HERVETWO

Bonjour Apollo peux tu me dire si mes analyses sont bonnes Merci

RE VOICI CI APRES LE RAPPORT OTM All processes killed ========== PROCESSES ========== No active process named explorer.exe was found! ========== FILES ========== C:\DOCUME~1\LD\eMule Terminé\Sophos Antivirus Keygen.txt moved successfully. C:\DOCUME~1\LD\Recent\(Cracks) Sophos.lnk moved successfully. C:\DOCUME~1\LD\Recent\Sophos Antivirus Keygen.lnk moved successfully. ========== REGISTRY ========== ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LD ->Temp folder emptied: 4041501 bytes ->Temporary Internet Files folder emptied: 1748422 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Apple Safari cache emptied: 181806285 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 16384 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 32768 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 84541444 bytes Total Files Cleaned = 260,00 mb OTM by OldTimer - Version 3.1.8.0 log created on 02072010_220641 Files moved on Reboot... C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_e0.dat moved successfully. C:\WINDOWS\temp\Perflib_Perfdata_ab4.dat moved successfully. Registry entries deleted on Reboot... MERC

ok je vais arreter avec ces crack en download mais pour usbfix cetait pour faire mieux sinon je vais lacer ton OTM CDT

BONSOIR APOLLO cest bizarre sur le forum j'ai poste hier les resultats du scan Navilog et et usbfix mais je constate quils ny sont pas, cest pas grave je poste de nouveau Fix Navipromo version 4.0.6 commencé le 06/02/2010 21:31:48,07 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 03.01.2010 à 11h00 par IL-MAFIOSO Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3200+ ) BIOS : Ver 1.00PARTTBL USER : LD ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) C:\ (Local Disk) - NTFS - Total:74 Go (Free:4 Go) D:\ (CD or DVD) E:\ (USB) - FAT32 - Total:15273 Mo (Free:11 Go) F:\ (CD or DVD) G:\ (CD or DVD) H:\ (CD or DVD) I:\ (USB) - FAT32 - Total:7633 Mo (Free:0 Go) Recherche executée en mode normal Nettoyage exécuté au redémarrage de l'ordinateur C:\Program Files\Live-Player supprimé ! c:\docume~1\alluse~1\menudm~1\progra~1\Live-Player supprimé ! C:\Documents and Settings\LD\applic~1\Live-Player supprimé ! c:\docume~1\alluse~1\bureau\Live-Player.lnk supprimé ! Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\LD\locals~1\Temp effectué ! *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Scan terminé 06/02/2010 21:36:04,82 *** ci apres aussi ceux de usbfix ############################## | UsbFix V6.091 | User : LD (Administrateurs) # H2-99388EB6FC98 Update on 05/02/2010 by El Desaparecido , C_XX & Chimay8 Start at: 21:49:54 | 06/02/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com AMD Athlon 64 Processor 3200+ Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Enabled AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ] C:\ -> Disque fixe local # 74,52 Go (4,19 Go free) # NTFS D:\ -> Disque CD-ROM E:\ -> Disque amovible # 14,92 Go (11,11 Go free) # FAT32 F:\ -> Disque CD-ROM G:\ -> Disque CD-ROM H:\ -> Disque CD-ROM I:\ -> Disque amovible # 7,45 Go (651,66 Mo free) # FAT32 ############################## | Processus actifs | C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\logonui.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\userinit.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ################## | Elements infectieux | Supprimé ! C:\Recycler\S-1-5-21-1708537768-1757981266-725345543-1004 ################## | Registre | ################## | Mountpoints2 | ################## | Listing des fichiers présent | [04/02/2010 21:21|--a------|506] C:\Ad-Report-CLEAN[1].log [04/02/2010 22:04|--a------|506] C:\Ad-Report-CLEAN[2].log [04/02/2010 18:59|--a------|501] C:\Ad-Report-SCAN[1].log [04/02/2010 19:41|--a------|501] C:\Ad-Report-SCAN[2].log [24/03/2008 20:05|---hs----|7] C:\AUTOEXEC.BAT [23/08/2009 18:18|--a------|216] C:\Boot.bak [06/02/2010 21:23|-rahs----|286] C:\boot.ini [05/08/2004 13:00|-rahs----|4952] C:\Bootfont.bin [06/02/2010 21:36|--a------|1455] C:\cleannavi.txt [03/08/2004 23:00|--a------|263488] C:\cmldr [02/02/2010 19:58|--a------|18882] C:\ComboFix.txt [09/11/2007 01:43|--a------|0] C:\CONFIG.SYS [09/11/2007 06:06|--a------|15586] C:\DNSP1.LOG [09/11/2007 23:49|--a------|3646] C:\hcwclear.txt [?|?|?] C:\hiberfil.sys [09/11/2007 06:13|--a------|171] C:\HSC.log [09/11/2007 01:43|-rahs----|0] C:\IO.SYS [10/11/2007 00:07|--a------|3387] C:\mmcInst.log [09/11/2007 06:17|--a------|161] C:\mscuxp.log [09/11/2007 01:43|-rahs----|0] C:\MSDOS.SYS [05/08/2004 13:00|-rahs----|47564] C:\NTDETECT.COM [05/08/2004 13:00|-rahs----|251712] C:\ntldr [29/02/2004 16:44|--a------|52576] C:\orange.bmp [?|?|?] C:\pagefile.sys [09/11/2007 06:20|--a------|200] C:\sedinst2.log [09/11/2007 06:26|--a------|171] C:\setup.log [09/11/2007 06:25|--a------|24062] C:\sunjava.log [09/11/2007 06:13|--a------|190] C:\syntp.log [06/02/2010 13:06|--a------|3662] C:\TB.txt [06/02/2010 21:24|--a------|822] C:\test.txt [09/11/2007 05:59|--a------|32] C:\ticrdbus.log [06/02/2010 21:56|--a------|3639] C:\UsbFix.txt [14/01/2008 22:54|--a------|146] C:\YServer.txt [16/11/2009 16:45|--a------|264127] E:\SAT3.PDF [03/02/2010 13:19|--a------|1496914] E:\UsbFix.exe [03/02/2010 13:43|--a------|162414] E:\a-squared-Anti-Malware.exe [27/08/2009 10:08|--a------|10427904] I:\INST SIMPLIFIEE.xls [21/08/2009 16:42|--a------|659968] I:\equipements voltaire.xls [19/01/2009 18:58|--a------|445757] I:\464_gh_retour_h2[1].pdf [19/01/2009 19:02|--a------|499404] I:\464_gh_aller_h2[1].pdf [20/01/2009 15:25|--a------|416517] I:\437_gh_aller_h2.pdf [20/01/2009 15:25|--a------|372410] I:\437_gh_retour_h2.pdf [20/01/2009 15:26|--a------|662748] I:\439_gh_aller_h2.pdf [20/01/2009 15:26|--a------|465128] I:\439_gh_retour_h2.pdf [03/02/2010 13:19|--a------|1496914] I:\UsbFix.exe [03/02/2010 13:43|--a------|162414] I:\a-squared-Anti-Malware.exe ################## | Vaccination | # C:\autorun.inf -> Dossier créé par UsbFix . # E:\autorun.inf -> Dossier créé par UsbFix . # I:\autorun.inf -> Dossier créé par UsbFix . ################## | Upload | Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_H2-99388EB6FC98.zip : http://chiquitine.changelog.fr/Sample/Upload.php Merci pour votre contribution . ################## | ! Fin du rapport # UsbFix V6.091 ! | Merci d'avance

RE VOICI LE RAPPORT USB FIX OPTON SUPRESSION ############################## | UsbFix V6.091 | User : LD (Administrateurs) # H2-99388EB6FC98 Update on 05/02/2010 by El Desaparecido , C_XX & Chimay8 Start at: 21:49:54 | 06/02/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com AMD Athlon 64 Processor 3200+ Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Enabled AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ] C:\ -> Disque fixe local # 74,52 Go (4,19 Go free) # NTFS D:\ -> Disque CD-ROM E:\ -> Disque amovible # 14,92 Go (11,11 Go free) # FAT32 F:\ -> Disque CD-ROM G:\ -> Disque CD-ROM H:\ -> Disque CD-ROM I:\ -> Disque amovible # 7,45 Go (651,66 Mo free) # FAT32 ############################## | Processus actifs | C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\logonui.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\userinit.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ################## | Elements infectieux | Supprimé ! C:\Recycler\S-1-5-21-1708537768-1757981266-725345543-1004 ################## | Registre | ################## | Mountpoints2 | ################## | Listing des fichiers présent | [04/02/2010 21:21|--a------|506] C:\Ad-Report-CLEAN[1].log [04/02/2010 22:04|--a------|506] C:\Ad-Report-CLEAN[2].log [04/02/2010 18:59|--a------|501] C:\Ad-Report-SCAN[1].log [04/02/2010 19:41|--a------|501] C:\Ad-Report-SCAN[2].log [24/03/2008 20:05|---hs----|7] C:\AUTOEXEC.BAT [23/08/2009 18:18|--a------|216] C:\Boot.bak [06/02/2010 21:23|-rahs----|286] C:\boot.ini [05/08/2004 13:00|-rahs----|4952] C:\Bootfont.bin [06/02/2010 21:36|--a------|1455] C:\cleannavi.txt [03/08/2004 23:00|--a------|263488] C:\cmldr [02/02/2010 19:58|--a------|18882] C:\ComboFix.txt [09/11/2007 01:43|--a------|0] C:\CONFIG.SYS [09/11/2007 06:06|--a------|15586] C:\DNSP1.LOG [09/11/2007 23:49|--a------|3646] C:\hcwclear.txt [?|?|?] C:\hiberfil.sys [09/11/2007 06:13|--a------|171] C:\HSC.log [09/11/2007 01:43|-rahs----|0] C:\IO.SYS [10/11/2007 00:07|--a------|3387] C:\mmcInst.log [09/11/2007 06:17|--a------|161] C:\mscuxp.log [09/11/2007 01:43|-rahs----|0] C:\MSDOS.SYS [05/08/2004 13:00|-rahs----|47564] C:\NTDETECT.COM [05/08/2004 13:00|-rahs----|251712] C:\ntldr [29/02/2004 16:44|--a------|52576] C:\orange.bmp [?|?|?] C:\pagefile.sys [09/11/2007 06:20|--a------|200] C:\sedinst2.log [09/11/2007 06:26|--a------|171] C:\setup.log [09/11/2007 06:25|--a------|24062] C:\sunjava.log [09/11/2007 06:13|--a------|190] C:\syntp.log [06/02/2010 13:06|--a------|3662] C:\TB.txt [06/02/2010 21:24|--a------|822] C:\test.txt [09/11/2007 05:59|--a------|32] C:\ticrdbus.log [06/02/2010 21:56|--a------|3639] C:\UsbFix.txt [14/01/2008 22:54|--a------|146] C:\YServer.txt [16/11/2009 16:45|--a------|264127] E:\SAT3.PDF [03/02/2010 13:19|--a------|1496914] E:\UsbFix.exe [03/02/2010 13:43|--a------|162414] E:\a-squared-Anti-Malware.exe [27/08/2009 10:08|--a------|10427904] I:\INST SIMPLIFIEE.xls [21/08/2009 16:42|--a------|659968] I:\equipements voltaire.xls [19/01/2009 18:58|--a------|445757] I:\464_gh_retour_h2[1].pdf [19/01/2009 19:02|--a------|499404] I:\464_gh_aller_h2[1].pdf [20/01/2009 15:25|--a------|416517] I:\437_gh_aller_h2.pdf [20/01/2009 15:25|--a------|372410] I:\437_gh_retour_h2.pdf [20/01/2009 15:26|--a------|662748] I:\439_gh_aller_h2.pdf [20/01/2009 15:26|--a------|465128] I:\439_gh_retour_h2.pdf [03/02/2010 13:19|--a------|1496914] I:\UsbFix.exe [03/02/2010 13:43|--a------|162414] I:\a-squared-Anti-Malware.exe ################## | Vaccination | # C:\autorun.inf -> Dossier créé par UsbFix . # E:\autorun.inf -> Dossier créé par UsbFix . # I:\autorun.inf -> Dossier créé par UsbFix . ################## | Upload | Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_H2-99388EB6FC98.zip : http://chiquitine.changelog.fr/Sample/Upload.php Merci pour votre contribution . ################## | ! Fin du rapport # UsbFix V6.091 ! |

RE je sais we re on weekend bon on essai de se repondre si on peut voici le rapport de Navilog Fix Navipromo version 4.0.6 commencé le 06/02/2010 21:31:48,07 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 03.01.2010 à 11h00 par IL-MAFIOSO Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3200+ ) BIOS : Ver 1.00PARTTBL USER : LD ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) C:\ (Local Disk) - NTFS - Total:74 Go (Free:4 Go) D:\ (CD or DVD) E:\ (USB) - FAT32 - Total:15273 Mo (Free:11 Go) F:\ (CD or DVD) G:\ (CD or DVD) H:\ (CD or DVD) I:\ (USB) - FAT32 - Total:7633 Mo (Free:0 Go) Recherche executée en mode normal Nettoyage exécuté au redémarrage de l'ordinateur C:\Program Files\Live-Player supprimé ! c:\docume~1\alluse~1\menudm~1\progra~1\Live-Player supprimé ! C:\Documents and Settings\LD\applic~1\Live-Player supprimé ! c:\docume~1\alluse~1\bureau\Live-Player.lnk supprimé ! Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\LD\locals~1\Temp effectué ! *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Scan terminé 06/02/2010 21:36:04,82 *** Merci d'avance

OK VOICI LE RAPPORT MBAM Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3697 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 06/02/2010 15:09:58 mbam-log-2010-02-06 (15-09-58).txt Type de recherche: Examen complet (C:\|E:\|I:\|) Eléments examinés: 228214 Temps écoulé: 1 hour(s), 39 minute(s), 59 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) CDT

RE CI APRES LE RAPPORT TOOLBAR SD OPTION 2 -----------\\ ToolBar S&D 1.2.9 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3200+ ) BIOS : Ver 1.00PARTTBL USER : LD ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) C:\ (Local Disk) - NTFS - Total:74 Go (Free:3 Go) D:\ (CD or DVD) F:\ (CD or DVD) G:\ (CD or DVD) H:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [2] ( 06/02/2010|13:04 ) -----------\\ SUPPRESSION Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml Supprime! - C:\Program Files\DAEMON Tools Toolbar -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (LD) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://fr.msn.com/" "SearchMigratedDefaultURL"="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}" "Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Default_page_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Search bar"="http://go.microsoft.com/fwlink/?linkid=54896" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.msn.com/" "Search bar"="http://search.msn.com/spbasic.htm" --------------------\\ Recherche d'autres infections C:\Program Files\Live-Player C:\Program Files\Live-Player\data C:\Program Files\Live-Player\img C:\Program Files\Live-Player\live-player.log C:\Program Files\Live-Player\SkinCrafterDll.dll C:\Program Files\Live-Player\skins C:\Program Files\Live-Player\sqlite3.dll C:\Program Files\Live-Player\TT_VTX.log C:\Program Files\Live-Player\TT_VTX01.log C:\Program Files\Live-Player\TT_VTX02.log C:\Program Files\Live-Player\TT_VTX03.log C:\Program Files\Live-Player\TT_VTX04.log C:\Program Files\Live-Player\TT_VTX05.log C:\Program Files\Live-Player\TT_VTX06.log C:\Program Files\Live-Player\TT_VTX07.log C:\Program Files\Live-Player\TT_VTX08.log C:\DOCUME~1\LD\APPLIC~1\live-player C:\DOCUME~1\LD\APPLIC~1\live-player\liveplayer.s3db C:\DOCUME~1\LD\APPLIC~1\live-player\flv.swf C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Live-Player C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Live-Player\Conditions générales.url C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Live-Player\Confidentialité.url C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Live-Player\Désinstaller.lnk C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Live-Player\Live-Player.lnk C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Live-Player\Website.url ==> EGDACCESS <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\LD\eMule Terminé\Sophos Antivirus Keygen.txt C:\DOCUME~1\LD\Recent\(Cracks) Sophos.lnk C:\DOCUME~1\LD\Recent\Sophos Antivirus Keygen.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 06/02/2010|12:59 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 06/02/2010|13:06 - Option : [2] -----------\\ Fin du rapport a 13:06:18,81

Bonjour apollo Suite aus conseils donnés voici le rapport Toolbar-SD option 1 -----------\\ ToolBar S&D 1.2.9 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3200+ ) BIOS : Ver 1.00PARTTBL USER : LD ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) C:\ (Local Disk) - NTFS - Total:74 Go (Free:3 Go) D:\ (CD or DVD) F:\ (CD or DVD) G:\ (CD or DVD) H:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [1] ( 06/02/2010|12:57 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\DAEMON Tools Toolbar C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml -----------\\ Extensions (LD) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://fr.msn.com/"'>http://fr.msn.com/" "SearchMigratedDefaultURL"="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}" "Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Default_page_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Search bar"="http://go.microsoft.com/fwlink/?linkid=54896" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://fr.msn.com/" "Search bar"="http://search.msn.com/spbasic.htm" --------------------\\ Recherche d'autres infections C:\Program Files\Live-Player C:\Program Files\Live-Player\data C:\Program Files\Live-Player\img C:\Program Files\Live-Player\live-player.log C:\Program Files\Live-Player\SkinCrafterDll.dll C:\Program Files\Live-Player\skins C:\Program Files\Live-Player\sqlite3.dll C:\Program Files\Live-Player\TT_VTX.log C:\Program Files\Live-Player\TT_VTX01.log C:\Program Files\Live-Player\TT_VTX02.log C:\Program Files\Live-Player\TT_VTX03.log C:\Program Files\Live-Player\TT_VTX04.log C:\Program Files\Live-Player\TT_VTX05.log C:\Program Files\Live-Player\TT_VTX06.log C:\Program Files\Live-Player\TT_VTX07.log C:\Program Files\Live-Player\TT_VTX08.log C:\DOCUME~1\LD\APPLIC~1\live-player C:\DOCUME~1\LD\APPLIC~1\live-player\liveplayer.s3db C:\DOCUME~1\LD\APPLIC~1\live-player\flv.swf C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Live-Player C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Live-Player\Conditions générales.url C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Live-Player\Confidentialité.url C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Live-Player\Désinstaller.lnk C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Live-Player\Live-Player.lnk C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Live-Player\Website.url ==> EGDACCESS <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\LD\eMule Terminé\Sophos Antivirus Keygen.txt C:\DOCUME~1\LD\Recent\(Cracks) Sophos.lnk C:\DOCUME~1\LD\Recent\Sophos Antivirus Keygen.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 06/02/2010|12:59 - Option : [1] -----------\\ Fin du rapport a 12:59:52,71

RE Apollo au fait j'ai utilise ton Ad-Remover mais le souci cest que le la progression du scan reste a 4 % pendnat plus de 1h du coup j'ai été obligé de rebooter mon pc et essayé une deuxieme fois mais pareille progression scan reste à 4 % pendant 1 h la j'ai laisse tomber peux tu me dire si y'a un souci ou ya til autrement thanks

Bonjour Apollo J'ai bien recu le message à mon retour du travail je vais l'appliquer Cordialement

RE apollo merci infiniment, maintenant jarive a me conecter sur le site de microsoft et msn Je pense que j'ai réussi à sauter le ver conficker donc ceci peut servir pour d'autres merci d'avance

RE CI-apres les log de symentec Symantec W32.Downadup Removal Tool 1.1.0.7 process: svchost.exe, thread: 00000170 (terminated) process: svchost.exe, thread: 00000EBC (terminated) process: svchost.exe, thread: 0000021C (terminated) process: svchost.exe, thread: 00000220 (terminated) process: svchost.exe, thread: 00000224 (terminated) process: svchost.exe, thread: 0000022C (terminated) process: svchost.exe (terminated) C:\WINDOWS\system32\afwmm.dll: W32.Downadup.B (unrepairable) (deleted) registry: HKLM\system\CurrentControlSet\Services\BITS: Start (value set to 0x00000003 (3)) registry: HKLM\system\CurrentControlSet\Services\ERSvc: Start (value set to 0x00000002 (2)) registry: HKLM\system\CurrentControlSet\Services\wscsvc: Start (value set to 0x00000002 (2)) registry: HKLM\system\CurrentControlSet\Services\wuauserv: Start (value set to 0x00000002 (2)) registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC}\AutoStart (value set to "") W32.Downadup has been successfully removed from your computer! Here is the report: The total number of the scanned files: 77865 The number of deleted threat files: 1 The number of threat processes terminated: 1 The number of threat threads terminated: 6 The number of registry entries fixed: 5 The tool initiated a system reboot. merci de regarder

RE Apollo Voir ci dessous les log apres avoir lance la recuperation du console: ComboFix 10-02-01.05 - LD 02/02/2010 19:49:16.2.1 - x86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1022.501 [GMT 1:00] Lancé depuis: c:\documents and settings\LD\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\LD\Bureau\WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\test.txt . ((((((((((((((((((((((((((((( Fichiers créés du 2010-01-02 au 2010-02-02 )))))))))))))))))))))))))))))))))))) . 2010-02-01 20:58 . 2010-02-01 20:58 -------- d-----w- c:\documents and settings\LD\Application Data\Malwarebytes 2010-02-01 20:57 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-01 20:57 . 2010-02-01 20:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-02-01 20:57 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-02-01 20:57 . 2010-02-01 20:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-31 00:26 . 2010-01-31 00:27 15942656 ----a-w- c:\program files\IE7Setup.exe 2010-01-30 22:52 . 2010-01-30 22:52 -------- d-----w- c:\program files\MSBuild 2010-01-30 22:49 . 2010-01-30 22:49 -------- d-----w- c:\program files\Microsoft Works 2010-01-30 22:49 . 2010-01-30 22:49 -------- d-----w- c:\program files\Microsoft.NET 2010-01-30 22:47 . 2010-01-30 22:47 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2010-01-30 22:43 . 2010-01-30 22:43 -------- d-----r- C:\MSOCache 2010-01-30 22:12 . 2006-04-28 00:51 29968 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll 2010-01-30 22:12 . 2006-04-28 00:51 29968 ----a-w- c:\windows\system32\mdimon.dll 2010-01-30 22:02 . 2010-01-30 22:02 -------- d-----w- c:\documents and settings\LD\Local Settings\Application Data\Microsoft Help 2010-01-30 22:02 . 2010-01-31 00:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-01-29 21:44 . 2010-01-29 21:44 4841606 ----a-w- c:\program files\emuleplus12b.exe 2010-01-26 21:28 . 2010-02-01 22:10 -------- d-----w- c:\documents and settings\LD\Local Settings\Application Data\AskToolbar 2010-01-26 21:11 . 2010-01-27 20:46 -------- d-----w- c:\program files\SopCast 2010-01-26 21:11 . 2010-01-26 21:11 -------- d-----w- c:\program files\Ask.com 2010-01-26 21:10 . 2009-07-09 14:13 5529301 ----a-w- c:\program files\Setup-SopCast-3.2.4-2009-7-9.exe 2010-01-26 21:08 . 2010-01-26 21:08 1436618 ----a-w- c:\program files\winrar_winrar_3.91_final_32_bits_francais_9632.exe 2010-01-26 21:00 . 2010-01-26 21:00 5419576 ----a-w- c:\program files\SopCast-3.2.4.zip 2010-01-25 17:55 . 2010-01-25 17:55 -------- d-----w- c:\documents and settings\LD\Application Data\live-player 2010-01-25 17:54 . 2010-01-26 19:54 -------- d-----w- c:\program files\Live-Player 2010-01-25 17:53 . 2010-01-25 17:53 895398 ----a-w- c:\program files\Live-Player_setup.exe 2010-01-20 21:35 . 2010-01-20 21:37 -------- d-----w- c:\documents and settings\LD\nimbuzz 2010-01-20 21:33 . 2010-01-20 21:34 10311271 ----a-w- c:\program files\InstallNimbuzz.exe 2010-01-20 21:25 . 2010-01-20 21:25 -------- d-----w- c:\program files\Full Pack Messengers 2010-01-10 13:54 . 2010-01-10 13:54 -------- d-----w- c:\documents and settings\LD\Application Data\MSNInstaller 2010-01-05 07:38 . 2010-01-12 07:57 1924744 ----a-w- c:\documents and settings\LD\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-02 18:23 . 2009-12-29 21:05 -------- d-----w- c:\program files\comodo 2010-02-01 21:59 . 2009-12-29 21:35 1049937 ----a-w- c:\windows\system32\drivers\sfi.dat 2010-01-31 00:45 . 2009-10-12 21:17 -------- d-----w- c:\program files\Proxifier 2010-01-31 00:14 . 2009-10-11 16:21 73448 ---ha-w- c:\windows\system32\mlfcache.dat 2010-01-31 00:08 . 2007-11-13 20:37 97328 ----a-w- c:\documents and settings\LD\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-30 23:57 . 2004-08-05 12:00 76582 ----a-w- c:\windows\system32\perfc00C.dat 2010-01-30 23:57 . 2004-08-05 12:00 471484 ----a-w- c:\windows\system32\perfh00C.dat 2010-01-29 23:53 . 2009-10-29 18:36 -------- d-----w- c:\program files\Google 2010-01-19 13:30 . 2009-12-26 15:36 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs 2010-01-11 21:22 . 2007-11-17 01:28 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-01-10 00:24 . 2008-02-12 11:32 -------- d-----w- c:\program files\Windows Live 2010-01-10 00:23 . 2008-02-12 11:44 -------- d-----w- c:\program files\Windows Live Toolbar 2010-01-05 18:53 . 2009-12-26 14:08 -------- d-----w- c:\documents and settings\LD\Application Data\Skype 2010-01-05 18:14 . 2009-12-26 14:10 -------- d-----w- c:\documents and settings\LD\Application Data\skypePM 2009-12-29 21:27 . 2009-12-29 21:27 -------- d-----w- c:\documents and settings\LD\Application Data\Comodo 2009-12-28 17:15 . 2009-12-26 21:49 -------- d-----w- c:\program files\Free Music Zilla 2009-12-26 21:49 . 2009-12-26 21:49 -------- d-----w- c:\documents and settings\LD\Application Data\FMZilla 2009-12-26 15:37 . 2009-12-26 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Logishrd 2009-12-26 15:36 . 2009-12-26 15:25 -------- d-----w- c:\program files\Fichiers communs\LogiShrd 2009-12-26 15:28 . 2009-12-26 15:28 10134 ----a-r- c:\documents and settings\LD\Application Data\Microsoft\Installer\{35725FBC-A136-4A46-9F29-091759D9BB93}\ARPPRODUCTICON.exe 2009-12-26 15:26 . 2009-12-26 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech 2009-12-26 15:25 . 2009-12-17 13:56 -------- d-----w- c:\program files\Logitech 2009-12-26 15:24 . 2009-12-26 15:24 32227136 ----a-w- c:\program files\qc1110.exe 2009-12-26 14:10 . 2009-12-26 14:10 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-12-26 14:07 . 2009-12-26 14:07 -------- d-----r- c:\program files\Skype 2009-12-26 14:07 . 2009-12-26 14:07 -------- d-----w- c:\program files\Fichiers communs\Skype 2009-12-26 14:06 . 2009-12-26 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-12-23 22:12 . 2009-12-23 22:12 -------- d-----w- c:\documents and settings\LD\Application Data\U3 2009-12-19 15:35 . 2009-12-19 15:33 -------- d-----w- c:\program files\iTunes 2009-12-19 15:33 . 2009-12-19 15:33 -------- d-----w- c:\program files\iPod 2009-12-19 15:33 . 2008-04-15 07:05 -------- d-----w- c:\program files\Fichiers communs\Apple 2009-12-19 15:29 . 2009-12-19 15:28 -------- d-----w- c:\program files\QuickTime 2009-12-19 15:25 . 2009-12-19 15:25 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-19 15:22 . 2009-10-18 11:57 -------- d-----w- c:\program files\Safari 2009-12-19 15:19 . 2009-12-19 15:19 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe 2009-10-29 18:35 . 2009-10-29 18:35 570208 ----a-w- c:\program files\googleupdatesetup.exe 2009-10-13 19:35 . 2009-10-13 19:35 4143779 ----a-w- c:\program files\cdburn.exe 2009-10-13 19:01 . 2009-10-13 17:49 349179796 ----a-w- c:\program files\live cd linux.iso.download 2009-10-13 17:39 . 2009-10-13 17:41 9807176 ----a-w- c:\program files\winzip121fr.exe 2009-10-12 21:16 . 2009-10-12 21:19 870277 ----a-w- c:\program files\ProxifierSetup.exe 2009-10-12 20:53 . 2009-11-12 20:45 13273454 ----a-w- c:\program files\freedom-20091006-01.exe 2009-10-12 20:50 . 2009-10-12 20:09 168870752 ----a-w- c:\program files\java_ee_sdk-5_07-jdk-6u16-windows.exe 2009-03-01 20:17 . 2009-03-01 22:36 52307672 ----a-w- c:\program files\AVSVideoConverter.exe 2009-03-01 16:40 . 2009-03-01 22:43 964447 ----a-w- c:\program files\video-mp3-extractor.exe 2008-02-05 21:15 . 2008-02-05 21:14 3263620 ----a-w- c:\program files\GLM-FLV-Player1.7.exe 2008-02-05 21:01 . 2008-02-05 21:01 97696 ----a-w- c:\program files\install_Windows Media Player_.exe 2008-02-05 20:59 . 2008-02-05 20:58 9733451 ----a-w- c:\program files\vlc_vlc_0.8.6d_francais_10829.exe 2008-02-04 20:19 . 2008-02-04 20:19 17026448 ----a-w- c:\program files\DivXBundle.exe 2008-01-14 21:32 . 2008-01-14 21:32 1491592 ----a-w- c:\program files\flash-player_flash_player_9.0.115.0_version_firefox_opera_mozilla_francais_21292.exe 2008-01-09 20:01 . 2008-01-09 20:01 7639560 ----a-w- c:\program files\azureus_azureus_3.0.3.4_francais_11926.exe 2009-03-21 14:20 . 2004-08-05 12:00 168371 --sha-r- c:\windows\system32\afwmm.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2009-06-04 17:04 1144712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-06-04 1144712] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-06-04 1144712] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 1232896] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-04-16 1079808] "Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-26 4351216] "Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-26 4351216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-22 339968] "Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-02-17 233534] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152] "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316] "eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816] "SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_02\bin\jusched.exe" [2005-03-04 36975] "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-04-11 794624] "AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600] "LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288] c:\documents and settings\LD\Menu D‚marrer\Programmes\D‚marrage\ Lanceur.lnk - c:\program files\Micro Application\LauncherMA.exe [2009-2-10 485376] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-7-13 525640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] 2009-05-26 19:06 4351216 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "iPodService"=3 (0x3) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\LD\\Programme dowload\\eMule\\eMule.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= "c:\\Program Files\\VirtualDJ\\virtualdj.exe"= "c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\InstTool.exe"= "c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe"= "c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"= "c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\VersionCheck\\VersionCheck.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Your Freedom\\freedom.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Free Music Zilla\\FMZilla.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6627:TCP"= 6627:TCP:emule plus v1.2b "6630:UDP"= 6630:UDP:eMule plus v1.2b "9726:TCP"= 9726:TCP:agkctiqd [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R2 WUSB300NSvc;WUSB300NSvc;c:\program files\Linksys\WUSB300N\WLService.exe [19/07/2008 18:05 53307] R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [09/11/2007 06:00 200192] R3 NuVision;Hauppauge WinTV USB Pro (PAL/SECAM);c:\windows\system32\drivers\Nuvision.sys [09/11/2007 23:49 259996] S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29/10/2009 19:36 133104] S2 zcfow;Shell Security;c:\windows\system32\svchost.exe -k netsvcs [05/08/2004 13:00 14336] S3 AF9035BDA;Cinergy T-Stick service;c:\windows\system32\drivers\AF9035BDA.sys [07/10/2009 20:19 245720] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs zcfow . Contenu du dossier 'Tâches planifiées' 2010-01-19 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-10-29 18:36] 2010-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-10-29 18:36] 2010-02-02 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2009-06-04 17:04] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://google.mini20.com uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=presario&pf=laptop uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = 192.168.1.2:8080 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\LD\Application Data\Mozilla\Firefox\Profiles\23f9wrst.default\ FF - prefs.js: browser.search.selectedEngine - Chercher Malin FF - prefs.js: browser.startup.homepage - hxxp://www.cherchermalin.com/?t=Q1001251324&s=h FF - component: c:\program files\Comodo\HopSurfToolbar\hopsurfext_ff3\components\hopsurf.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJPI150_02.dll FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPOJI610.dll ---- PARAMETRES FIREFOX ---- FF - user.js: yahoo.homepage.dontask - true. ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-02 19:55 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????9?8?1?2??????? ???B?????????????hLC? ?????? Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\zcfow] "ServiceDll"="c:\windows\system32\afwmm.dll" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(708) c:\windows\system32\Ati2evxx.dll . Heure de fin: 2010-02-02 19:58:40 ComboFix-quarantined-files.txt 2010-02-02 18:58 ComboFix2.txt 2010-02-01 22:30 Avant-CF: 13 795 786 752 octets libres Après-CF: 13 752 913 920 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect - - End Of File - - 1FA96C7D2AF7E313E53D05E14DADE803

Bonjour Apollo je vous remercie de votre réponse je viens de voir les instructions je les applique et je vous tiens informe merci d'avance