] The file was moved to '4b97263e.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\pjbfqyoz.dll.vir [DETECTION] Is the TR/Killav.28714 Trojan [NOTE] The file was moved to '4bc22ba5.qua'! C:\Qoobox\Quarantine\E\8paf1d.com.vir [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was moved to '4bc12bac.qua'! C:\Qoobox\Quarantine\E\y6yol.exe.vir [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was moved to '4bd92b73.qua'! C:\Qoobox\Quarantine\F\8paf1d.com.vir [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was moved to '4bc12bae.qua'! C:\Qoobox\Quarantine\F\y6yol.exe.vir [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was moved to '4bd92b76.qua'! C:\WINDOWS\system32\cvicvyyv.dll [WARNING] The file could not be opened! Begin scan in 'E:\' Begin scan in 'F:\' F:\Utilitaires\toad 8.0 sur Oracle Database Administrator (10.7.0.154)\toad 8.0 sur Oracle Database Administrator (10.7.0.154).rar [0] Archive type: RAR --> Quest[1] Toad For Oracle Xpert v8.0-Ror\Quest.Toad.for.Oracle.Xpert.v8.0-ROR\keygen.exe [DETECTION] Is the TR/Agent.34880.A Trojan [NOTE] The file was moved to '4bc1388c.qua'! End of the scan: 27 جانفييه, 2010 13:57 Used time: 1:21:57 Hour(s) The scan has been done completely. 11780 Scanning directories 602700 Files were scanned 14 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 8 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 602684 Files not concerned 9001 Archives were scanned 2 Warnings 8 Notes

bonjour, alors j'ai crée un nouveau bloc note CFScript.txt, copié les instructions, et je l'ai glissé sur combofix.exe. voici le rapport: merci. ComboFix 10-01-25.06 - Administrateur 01/27/2010 10:26:21.2.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.213.1036.18.503.223 [GMT 1:00] Lancé depuis: c:\documents and settings\Administrateur\Mes documents\Downloads\24781-CF.exe Commutateurs utilisés :: c:\qoobox\CFScript.txt.txt AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7} FILE :: "c:\windows\system32\01.tmp" "c:\windows\system32\02.tmp" "c:\windows\system32\ezsidmv.dat" "c:\windows\system32\pjbfqyoz.dll" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\01.tmp c:\windows\system32\02.tmp c:\windows\system32\ezsidmv.dat c:\windows\system32\pjbfqyoz.dll . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_W32MAN -------\Service_W32man -------\Service_lgysmmfl ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-27 au 2010-01-27 )))))))))))))))))))))))))))))))))))) . 2010-01-26 09:49 . 2010-01-26 09:49 -------- d-----w- c:\program files\ZHPDiag 2010-01-25 09:19 . 2010-01-25 09:19 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Identities 2010-01-24 14:04 . 2010-01-24 14:04 -------- d-----w- c:\documents and settings\All Users\Application Data\hpqwmi 2010-01-24 13:11 . 2010-01-24 13:13 -------- d-----w- C:\scolr 2010-01-04 14:00 . 2010-01-27 08:17 -------- d-----w- c:\documents and settings\Administrateur\Application Data\skypePM 2010-01-04 14:00 . 2010-01-04 14:00 -------- d-----w- c:\program files\Fichiers communs\Skype 2010-01-04 14:00 . 2010-01-04 14:00 -------- d-----r- c:\program files\Skype . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-27 09:33 . 2010-01-27 09:33 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-01-27 09:16 . 2009-03-14 10:20 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Skype 2010-01-06 13:15 . 2009-12-06 12:20 1 ----a-w- c:\documents and settings\Administrateur\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-01-04 14:00 . 2009-03-14 10:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2010-01-04 10:44 . 2009-07-29 10:41 -------- d-----w- c:\program files\Google 2009-12-10 12:57 . 2009-12-10 12:57 -------- d-----w- c:\program files\Fichiers communs\xing shared 2009-12-10 12:57 . 2009-11-11 13:37 -------- d-----w- c:\program files\Fichiers communs\Real 2009-12-10 12:55 . 2009-12-10 12:55 12252656 ----a-w- C:\realplayer_realplayer_11.1.3_gold_complet_anglais_182262.exe 2009-12-09 10:43 . 2009-03-11 13:08 96072 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-06 12:19 . 2009-12-06 12:19 -------- d-----w- c:\documents and settings\Administrateur\Application Data\OpenOffice.org 2009-12-06 12:05 . 2009-12-06 12:05 -------- d-----w- c:\program files\OpenOffice.org 3 2009-12-01 15:56 . 2009-12-01 15:56 435720 ----a-w- c:\documents and settings\Administrateur\Application Data\Real\Update\setup3.08\setup.exe 2009-11-18 07:23 . 2004-08-16 10:36 64732 ----a-w- c:\windows\system32\perfc00C.dat 2009-11-18 07:23 . 2004-08-16 10:36 448190 ----a-w- c:\windows\system32\perfh00C.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336] "Google Update"="c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-10 133104] "3gp Player"="c:\program files\3gp Player\3gpPlayer.exe" [2007-09-20 634368] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-29 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-09-30 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-09-30 126976] "Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 143360] "MAKTray"="MAKTray.exe" [2004-08-27 287232] "SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824] "LayoutM"="KLayMgr.exe" [2004-08-16 45056] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "HyperappelPL2003"="c:\program files\Larousse\Petit Larousse 2004\bin\HiPL2002popup.exe" [2003-07-04 122880] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-12-10 198160] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\ OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000] c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\ OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "f:\\oracle\\ora92\\Apache\\Apache\\Apache.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R2 OracleOraHome92HTTPServer;OracleOraHome92HTTPServer;f:\oracle\ora92\Apache\Apache\Apache.exe [18-04-2002 22:02 4096] R2 OracleServiceBASE;OracleServiceBASE;f:\oracle\ora92\bin\ORACLE.EXE BASE --> f:\oracle\ora92\bin\ORACLE.EXE BASE [?] S2 OracleOraHome92Agent;OracleOraHome92Agent;f:\oracle\ora92\bin\agntsrvc.exe [26-04-2002 17:29 28944] S3 Oracledev_formsClientCache80;Oracledev_formsClientCache80;f:\dev\forms\BIN\ONRSD80.EXE [27-10-2000 13:45 101136] S3 OracleOraHome92SNMPPeerEncapsulator;OracleOraHome92SNMPPeerEncapsulator;f:\oracle\ora92\bin\encsvc.exe [13-02-2002 8:23 187392] S3 OracleOraHome92SNMPPeerMasterAgent;OracleOraHome92SNMPPeerMasterAgent;f:\oracle\ora92\bin\agntsvc.exe [13-02-2002 8:23 254464] S4 OracleReportServer-Rep60_DSI208SAIDA-dev_forms;Oracle Reports Server [Rep60_DSI208SAIDA-dev_forms];f:\dev\forms\BIN\RWMTS60.EXE [27-10-2000 13:38 110592] . Contenu du dossier 'Tâches planifiées' 2010-01-27 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-29 10:41] 2010-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-29 10:41] 2010-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-29 10:41] 2010-01-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511949088-2501407886-2894658554-500Core.job - c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-10 07:10] 2010-01-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511949088-2501407886-2894658554-500UA.job - c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-10 07:10] . . ------- Examen supplémentaire ------- . uStart Page = about:blank uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A57F0B9B89E2E.dll/cmsidewiki.html . ************************************************************************** Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OracleOraHome92PagingServer] "ImagePath"="f:\oracle\ora92/bin/pagntsrv.exe" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OracleOraHome92TNSListener] "ImagePath"="f:\oracle\ora92\BIN\TNSLSNR " . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(3204) c:\windows\system32\browselc.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\windows\system32\msiexec.exe f:\oracle\ora92\bin\omtsreco.exe f:\oracle\ora92\BIN\TNSLSNR.exe f:\oracle\ora92\bin\ORACLE.EXE c:\program files\Analog Devices\SoundMAX\SMAgent.exe f:\oracle\ora92\jdk\bin\java.exe f:\oracle\ora92\jdk\bin\java.exe f:\oracle\ora92\bin\isqlplus c:\windows\MAKTray.exe c:\program files\OpenOffice.org 3\program\soffice.exe c:\program files\OpenOffice.org 3\program\soffice.bin c:\windows\system32\wscntfy.exe c:\windows\system32\wbem\wmiapsrv.exe c:\program files\Skype\Plugin Manager\skypePM.exe . ************************************************************************** . Heure de fin: 2010-01-27 10:36:18 - La machine a redémarré ComboFix-quarantined-files.txt 2010-01-27 09:36 ComboFix2.txt 2010-01-26 13:45 Avant-CF: 8,743,235,584 octets libres Après-CF: 8,715,317,248 octets libres - - End Of File - - 2758253CA0615ED3786FE4C1BDD80F7C

j'ai trouvé le répertoire Qoobox, mais quel bloc note ouvrir, merci.

bonjour, SVP, où est ce que j'ouvre combofix (j'exécute ce que j'ai téléchargé, 24781-CF.exe?) j'ai pas compris!! merci.

merci beaucoup, je dois quitter maintenant, je termine la procédure demain et je vous poste le rapport. merci encore une fois. PS: je vois déjà une grande amélioration, j'ai pu supprimé nouveau dossier.exe, je peux entrer dans le disque en double cliquant (alors que je devais faire un clic droit, explorer) cordialement.

Bonjour, cette fois ça a marché. voici le rapport entier: merci. ComboFix 10-01-25.06 - Administrateur 01/26/2010 14:32:53.1.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.213.1036.18.503.97 [GMT 1:00] Lancé depuis: c:\documents and settings\Administrateur\Mes documents\Downloads\24781-CF.exe AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\0bcobed.exe C:\2.bat C:\28b6ry9r.exe C:\2a.exe C:\2nuk.com C:\3.cmd C:\6phx.com C:\APHQG.EXE C:\Autorun.inf C:\cahpcg.cmd C:\cb.exe c:\docume~1\ADMINI~1\LOCALS~1\Temp\install_flash_player.exe C:\ej10fkdo.bat C:\em8tqm.cmd C:\eyt.exe C:\fbak.exe C:\fsaht.cmd C:\gpcdt.cmd C:\hifdmgt.com C:\icxpa.cmd C:\jm3cx96.bat C:\luk1ylq.com C:\metdgv.bat C:\minm.cmd C:\n68mqcra.exe C:\Nouveau dossier.exe C:\nu.cmd C:\q9.cmd C:\r6d0.bat c:\recycler\S-1-5-21-1077907795-1819500294-3187226832-500 C:\RunVer.exe C:\sm.exe C:\sv8c2bjw.bat C:\u.com C:\ukvr.bat C:\uxkl0apt.bat c:\windows\AhnRpta.exe c:\windows\obj0401.reg c:\windows\obj0404.reg c:\windows\obj0405.reg c:\windows\obj040d.reg c:\windows\obj040e.reg c:\windows\obj0411.reg c:\windows\obj0412.reg c:\windows\obj0415.reg c:\windows\obj0419.reg c:\windows\obj041e.reg c:\windows\obj0804.reg c:\windows\RunVer.exe c:\windows\system32\autorun.ini c:\windows\system32\e8main0.dll c:\windows\system32\e8main1.dll c:\windows\system32\nmdfgds0.dll c:\windows\system32\nmdfgds1.dll c:\windows\system32\nmdfgds2.dll c:\windows\system32\olhrwef.exe c:\windows\system32\RunVer.exe c:\windows\system32\Ver.exe C:\xdglur.bat C:\ysep1.exe E:\0bcobed.exe E:\28b6ry9r.exe E:\2a.exe E:\2nuk.com E:\3.cmd E:\6phx.com E:\8paf1d.com E:\aphqg.exe E:\autorun.inf E:\cahpcg.cmd E:\cb.exe E:\ej10fkdo.bat E:\em8tqm.cmd E:\eyt.exe E:\fbak.exe E:\fsaht.cmd E:\gpcdt.cmd E:\hifdmgt.com E:\icxpa.cmd E:\jm3cx96.bat E:\luk1ylq.com E:\metdgv.bat E:\minm.cmd E:\n68mqcra.exe E:\nu.cmd E:\q9.cmd E:\r6d0.bat E:\sm.exe E:\sv8c2bjw.bat E:\u.com E:\ukvr.bat E:\uxkl0apt.bat E:\xdglur.bat E:\y6yol.exe E:\ysep1.exe F:\0bcobed.exe F:\28b6ry9r.exe F:\2a.exe F:\2nuk.com F:\3.cmd F:\6phx.com F:\8paf1d.com F:\aphqg.exe F:\autorun.inf F:\cahpcg.cmd F:\cb.exe F:\ej10fkdo.bat F:\em8tqm.cmd F:\eyt.exe F:\fbak.exe F:\fsaht.cmd F:\gpcdt.cmd F:\hifdmgt.com F:\icxpa.cmd F:\jm3cx96.bat F:\luk1ylq.com F:\metdgv.bat F:\minm.cmd F:\n68mqcra.exe F:\nu.cmd F:\q9.cmd F:\r6d0.bat F:\sm.exe F:\sv8c2bjw.bat F:\u.com F:\ukvr.bat F:\uxkl0apt.bat F:\xdglur.bat F:\y6yol.exe F:\ysep1.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_AVPsys ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-26 au 2010-01-26 )))))))))))))))))))))))))))))))))))) . 2010-01-26 12:25 . 2010-01-26 13:01 -------- d-----w- C:\UsbFix 2010-01-26 09:49 . 2010-01-26 09:49 -------- d-----w- c:\program files\ZHPDiag 2010-01-25 09:19 . 2010-01-25 09:19 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Identities 2010-01-24 14:04 . 2010-01-24 14:04 -------- d-----w- c:\documents and settings\All Users\Application Data\hpqwmi 2010-01-24 13:11 . 2010-01-24 13:13 -------- d-----w- C:\scolr 2010-01-04 14:00 . 2010-01-04 14:00 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-01-04 14:00 . 2010-01-26 08:09 -------- d-----w- c:\documents and settings\Administrateur\Application Data\skypePM 2010-01-04 14:00 . 2010-01-04 14:00 -------- d-----w- c:\program files\Fichiers communs\Skype 2010-01-04 14:00 . 2010-01-04 14:00 -------- d-----r- c:\program files\Skype . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-26 13:23 . 2009-03-14 10:20 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Skype 2010-01-06 13:15 . 2009-12-06 12:20 1 ----a-w- c:\documents and settings\Administrateur\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-01-04 14:00 . 2009-03-14 10:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2010-01-04 10:44 . 2009-07-29 10:41 -------- d-----w- c:\program files\Google 2009-12-10 12:57 . 2009-12-10 12:57 -------- d-----w- c:\program files\Fichiers communs\xing shared 2009-12-10 12:57 . 2009-11-11 13:37 -------- d-----w- c:\program files\Fichiers communs\Real 2009-12-10 12:55 . 2009-12-10 12:55 12252656 ----a-w- C:\realplayer_realplayer_11.1.3_gold_complet_anglais_182262.exe 2009-12-09 10:43 . 2009-03-11 13:08 96072 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-06 12:19 . 2009-12-06 12:19 -------- d-----w- c:\documents and settings\Administrateur\Application Data\OpenOffice.org 2009-12-06 12:05 . 2009-12-06 12:05 -------- d-----w- c:\program files\OpenOffice.org 3 2009-12-01 15:56 . 2009-12-01 15:56 435720 ----a-w- c:\documents and settings\Administrateur\Application Data\Real\Update\setup3.08\setup.exe 2009-11-18 07:23 . 2004-08-16 10:36 64732 ----a-w- c:\windows\system32\perfc00C.dat 2009-11-18 07:23 . 2004-08-16 10:36 448190 ----a-w- c:\windows\system32\perfh00C.dat 2009-03-17 08:05 . 2009-03-17 08:05 109568 --sha-r- c:\windows\system32\pjbfqyoz.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336] "Google Update"="c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-10 133104] "3gp Player"="c:\program files\3gp Player\3gpPlayer.exe" [2007-09-20 634368] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-29 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-09-30 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-09-30 126976] "Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 143360] "MAKTray"="MAKTray.exe" [2004-08-27 287232] "SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824] "LayoutM"="KLayMgr.exe" [2004-08-16 45056] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "HyperappelPL2003"="c:\program files\Larousse\Petit Larousse 2004\bin\HiPL2002popup.exe" [2003-07-04 122880] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-12-10 198160] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\ OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000] c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\ OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "f:\\oracle\\ora92\\Apache\\Apache\\Apache.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R2 OracleOraHome92HTTPServer;OracleOraHome92HTTPServer;f:\oracle\ora92\Apache\Apache\Apache.exe [18-04-2002 22:02 4096] R2 OracleServiceBASE;OracleServiceBASE;f:\oracle\ora92\bin\ORACLE.EXE BASE --> f:\oracle\ora92\bin\ORACLE.EXE BASE [?] S2 OracleOraHome92Agent;OracleOraHome92Agent;f:\oracle\ora92\bin\agntsrvc.exe [26-04-2002 17:29 28944] S2 W32man;Shell Config;c:\windows\system32\svchost.exe -k netsvcs [04-08-2004 8:55 14336] S3 cjwex;cjwex;c:\windows\system32\01.tmp [15-03-2009 12:02 4096] S3 lgysmmfl;lgysmmfl;c:\windows\system32\01.tmp [15-03-2009 12:02 4096] S3 Oracledev_formsClientCache80;Oracledev_formsClientCache80;f:\dev\forms\BIN\ONRSD80.EXE [27-10-2000 13:45 101136] S3 OracleOraHome92SNMPPeerEncapsulator;OracleOraHome92SNMPPeerEncapsulator;f:\oracle\ora92\bin\encsvc.exe [13-02-2002 8:23 187392] S3 OracleOraHome92SNMPPeerMasterAgent;OracleOraHome92SNMPPeerMasterAgent;f:\oracle\ora92\bin\agntsvc.exe [13-02-2002 8:23 254464] S3 ujjlbrg;ujjlbrg;c:\windows\system32\02.tmp [15-03-2009 12:06 4096] S4 OracleReportServer-Rep60_DSI208SAIDA-dev_forms;Oracle Reports Server [Rep60_DSI208SAIDA-dev_forms];f:\dev\forms\BIN\RWMTS60.EXE [27-10-2000 13:38 110592] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs W32man . Contenu du dossier 'Tâches planifiées' 2010-01-26 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-29 10:41] 2010-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-29 10:41] 2010-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-29 10:41] 2010-01-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511949088-2501407886-2894658554-500Core.job - c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-10 07:10] 2010-01-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511949088-2501407886-2894658554-500UA.job - c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-10 07:10] . . ------- Examen supplémentaire ------- . uStart Page = about:blank uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A57F0B9B89E2E.dll/cmsidewiki.html . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-RunVer - c:\windows\system32\RunVer.exe ShellExecuteHooks-{BB4C402F-882A-4526-8C08-51278EA437C1} - c:\windows\system32\e8main1.dll ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-26 14:42 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cjwex] "ImagePath"="\??\c:\windows\system32\01.tmp" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lgysmmfl] "ImagePath"="\??\c:\windows\system32\01.tmp" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OracleOraHome92PagingServer] "ImagePath"="f:\oracle\ora92/bin/pagntsrv.exe" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OracleOraHome92TNSListener] "ImagePath"="f:\oracle\ora92\BIN\TNSLSNR " [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ujjlbrg] "ImagePath"="\??\c:\windows\system32\02.tmp" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W32man] "ServiceDll"="c:\windows\system32\pjbfqyoz.dll" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(3588) c:\windows\system32\browselc.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\windows\MAKTray.exe c:\program files\OpenOffice.org 3\program\soffice.exe c:\program files\OpenOffice.org 3\program\soffice.bin c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\windows\system32\msiexec.exe f:\oracle\ora92\bin\omtsreco.exe f:\oracle\ora92\BIN\TNSLSNR.exe f:\oracle\ora92\bin\ORACLE.EXE f:\oracle\ora92\jdk\bin\java.exe f:\oracle\ora92\jdk\bin\java.exe f:\oracle\ora92\bin\isqlplus c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\windows\system32\wbem\wmiapsrv.exe c:\program files\Skype\Plugin Manager\skypePM.exe . ************************************************************************** . Heure de fin: 2010-01-26 14:45:17 - La machine a redémarré ComboFix-quarantined-files.txt 2010-01-26 13:45 Avant-CF: 8,281,337,856 octets libres Après-CF: 8,551,702,528 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect - - End Of File - - AFCE8B9970F5F817E221533CEA9F80FB

bonjour, pas de soucis ma 'rhaja. sinon, désolée une autre fois ça ne marche pas, j'ai téléchargé UsbFix, mais à l'exécution rien ne se passe merci.

bonjour, c'est encore moi, ça bloque toujours mais j'ai réussi quand même à copier le rapport, le voici: Rapport de ZHPDiag v1.25.03 par Nicolas Coolman Run by Administrateur at 26-01-2010 10:59:58 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html Platform : Microsoft Windows XP (5.1.2600) Service Pack 2 MSIE: Internet Explorer v6.0.2900.2180 Boot mode: Normal (Normal boot) Total RAM: 503.4 MB (26% free) System drive C: has 7 GB (41%) free of 17 GB ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 7 Go of 17 Go) D:\ CD-ROM drive (Inserted) E:\ Hard drive, Flash drive, Thumb drive (Free 21 Go of 22 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 21 Go of 35 Go) G:\ Floppy drive, Flash card reader, USB Key (Inserted) ---\\ Processus lancés [MD5.27ADECD949700806EA6D0BD632CEAC67] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [MD5.9EF0F0CC9B413783C0B79D850CDF10B3] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [MD5.00EC08331DEF75C56A62DBBFD3BE47F5] - (.Analog Devices, Inc. - SoundMAX System Tray.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [MD5.0FFA9E2711A0228467BF08228D5B620F] - (.Hewlett-Packard Company - SetRefresh.) -- C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [MD5.1B17E09C1223F6D17336D2DD7A1AF4F4] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [MD5.6E812818306D460D62B4ABEA9FDC6679] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [MD5.C0BF5F3E6CEAAACD939F9C9681CF1960] - (.Pas de propriétaire - HIPL2000Popup MFC Application.) -- C:\Program Files\Larousse\Petit Larousse 2004\bin\HiPL2002popup.exe [MD5.5676E75F98FF8E0F81DFF604A09288BB] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [MD5.5584247B568C2E53934873F4B655FE6A] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe [MD5.BF9EAB227D409CE1E75C23BB10CF5DBC] - (.Skype Technologies S.A. - Skype .) -- C:\Program Files\Skype\Phone\Skype.exe [MD5.626A24ED1228580B9518C01930936DF9] - (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [MD5.8838600222E73EEC7D6B73875D9E890B] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\3gp Player\3gpPlayer.exe [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [MD5.F5C9BB8866B38501D185D0CA5EE388C4] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\RunVer.exe [MD5.9773E0650E0BAB7AE161D2A0ECC7678A] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [MD5.C17761C7381E028EBCA071944A97EB3E] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [MD5.1BD6C2F707A275CB7C16FD99FE0F31CA] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) -- C:\WINDOWS\System32\svchost.exe [MD5.732E0B1ABAACE15D80EC19056B0A2AF9] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe [MD5.626A24ED1228580B9518C01930936DF9] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.3FD5F79AA40B1C244C59DE984E98DC37] - (.Google - gusvc.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [MD5.EBF51A52CF3EDA53664402E2DC60D631] - (.Microsoft Corporation - Windows® installer.) -- C:\WINDOWS\system32\msiexec.exe [MD5.9E0EC06E024B152C4EC3DA0E6F2C87F3] - (.Oracle Corporation - Oracle MTS Recovery Service.) -- F:\oracle\ora92\bin\omtsreco.exe [MD5.B602C8D5554FCB17DFEDDCF5696CE8C6] - (.Oracle Corporation - Oracle Intelligent Agent Executable.) -- F:\oracle\ora92\bin\agntsrvc.exe [MD5.0503AC4BC3581BCC782EF8B38C3FD059] - (.Pas de propriétaire - Pas de description.) -- F:\oracle\ora92\BIN\ONRSD.EXE [MD5.5C5AFA3DC62A19E00728BDB11C0300A9] - (.Pas de propriétaire - Pas de description.) -- F:\oracle\ora92\Apache\Apache\apache.exe [MD5.9F3744A5C6F49291A7A685040A013399] - (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\system32\lsass.exe [MD5.3978F082274F723AD5A0A8058C2417DD] - (.Analog Devices, Inc. - SoundMAX service agent component.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [MD5.B4EF928E4FAD79364A80ACBA6D999934] - (.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: Shell=Explorer.exe RunVer.exe ---\\ Pages de démarrage d'Internet Explorer (R0) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Bibliothèque d'objets et de contrôles de do.) (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)) -- C:\WINDOWS\system32\shdocvw.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 7.0 for Act.) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} . (.Pas de propriétaire - PDFCreator Toolbar.) -- C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} . (.Pas de propriétaire - PDFCreator Toolbar.) -- C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [smapp] . (.Analog Devices, Inc. - SoundMAX System Tray.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [setRefresh] . (.Hewlett-Packard Company - SetRefresh.) -- C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [MSPY2002] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe O4 - HKLM\..\Run: [HyperappelPL2003] . (.Pas de propriétaire - HIPL2000Popup MFC Application.) -- C:\Program Files\Larousse\Petit Larousse 2004\bin\HiPL2002popup.exe O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [cdoosoft] . (.Pas de propriétaire - Pas de description.) -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\olhrwef.exe O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype .) -- C:\Program Files\Skype\Phone\Skype.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe O4 - HKCU\..\Run: [3gp Player] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\3gp Player\3gpPlayer.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [RunVer] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\RunVer.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.EXE O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.EXE O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.EXE O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: OpenOffice.org 3.1.lnk . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\OpenOffice.org 3\program\quickstart.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE O8 - Extra context menu item: Google Sidewiki... - (No file) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A57F0B9B89E2E.dll/cmsidewiki.html ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (No file) - C:\Program Files\Messenger\msmsgs.exe,302 ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\system32\SHELL32.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\System32\igfxsrvc.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Pas de propriétaire - Pas de description.) -- %SystemRoot%\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ???? ????? Google (gupdate1ca10392566d25a) (gupdate1ca10392566d25a) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Windows Installer (MSIServer) . (.Microsoft Corporation.) - C:\WINDOWS\system32\msiexec.exe O23 - Service: OracleMTSRecoveryService (OracleMTSRecoveryService) . (.Oracle Corporation.) - F:\oracle\ora92\bin\omtsreco.exe O23 - Service: OracleOraHome92Agent (OracleOraHome92Agent) . (.Oracle Corporation.) - F:\oracle\ora92\bin\agntsrvc.exe O23 - Service: OracleOraHome92ClientCache (OracleOraHome92ClientCache) . (.Pas de propriétaire.) - F:\oracle\ora92\BIN\ONRSD.EXE O23 - Service: OracleOraHome92HTTPServer (OracleOraHome92HTTPServer) . (.Pas de propriétaire.) - F:\oracle\ora92\Apache\Apache\apache.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) . (.Analog Devices, Inc..) - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Spouleur d'impression (Spooler) . (.Microsoft Corporation.) - C:\WINDOWS\system32\spoolsv.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Google Software Updater.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1511949088-2501407886-2894658554-500Core.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1511949088-2501407886-2894658554-500UA.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- Run O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file) O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file) O40 - ASIC: Macromedia Shockwave Director 8.5 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Macromedia, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Macromed\Director\SwDir.dll O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\system32\danim.dll O40 - ASIC: Macromedia Shockwave Director 8.5 - {2A202491-F00D-11cf-87CC-0020AFEECF20} - (not file) O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file) O40 - ASIC: Logiciel de navigation hors connexion - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file) O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file) O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file) O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file) O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- advpack.dll O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file) O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file) O40 - ASIC: Aide sur Internet Explorer - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file) O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file) O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file) O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- advpack.dll O40 - ASIC: Outils d'installation Internet Explorer - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file) O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file) O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- advpack.dll O40 - ASIC: Accès au site MSN - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file) O40 - ASIC: Web Folders - {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - (not file) O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\System32\shell32.dll O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'installation individualisée de Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\WINDOWS\system32\mscories.dll O40 - ASIC: Liaison de données Dynamic HTML - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file) O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file) O40 - ASIC: Polices de base Internet Explorer - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file) O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file) O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file) O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r32.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx O40 - ASIC: Aide HTML - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file) O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file) ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: AFD (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\System32\drivers\afd.sys O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys O41 - Driver: Pilote de CD-ROM (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys O41 - Driver: Pilote de filtre de gravure CD (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: Pilote de processeur Intel (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys O41 - Driver: Pilote IPSEC (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: Pilote de la classe Clavier (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: Pilote HID de clavier (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys O41 - Driver: Pilote de la classe Souris (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: MRXSMB (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: Interface NetBIOS (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: NetBIOS sur TCP/IP (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys O41 - Driver: Pilote processeur Intel Pentium III (P3) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\p3.sys O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: Rdbss (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys O41 - Driver: (no object) (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: Pilote de port série (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys O41 - Driver: Pilote du protocole TCP/IP (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: Pilote de périphérique terminal (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys O41 - Driver: (no object) (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\System32\drivers\vga.sys O41 - Driver: Interface de gestion Microsoft Windows pour ACPI (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - C:\WINDOWS\system32\DRIVERS\wmiacpi.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 3gp Player - (.Pas de propriétaire.) O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) O42 - Logiciel: Adobe Reader 7.0.5 - Français - (.Adobe Systems Incorporated.) O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) O42 - Logiciel: Broadcom Management Programs - (.Broadcom.) O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) O42 - Logiciel: Google Update Helper - (.Google Inc..) O42 - Logiciel: Google Earth - (.Google.) O42 - Logiciel: HP Help and Support - (.Pas de propriétaire.) O42 - Logiciel: HP ProtectTools Security Manager 1.00 C2 - (.Hewlett-Packard Company.) O42 - Logiciel: HP Smart Card Security for ProtectTools 5.00 D4 - (.Hewlett-Packard Company.) O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) O42 - Logiciel: InterVideo WinDVD - (.InterVideo Inc..) O42 - Logiciel: J2SE Runtime Environment 5.0 - (.Sun Microsystems, Inc..) O42 - Logiciel: K-Lite Codec Pack 3.2.5 Standard - (.Pas de propriétaire.) O42 - Logiciel: Keyboard Layout Management Application - (.Pas de propriétaire.) O42 - Logiciel: MAK - (.Pas de propriétaire.) O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) O42 - Logiciel: PDFCreator Toolbar - (.Pas de propriétaire.) O42 - Logiciel: Petit Larousse 2004 - (.Pas de propriétaire.) O42 - Logiciel: PowerQuest PartitionMagic 8.0 - (.PowerQuest.) O42 - Logiciel: RealPlayer - (.RealNetworks.) O42 - Logiciel: Shockwave - (.Pas de propriétaire.) O42 - Logiciel: Skype™ 4.1 - (.Skype Technologies S.A..) O42 - Logiciel: Software Setup - (.Pas de propriétaire.) O42 - Logiciel: SoundMAX - (.Analog Devices.) O42 - Logiciel: VideoLAN VLC media player 0.8.5 - (.VideoLAN Team.) ---\\ Contenu des dossiers Fichiers Communs (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\3gp Player O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Altiris O43 - CFD:Common File Directory ----D- C:\Program Files\Analog Devices O43 - CFD:Common File Directory ----D- C:\Program Files\Avira O43 - CFD:Common File Directory ----D- C:\Program Files\Broadcom O43 - CFD:Common File Directory ----D- C:\Program Files\Compaq O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\Google O43 - CFD:Common File Directory ----D- C:\Program Files\Hewlett-Packard O43 - CFD:Common File Directory ----D- C:\Program Files\HPMAK O43 - CFD:Common File Directory ----D- C:\Program Files\HPQ O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\InterVideo O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab O43 - CFD:Common File Directory ----D- C:\Program Files\Larousse O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSN O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD:Common File Directory ----D- C:\Program Files\Oracle O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\PDFCreator O43 - CFD:Common File Directory ----D- C:\Program Files\PDFCreator Toolbar O43 - CFD:Common File Directory ----D- C:\Program Files\PowerQuest O43 - CFD:Common File Directory ----D- C:\Program Files\Raccourcis de programmes O43 - CFD:Common File Directory ----D- C:\Program Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne O43 - CFD:Common File Directory R---D- C:\Program Files\Skype O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Kaspersky Lab O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\xing shared ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) merci.

bonjour, merci pour votre réponse. j'ai suivi vos directives, au bout d'un moment du scan il m'affiche ce message: '9:' n'est pas une valeur entière correcte! et puis ça bloque!! j'ai fermé, j'ai désactivé l'antivirus que j'ai (avira), et j'ai relancé ZHPDiag même chose! merci.

bonjour à tous, mon PC a été contaminé par le virus nouveau dossier, en pensant que c'était un répertoire, j'ai double cliqué et donc exécuté le virus. j'ai directement remarqué que ma machine est devenue très lente, difficulté ou impossibilité de copier des fichiers d'un disque à un autre ou d'une clé au disque et vice versa. merci de m'aider à nettoyer ma machine. cordialement. configuration: windows XP IEplorer et google chrome.