tony00

Avira AntiVir Personal Date de création du fichier de rapport : jeudi 25 mars 2010 18:43 La recherche porte sur 1905401 souches de virus. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows XP Version de Windows : (Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : MONTET-2650BF13 Informations de version : BUILD.DAT : 9.0.0.75 21698 Bytes 22/01/2010 23:14:00 AVSCAN.EXE : 9.0.3.10 466689 Bytes 20/11/2009 19:40:25 AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02 LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11 LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 19:40:25 VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 19:40:25 VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 21:18:14 VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 21:18:16 VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 15:32:00 VBASE005.VDF : 7.10.4.204 2048 Bytes 05/03/2010 15:32:00 VBASE006.VDF : 7.10.4.205 2048 Bytes 05/03/2010 15:32:00 VBASE007.VDF : 7.10.4.206 2048 Bytes 05/03/2010 15:32:00 VBASE008.VDF : 7.10.4.207 2048 Bytes 05/03/2010 15:32:01 VBASE009.VDF : 7.10.4.208 2048 Bytes 05/03/2010 15:32:01 VBASE010.VDF : 7.10.4.209 2048 Bytes 05/03/2010 15:32:01 VBASE011.VDF : 7.10.4.210 2048 Bytes 05/03/2010 15:32:01 VBASE012.VDF : 7.10.4.211 2048 Bytes 05/03/2010 15:32:01 VBASE013.VDF : 7.10.4.242 153088 Bytes 08/03/2010 15:32:02 VBASE014.VDF : 7.10.5.17 99328 Bytes 10/03/2010 15:32:02 VBASE015.VDF : 7.10.5.44 107008 Bytes 11/03/2010 15:32:03 VBASE016.VDF : 7.10.5.69 92672 Bytes 12/03/2010 15:32:03 VBASE017.VDF : 7.10.5.91 119808 Bytes 15/03/2010 15:32:04 VBASE018.VDF : 7.10.5.121 112640 Bytes 18/03/2010 15:32:04 VBASE019.VDF : 7.10.5.138 139776 Bytes 18/03/2010 15:32:05 VBASE020.VDF : 7.10.5.164 113152 Bytes 22/03/2010 15:18:19 VBASE021.VDF : 7.10.5.182 108032 Bytes 23/03/2010 16:13:12 VBASE022.VDF : 7.10.5.199 123904 Bytes 24/03/2010 17:38:21 VBASE023.VDF : 7.10.5.200 2048 Bytes 24/03/2010 17:38:21 VBASE024.VDF : 7.10.5.201 2048 Bytes 24/03/2010 17:38:22 VBASE025.VDF : 7.10.5.202 2048 Bytes 24/03/2010 17:38:22 VBASE026.VDF : 7.10.5.203 2048 Bytes 24/03/2010 17:38:22 VBASE027.VDF : 7.10.5.204 2048 Bytes 24/03/2010 17:38:22 VBASE028.VDF : 7.10.5.205 2048 Bytes 24/03/2010 17:38:22 VBASE029.VDF : 7.10.5.206 2048 Bytes 24/03/2010 17:38:23 VBASE030.VDF : 7.10.5.207 2048 Bytes 24/03/2010 17:38:23 VBASE031.VDF : 7.10.5.215 98816 Bytes 25/03/2010 17:38:24 Version du moteur : 8.2.1.196 AEVDF.DLL : 8.1.1.3 106868 Bytes 03/02/2010 21:18:24 AESCRIPT.DLL : 8.1.3.18 1024378 Bytes 22/03/2010 15:32:15 AESCN.DLL : 8.1.5.0 127347 Bytes 28/02/2010 17:33:33 AESBX.DLL : 8.1.2.1 254323 Bytes 22/03/2010 15:32:15 AERDL.DLL : 8.1.4.3 541043 Bytes 22/03/2010 15:32:14 AEPACK.DLL : 8.2.1.1 426358 Bytes 22/03/2010 15:32:13 AEOFFICE.DLL : 8.1.0.41 201083 Bytes 22/03/2010 15:32:12 AEHEUR.DLL : 8.1.1.13 2470262 Bytes 22/03/2010 15:32:11 AEHELP.DLL : 8.1.10.2 237941 Bytes 22/03/2010 15:32:07 AEGEN.DLL : 8.1.3.2 373108 Bytes 22/03/2010 15:32:07 AEEMU.DLL : 8.1.1.0 393587 Bytes 13/10/2009 17:08:11 AECORE.DLL : 8.1.12.3 188789 Bytes 22/03/2010 15:32:06 AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30 AVPREF.DLL : 9.0.3.0 44289 Bytes 27/09/2009 15:10:02 AVREP.DLL : 8.0.0.7 159784 Bytes 19/02/2010 15:14:05 AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42 AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37 SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57 NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 04/08/2009 22:23:02 RCTEXT.DLL : 9.0.73.0 88321 Bytes 20/11/2009 19:40:24 Configuration pour la recherche actuelle : Nom de la tâche...............................: Contrôle intégral du système Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Début de la recherche : jeudi 25 mars 2010 18:43 La recherche d'objets cachés commence. c:\documents and settings\anthony\cookies\anthony@criteo[1].txt [iNFO] Le fichier n'est pas visible. [REMARQUE] Une copie de sécurité a été créée sous le nom 4c1fa1a8.qua ( QUARANTAINE ) '43837' objets ont été contrôlés, '1' objets cachés ont été trouvés. La recherche sur les processus démarrés commence : Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés

je vien de me rendre compte que la touche 2 correspond a la suppression voici le rapport de la vaccination. ############################## | UsbFix V6.100 | User : Anthony (Administrateurs) # MONTET-2650BF13 Update on 18/03/2010 by El Desaparecido , C_XX & Chimay8 Start at: 19:56:19 | 24/03/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com Intel® Pentium® 4 CPU 3.40GHz Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Disabled AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ] C:\ -> Disque fixe local # 111,78 Go (45,62 Go free) # NTFS D:\ -> Disque CD-ROM E:\ -> Disque CD-ROM # 4,79 Mo (0 Mo free) [Photos] # CDFS ################## | Vaccination | # C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido). ################## | ! Fin du rapport # UsbFix V6.100 ! |

le PC vien de redemarer et me donne le rapport suivant: ############################## | UsbFix V6.100 | User : Anthony (Administrateurs) # MONTET-2650BF13 Update on 18/03/2010 by El Desaparecido , C_XX & Chimay8 Start at: 19:49:34 | 24/03/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com Intel® Pentium® 4 CPU 3.40GHz Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Disabled AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ] C:\ -> Disque fixe local # 111,78 Go (45,61 Go free) # NTFS D:\ -> Disque CD-ROM E:\ -> Disque CD-ROM # 4,79 Mo (0 Mo free) [Photos] # CDFS ################## | Elements infectieux | Supprimé ! C:\Recycler\S-1-5-21-117609710-583907252-839522115-1004 ################## | Registre | Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives" Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives" ################## | Mountpoints2 | ################## | Listing des fichiers présent | [24/03/2010 17:27|--a------|5184] C:\Ad-Report-CLEAN[1].txt [24/03/2010 17:22|--a------|4888] C:\Ad-Report-SCAN[1].txt [04/08/2009 22:17|--a------|0] C:\AUTOEXEC.BAT [23/03/2010 19:04|--a------|216] C:\Boot.bak [23/03/2010 21:56|-rahs----|286] C:\boot.ini [05/08/2004 13:00|-rahs----|4952] C:\Bootfont.bin [03/08/2004 23:00|--a------|263488] C:\cmldr [23/03/2010 22:04|--a------|9749] C:\ComboFix.txt [04/08/2009 22:17|--a------|0] C:\CONFIG.SYS [04/08/2009 22:17|-rahs----|0] C:\IO.SYS [04/08/2009 22:17|-rahs----|0] C:\MSDOS.SYS [05/08/2004 13:00|-rahs----|47564] C:\NTDETECT.COM [22/03/2010 17:01|-rahs----|252240] C:\ntldr [29/02/2004 16:44|--a------|52576] C:\orange.bmp [?|?|?] C:\pagefile.sys [23/03/2010 19:26|--a------|389] C:\rkill.log [24/03/2010 19:52|--a------|1900] C:\UsbFix.txt [16/05/2005 16:33|-r-------|36956] E:\1-Photo Bleu Marine.jpg [05/11/2007 18:34|-r-------|336572] E:\Identit‚s Mr Montet_1.jpg [05/11/2007 18:34|-r-------|312213] E:\Identit‚s Mr Montet_2.jpg ################## | Vaccination | # C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido). ################## | Upload | Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_MONTET-2650BF13.zip : http://chiquitine.changelog.fr/Sample/Upload.php Merci pour votre contribution . ################## | ! Fin du rapport # UsbFix V6.100 ! |

############################## | UsbFix V6.100 | User : Anthony (Administrateurs) # MONTET-2650BF13 Update on 18/03/2010 by El Desaparecido , C_XX & Chimay8 Start at: 19:03:07 | 24/03/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com Intel® Pentium® 4 CPU 3.40GHz Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Disabled AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ] C:\ -> Disque fixe local # 111,78 Go (45,68 Go free) # NTFS D:\ -> Disque CD-ROM E:\ -> Disque CD-ROM # 4,79 Mo (0 Mo free) [Photos] # CDFS ################## | Elements infectieux | ################## | Registre | [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives" [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives" ################## | Mountpoints2 | ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné ! ################## | ! Fin du rapport # UsbFix V6.100 ! |

Logfile of random's system information tool 1.06 (written by random/random) Run by Anthony at 2010-03-24 18:51:48 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 47 GB (41%) free of 114 GB Total RAM: 1023 MB (43% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:51:58, on 24/03/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\program files\steam\steam.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Anthony\Bureau\RSIT.exe C:\Program Files\trend micro\Anthony.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [HomePlayer] C:\Program Files\HomePlayer\HomePlayer.exe -autostart O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: PyGrenouille.lnk = C:\Program Files\PyGrenouille\pygrenouille.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1269272181383 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1258469504343 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{06E5EC13-5606-48F8-B972-85B673C5ADD7}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CCS\Services\Tcpip\..\{1E6050A5-8C48-4B34-BFDB-A9A7B437862B}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CCS\Services\Tcpip\..\{8E55DB6B-EBF8-4B65-8F5A-10FC7C478DA4}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS1\Services\Tcpip\..\{06E5EC13-5606-48F8-B972-85B673C5ADD7}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS2\Services\Tcpip\..\{06E5EC13-5606-48F8-B972-85B673C5ADD7}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS3\Services\Tcpip\..\{06E5EC13-5606-48F8-B972-85B673C5ADD7}: NameServer = 212.27.53.252,212.27.54.252 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 7601 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Norton Security Scan for Anthony.job C:\WINDOWS\tasks\User_Feed_Synchronization-{52173315-1334-432F-9171-250ACDBE1DDF}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-25 61440] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-08-24 18702336] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280] "HomePlayer"=C:\Program Files\HomePlayer\HomePlayer.exe [2007-11-06 294912] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2009-08-16 955392] "Steam"=c:\program files\steam\steam.exe [2010-02-28 1217872] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE PyGrenouille.lnk - C:\Program Files\PyGrenouille\pygrenouille.exe C:\Documents and Settings\Anthony\Menu Démarrer\Programmes\Démarrage LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus" "C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Steam\steamapps\montetanthony\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\montetanthony\counter-strike source\hl2.exe:*:Enabled:hl2" "C:\Program Files\HomePlayer\HomePlayer.exe"="C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer" "C:\Program Files\HomePlayer\VLC\vlc.exe"="C:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2010-03-24 18:51:49 ----D---- C:\Program Files\trend micro 2010-03-24 18:51:48 ----D---- C:\rsit 2010-03-24 17:42:12 ----D---- C:\Program Files\RealVNC 2010-03-24 17:24:57 ----A---- C:\Ad-Report-CLEAN[1].txt 2010-03-24 17:23:47 ----D---- C:\WINDOWS\LastGood 2010-03-24 17:19:28 ----A---- C:\Ad-Report-SCAN[1].txt 2010-03-24 17:19:12 ----D---- C:\Ad-Remover 2010-03-23 23:15:44 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$ 2010-03-23 23:15:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2010-03-23 23:12:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-03-23 23:12:41 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ 2010-03-23 23:12:12 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-03-23 23:12:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2010-03-23 23:11:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2010-03-23 23:11:49 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2010-03-23 23:11:41 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$ 2010-03-23 23:11:34 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$ 2010-03-23 23:11:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-03-23 23:11:16 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-03-23 23:11:11 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2010-03-23 23:11:02 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$ 2010-03-23 23:10:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2010-03-23 23:10:30 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2010-03-23 23:10:03 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-03-23 23:09:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$ 2010-03-23 23:09:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2010-03-23 23:09:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2010-03-23 23:09:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$ 2010-03-23 23:09:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$ 2010-03-23 23:09:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2010-03-23 23:09:00 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2010-03-23 23:08:55 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-03-23 23:08:49 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-03-23 23:08:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2010-03-23 23:08:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2010-03-23 23:08:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$ 2010-03-23 23:07:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2010-03-23 23:06:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$ 2010-03-23 23:06:10 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$ 2010-03-23 23:05:48 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$ 2010-03-23 23:05:16 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2010-03-23 23:05:08 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$ 2010-03-23 23:05:00 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-03-23 23:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-03-23 23:04:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2010-03-23 23:03:18 ----SHD---- C:\Config.Msi 2010-03-23 23:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$ 2010-03-23 23:02:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2010-03-23 23:02:15 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2010-03-23 23:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2010-03-23 23:01:56 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ 2010-03-23 22:45:50 ----SHD---- C:\RECYCLER 2010-03-23 22:04:09 ----A---- C:\ComboFix.txt 2010-03-23 21:56:32 ----A---- C:\Boot.bak 2010-03-23 21:56:28 ----RASHD---- C:\cmdcons 2010-03-23 21:55:26 ----A---- C:\WINDOWS\zip.exe 2010-03-23 21:55:26 ----A---- C:\WINDOWS\SWXCACLS.exe 2010-03-23 21:55:26 ----A---- C:\WINDOWS\SWSC.exe 2010-03-23 21:55:26 ----A---- C:\WINDOWS\SWREG.exe 2010-03-23 21:55:26 ----A---- C:\WINDOWS\sed.exe 2010-03-23 21:55:26 ----A---- C:\WINDOWS\PEV.exe 2010-03-23 21:55:26 ----A---- C:\WINDOWS\NIRCMD.exe 2010-03-23 21:55:26 ----A---- C:\WINDOWS\MBR.exe 2010-03-23 21:55:26 ----A---- C:\WINDOWS\grep.exe 2010-03-23 21:55:21 ----D---- C:\WINDOWS\ERDNT 2010-03-23 21:55:21 ----D---- C:\CCM 2010-03-23 21:41:20 ----D---- C:\Qoobox 2010-03-23 19:11:25 ----D---- C:\Documents and Settings\Anthony\Application Data\Malwarebytes 2010-03-23 19:11:18 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-03-23 19:11:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-03-23 15:38:59 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2010-03-23 15:38:59 ----A---- C:\WINDOWS\system32\mucltui.dll 2010-03-23 15:36:57 ----D---- C:\WINDOWS\Prefetch 2010-03-22 18:50:00 ----D---- C:\Documents and Settings\Anthony\Application Data\LimeWire 2010-03-22 18:49:30 ----D---- C:\Program Files\LimeWire 2010-03-22 17:19:55 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ 2010-03-22 17:19:48 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2010-03-22 17:19:39 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$ 2010-03-22 17:19:30 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2010-03-22 17:19:23 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2010-03-22 17:19:15 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$ 2010-03-22 17:19:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2010-03-22 17:19:00 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2010-03-22 17:18:52 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2010-03-22 17:18:45 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2010-03-22 17:18:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2010-03-22 17:18:26 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2010-03-22 17:18:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2010-03-22 17:18:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2010-03-22 17:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2010-03-22 17:17:39 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2010-03-22 17:17:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2010-03-22 17:17:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2010-03-22 17:17:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2010-03-22 17:17:05 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2010-03-22 17:16:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2010-03-22 17:16:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2010-03-22 17:16:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2010-03-22 17:16:28 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2010-03-22 17:16:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2010-03-22 17:16:10 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2010-03-22 17:16:01 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$ 2010-03-22 17:15:51 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2010-03-22 17:12:53 ----A---- C:\WINDOWS\setuplog.txt 2010-03-22 17:11:02 ----D---- C:\WINDOWS\system32\fr 2010-03-22 17:11:02 ----D---- C:\WINDOWS\l2schemas 2010-03-22 17:11:01 ----D---- C:\WINDOWS\system32\bits 2010-03-22 17:05:49 ----D---- C:\WINDOWS\ServicePackFiles 2010-03-22 17:01:46 ----D---- C:\WINDOWS\network diagnostic 2010-03-22 16:58:58 ----N---- C:\WINDOWS\system32\spmsg.dll 2010-03-22 16:53:07 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2010-03-22 16:53:05 ----D---- C:\WINDOWS\EHome ======List of files/folders modified in the last 1 months====== 2010-03-24 18:51:49 ----RD---- C:\Program Files 2010-03-24 18:12:18 ----RSD---- C:\WINDOWS\assembly 2010-03-24 18:09:59 ----D---- C:\WINDOWS\Microsoft.NET 2010-03-24 17:41:47 ----D---- C:\Documents and Settings\Anthony\Application Data\Azureus 2010-03-24 17:27:09 ----D---- C:\WINDOWS\Temp 2010-03-24 17:24:07 ----HD---- C:\WINDOWS\inf 2010-03-24 17:23:59 ----HD---- C:\WINDOWS\$hf_mig$ 2010-03-24 17:23:58 ----D---- C:\WINDOWS 2010-03-24 17:15:09 ----D---- C:\WINDOWS\system32\config 2010-03-24 17:11:36 ----D---- C:\Program Files\Steam 2010-03-24 17:11:35 ----D---- C:\WINDOWS\system32\CatRoot2 2010-03-24 17:10:30 ----D---- C:\WINDOWS\system32 2010-03-24 17:10:29 ----D---- C:\WINDOWS\AppPatch 2010-03-23 23:15:58 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-03-23 23:15:40 ----A---- C:\WINDOWS\imsins.BAK 2010-03-23 23:15:36 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-03-23 23:15:33 ----D---- C:\Program Files\Internet Explorer 2010-03-23 23:15:23 ----D---- C:\WINDOWS\ie8updates 2010-03-23 23:15:06 ----SHD---- C:\WINDOWS\Installer 2010-03-23 23:14:56 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-03-23 23:14:34 ----D---- C:\WINDOWS\WinSxS 2010-03-23 23:12:53 ----D---- C:\WINDOWS\system32\drivers 2010-03-23 23:12:33 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-03-23 23:10:52 ----D---- C:\WINDOWS\system32\CatRoot 2010-03-23 23:09:30 ----D---- C:\Program Files\Movie Maker 2010-03-23 23:08:07 ----D---- C:\Program Files\Outlook Express 2010-03-23 23:04:26 ----D---- C:\WINDOWS\Registration 2010-03-23 22:03:35 ----SD---- C:\WINDOWS\Tasks 2010-03-23 22:02:58 ----A---- C:\WINDOWS\system.ini 2010-03-23 22:00:10 ----D---- C:\Program Files\Fichiers communs 2010-03-23 21:56:32 ----RASH---- C:\boot.ini 2010-03-23 19:04:33 ----A---- C:\WINDOWS\win.ini 2010-03-23 19:01:38 ----AC---- C:\WINDOWS\ntbtlog.txt 2010-03-23 15:39:02 ----AC---- C:\WINDOWS\OEWABLog.txt 2010-03-23 15:36:19 ----D---- C:\WINDOWS\system32\Setup 2010-03-23 15:36:18 ----D---- C:\WINDOWS\system32\wbem 2010-03-23 15:36:15 ----RSD---- C:\WINDOWS\Fonts 2010-03-22 22:50:39 ----D---- C:\WINDOWS\security 2010-03-22 18:41:54 ----AC---- C:\WINDOWS\NeroDigital.ini 2010-03-22 18:06:23 ----D---- C:\Program Files\Vuze 2010-03-22 17:16:12 ----D---- C:\Program Files\Messenger 2010-03-22 17:11:33 ----D---- C:\WINDOWS\ime 2010-03-22 17:11:33 ----D---- C:\WINDOWS\Help 2010-03-22 17:11:05 ----D---- C:\WINDOWS\system32\fr-fr 2010-03-22 17:11:04 ----D---- C:\WINDOWS\system32\usmt 2010-03-22 17:11:01 ----D---- C:\WINDOWS\PeerNet 2010-03-22 17:05:35 ----D---- C:\WINDOWS\system32\Restore 2010-03-22 17:05:35 ----D---- C:\WINDOWS\system32\npp 2010-03-22 17:05:28 ----D---- C:\WINDOWS\msagent 2010-03-22 17:05:26 ----D---- C:\WINDOWS\srchasst 2010-03-22 17:05:25 ----D---- C:\Program Files\NetMeeting 2010-03-22 17:05:22 ----D---- C:\WINDOWS\system32\Com 2010-03-22 17:05:18 ----D---- C:\Program Files\Windows Media Player 2010-03-22 17:05:17 ----D---- C:\Program Files\Windows NT 2010-03-22 17:05:12 ----D---- C:\Program Files\Fichiers communs\System 2010-03-22 17:04:39 ----D---- C:\WINDOWS\system32\oobe 2010-03-22 17:04:36 ----D---- C:\WINDOWS\system 2010-03-22 16:58:53 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-03-22 16:36:32 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-03-01 21:30:14 ----AC---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-08-04 28520] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-11 56816] R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-25 3565568] R3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2007-02-03 1075360] R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-02-27 42496] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-08-31 5891584] R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-02-03 41504] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver; C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2005-05-14 260608] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736] S3 catchme;catchme; \??\C:\DOCUME~1\Anthony\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-08-04 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-20 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-25 602112] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- en attende de tes consignes, encore merci pour ton aide.

Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3908 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 24/03/2010 18:50:34 mbam-log-2010-03-24 (18-50-34).txt Type de recherche: Examen complet (C:\|D:\|E:\|) Eléments examinés: 193295 Temps écoulé: 1 hour(s), 0 minute(s), 17 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

oui c'est en train de se faire j'avais un doute que tu parle bien de se logiciel là.

désoler je ne comprend pas tout tu me parle de quel onglet mise a jour ? Tu parle bien de malwaire c bien ça ?

Etape 1 Scanner rapport: . ======= RAPPORT D'AD-REMOVER 2.0.0.0,B | UNIQUEMENT XP/VISTA/7 ======= . Mis à jour par C_XX le 23/03/10 à 14:00 Contact: AdRemover.contact@gmail.com Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html . Lancé à: 17:19:14 le 24/03/2010 | Mode normal | Option: SCAN Exécuté de: C:\Ad-Remover\ADR.exe SE: Microsoft® Windows XP™ Service Pack 3 - X86 Nom du PC: MONTET-2650BF13 | Utilisateur actuel: Anthony (Administrateur) . ============== ÉLÉMENT(S) TROUVÉ(S) ============== . Service: *ASKService* Service: *ASKUpgrade* . C:\Program Files\AskBarDis . HKCU\Software\AppDataLow\AskBarDis HKCU\Software\AskBarDis HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98} HKLM\Software\AppDataLow\AskBarDis HKLM\Software\AskBarDis HKLM\Software\Classes\AskIBar.PopSwatterBarButton HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1 HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1 HKLM\Software\Classes\AskToolBar.SettingsPlugin HKLM\Software\Classes\AskToolBar.SettingsPlugin.1 HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f} HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2} HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E} HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed} HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98} HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60} HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf} HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b} HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362} HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA} HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9} HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742} HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150} HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2} HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1 HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98} HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98} . ============== SCAN ADDITIONNEL ============== . * Mozilla FireFox Version 3.5.3 (fr) * . C:\Documents and Settings\Anthony\..\odhrnnm3.default\prefs.js - browser.download.lastDir: C:\\Documents and Settings\\Anthony\\Bureau\\Anthony\\Publicitée C:\Documents and Settings\Anthony\..\odhrnnm3.default\prefs.js - browser.startup.homepage: hxxp://www.google.fr C:\Documents and Settings\Anthony\..\odhrnnm3.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.1.3 . . * Internet Explorer Version 8.0.6001.18702 * . [HKCU\Software\Microsoft\Internet Explorer\Main] . AutoHide: yes Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Show_ToolBar: yes Start Page: hxxp://www.google.fr/webhp?hl=fr . [HKLM\Software\Microsoft\Internet Explorer\Main] . Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157 Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157 . [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] . Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm . ============== SUSPECT(S) ============== . C:\Documents and Settings\Anthony\Mes documents\Logiciels\V3.7 vista\Winrar 3.70 Final Incl Keygen-Core\Winrar 3.70 Final Incl Keygen-Core\WinRAR 3.70 Final\wrar370.exe C:\Documents and Settings\Anthony\Mes documents\Logiciels\V3.7 vista\Winrar 3.70 Final Incl Keygen-Core.zip . ======================================== . C:\DOCUME~1\Anthony\LOCALS~1\Temp: 42 Fichier(s), 7 Dossier(s) C:\WINDOWS\temp: 10 Fichier(s), 7 Dossier(s) Temporary Internet Files: 342 Fichier(s), 18 Dossier(s) . C:\Ad-Remover\Quarantine: 0 Fichier(s) C:\Ad-Remover\Backup: 1 Fichier(s) . C:\Ad-Report-SCAN[1].txt - 4764 Octet(s) . Fin à: 17:22:46, 24/03/2010 . ============== E.O.F - SCAN[1] ============== ________________________________________________________________________________ _________________________ ________________________________________________________________________________ _________________________ Etape 2 nettoyer rapport : . ======= RAPPORT D'AD-REMOVER 2.0.0.0,B | UNIQUEMENT XP/VISTA/7 ======= . Mis à jour par C_XX le 23/03/10 à 14:00 Contact: AdRemover.contact@gmail.com Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html . Lancé à: 17:24:51 le 24/03/2010 | Mode normal | Option: CLEAN Exécuté de: C:\Ad-Remover\ADR.exe SE: Microsoft® Windows XP™ Service Pack 3 - X86 Nom du PC: MONTET-2650BF13 | Utilisateur actuel: Anthony (Administrateur) . ============== ÉLÉMENT(S) NEUTRALISÉ(S) ============== . Service: *ASKService* Service: *ASKUpgrade* . C:\Program Files\AskBarDis (!) -- Fichiers temporaires supprimés. . HKCU\Software\AppDataLow\AskBarDis HKCU\Software\AskBarDis HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98} HKLM\Software\AppDataLow\AskBarDis HKLM\Software\AskBarDis HKLM\Software\Classes\AskIBar.PopSwatterBarButton HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1 HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1 HKLM\Software\Classes\AskToolBar.SettingsPlugin HKLM\Software\Classes\AskToolBar.SettingsPlugin.1 HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f} HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2} HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E} HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed} HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98} HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60} HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf} HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b} HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362} HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA} HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9} HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742} HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150} HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2} HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1 HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98} HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98} . ============== SCAN ADDITIONNEL ============== . * Mozilla FireFox Version 3.5.3 (fr) * . C:\Documents and Settings\Anthony\..\odhrnnm3.default\prefs.js - browser.download.lastDir: C:\\Documents and Settings\\Anthony\\Bureau\\Anthony\\Publicitée C:\Documents and Settings\Anthony\..\odhrnnm3.default\prefs.js - browser.startup.homepage: hxxp://www.google.fr C:\Documents and Settings\Anthony\..\odhrnnm3.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.1.3 . . * Internet Explorer Version 8.0.6001.18702 * . [HKCU\Software\Microsoft\Internet Explorer\Main] . AutoHide: yes Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ . [HKLM\Software\Microsoft\Internet Explorer\Main] . Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ . [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] . Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm . ============== SUSPECT(S) ============== . C:\Documents and Settings\Anthony\Mes documents\Logiciels\V3.7 vista\Winrar 3.70 Final Incl Keygen-Core\Winrar 3.70 Final Incl Keygen-Core\WinRAR 3.70 Final\wrar370.exe C:\Documents and Settings\Anthony\Mes documents\Logiciels\V3.7 vista\Winrar 3.70 Final Incl Keygen-Core.zip . ======================================== . C:\DOCUME~1\Anthony\LOCALS~1\Temp: 2 Fichier(s), 7 Dossier(s) C:\WINDOWS\temp: 0 Fichier(s), 7 Dossier(s) Temporary Internet Files: 2 Fichier(s), 18 Dossier(s) . C:\Ad-Remover\Quarantine: 0 Fichier(s) C:\Ad-Remover\Backup: 14 Fichier(s) . C:\Ad-Report-CLEAN[1].txt - 5016 Octet(s) C:\Ad-Report-SCAN[1].txt - 4888 Octet(s) . Fin à: 17:27:28, 24/03/2010 . ============== E.O.F - CLEAN[1] ==============

Ok merci apollo quand je rentre chez moi je fais se que tu ma dis. J'ai utilisé combo fix en suivant la procédure marque sur le forum CCM apres avoir fais toute les autres étape. Je suis sur windows xp je sais plus si je l'avais marqué. Merci de ton aide c gentil.

Bonjour, Je me suis fais avoir bétement avec un message de sécuritée resemblent au message windows pour faire des mises a jours de sécuritées sur le PC, et je me suis rendu compte apres avoir accépter que c'été un virus. Je suis donc parti fouillé sur les forums si je trouvais des solution et j'ai suivi la technique suivant de se forum: http://www.commentcamarche.net/faq/24055-security-tool Je me retrouve donc avec un rapport de Combo Fix qui ne me parle pas du tout. Quelqun pourrait-il m'aider a me le traduir ou me donner la marche a suivre. Merci d'avance a tous c'est super de trouver des personnes qui aide les novices comme moi à se débarasser de tout ses cons de virus. ComboFix 10-03-23.03 - Anthony 23/03/2010 21:58:18.1.2 - x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.560 [GMT 1:00] Lancé depuis: c:\documents and settings\Anthony\Bureau\CCM.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . ((((((((((((((((((((((((((((( Fichiers créés du 2010-02-23 au 2010-03-23 )))))))))))))))))))))))))))))))))))) . 2010-03-23 18:11 . 2010-03-23 18:11 -------- d-----w- c:\documents and settings\Anthony\Application Data\Malwarebytes 2010-03-23 18:11 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-23 18:11 . 2010-03-23 18:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-03-23 18:11 . 2010-03-23 18:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-03-23 18:11 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-23 14:38 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2010-03-22 17:49 . 2010-03-22 17:49 -------- d-----w- c:\program files\LimeWire 2010-03-22 16:11 . 2010-03-22 16:11 -------- d-----w- c:\windows\system32\fr 2010-03-22 16:11 . 2010-03-22 16:11 -------- d-----w- c:\windows\l2schemas 2010-03-22 16:11 . 2010-03-22 16:11 -------- d-----w- c:\windows\system32\bits 2010-03-22 16:05 . 2010-03-22 16:11 -------- d-----w- c:\windows\ServicePackFiles 2010-03-22 15:53 . 2010-03-22 15:53 -------- d-----w- c:\windows\EHome . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-23 20:35 . 2009-10-18 14:29 -------- d-----w- c:\program files\Steam 2010-03-23 20:34 . 2010-03-22 17:50 -------- d-----w- c:\documents and settings\Anthony\Application Data\LimeWire 2010-03-23 17:41 . 2009-08-30 17:12 -------- d-----w- c:\documents and settings\Anthony\Application Data\Azureus 2010-03-23 14:39 . 2004-08-05 12:00 512628 ----a-w- c:\windows\system32\perfh00C.dat 2010-03-23 14:39 . 2004-08-05 12:00 85834 ----a-w- c:\windows\system32\perfc00C.dat 2010-03-22 17:06 . 2009-08-30 17:11 -------- d-----w- c:\program files\Vuze 2010-03-22 16:22 . 2009-08-04 21:55 74656 ----a-w- c:\documents and settings\Anthony\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-03-22 16:14 . 2009-08-04 21:16 76507 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-02-03 21:19 . 2010-02-03 21:19 -------- d-----w- c:\program files\Fichiers communs\logishrd . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2009-04-02 10:47 333192 -c--a-w- c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392] "Steam"="c:\program files\steam\steam.exe" [2010-02-28 1217872] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-21 468408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-25 61440] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "RTHDCPL"="RTHDCPL.EXE" [2009-08-24 18702336] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "HomePlayer"="c:\program files\HomePlayer\HomePlayer.exe" [2007-11-06 294912] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WUAppSetup"="c:\program files\Fichiers communs\logishrd\WUApp32.exe" [2007-02-03 430080] c:\documents and settings\Anthony\Menu D‚marrer\Programmes\D‚marrage\ LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-3-16 503808] OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] PyGrenouille.lnk - c:\program files\PyGrenouille\pygrenouille.exe [2009-8-18 91648] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= "c:\\Program Files\\Steam\\Steam.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Steam\\steamapps\\montetanthony\\counter-strike source\\hl2.exe"= "c:\\Program Files\\HomePlayer\\HomePlayer.exe"= "c:\\Program Files\\HomePlayer\\VLC\\vlc.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\system32\\sessmgr.exe"= R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [04/08/2009 23:19 108289] R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [30/08/2009 18:11 464264] R2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [30/08/2009 18:11 234888] R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;c:\windows\system32\drivers\WlanUZXP.sys [08/09/2009 18:59 260608] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [09/09/2009 00:36 1684736] . Contenu du dossier 'Tâches planifiées' 2009-10-24 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-01-03 c:\windows\Tasks\Norton Security Scan for Anthony.job - c:\program files\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2009-08-20 15:45] 2010-03-23 c:\windows\Tasks\User_Feed_Synchronization-{52173315-1334-432F-9171-250ACDBE1DDF}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/webhp?hl=fr uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: {06E5EC13-5606-48F8-B972-85B673C5ADD7} = 212.27.53.252,212.27.54.252 TCP: {1E6050A5-8C48-4B34-BFDB-A9A7B437862B} = 212.27.53.252,212.27.54.252 TCP: {8E55DB6B-EBF8-4B65-8F5A-10FC7C478DA4} = 212.27.53.252,212.27.54.252 FF - ProfilePath - c:\documents and settings\Anthony\Application Data\Mozilla\Firefox\Profiles\odhrnnm3.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr . - - - - ORPHELINS SUPPRIMES - - - - MSConfigStartUp-10174215 - c:\docume~1\ALLUSE~1\APPLIC~1\10174215\10174215.exe MSConfigStartUp-22042818 - c:\documents and settings\All Users\Application Data\22042818\22042818.exe ************************************************************************** Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1032) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3572) c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Heure de fin: 2010-03-23 22:04:09 ComboFix-quarantined-files.txt 2010-03-23 21:04 Avant-CF: 49 349 931 008 octets libres Après-CF: 49 518 092 288 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect - - End Of File - - F29AC347916AEBC8375FC703E0F368FF

Bonjour, j'ai eu le meme probleme sur mon Pc étant novice j'ai essayer de me débrouiller j'ai suivi les informations sur se forum: http://www.commentcamarche.net/faq/24055-security-tool Et maintenent voici le rapport de Combo Fix qui en résulte, pour moi c'est du chinois quelqun pourrait-il me donner un coup de main ou me traduir se rapport . Merci d'avance ComboFix 10-03-23.03 - Anthony 23/03/2010 21:58:18.1.2 - x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.560 [GMT 1:00] Lancé depuis: c:\documents and settings\Anthony\Bureau\CCM.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . ((((((((((((((((((((((((((((( Fichiers créés du 2010-02-23 au 2010-03-23 )))))))))))))))))))))))))))))))))))) . 2010-03-23 18:11 . 2010-03-23 18:11 -------- d-----w- c:\documents and settings\Anthony\Application Data\Malwarebytes 2010-03-23 18:11 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-23 18:11 . 2010-03-23 18:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-03-23 18:11 . 2010-03-23 18:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-03-23 18:11 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-23 14:38 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2010-03-22 17:49 . 2010-03-22 17:49 -------- d-----w- c:\program files\LimeWire 2010-03-22 16:11 . 2010-03-22 16:11 -------- d-----w- c:\windows\system32\fr 2010-03-22 16:11 . 2010-03-22 16:11 -------- d-----w- c:\windows\l2schemas 2010-03-22 16:11 . 2010-03-22 16:11 -------- d-----w- c:\windows\system32\bits 2010-03-22 16:05 . 2010-03-22 16:11 -------- d-----w- c:\windows\ServicePackFiles 2010-03-22 15:53 . 2010-03-22 15:53 -------- d-----w- c:\windows\EHome . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-23 20:35 . 2009-10-18 14:29 -------- d-----w- c:\program files\Steam 2010-03-23 20:34 . 2010-03-22 17:50 -------- d-----w- c:\documents and settings\Anthony\Application Data\LimeWire 2010-03-23 17:41 . 2009-08-30 17:12 -------- d-----w- c:\documents and settings\Anthony\Application Data\Azureus 2010-03-23 14:39 . 2004-08-05 12:00 512628 ----a-w- c:\windows\system32\perfh00C.dat 2010-03-23 14:39 . 2004-08-05 12:00 85834 ----a-w- c:\windows\system32\perfc00C.dat 2010-03-22 17:06 . 2009-08-30 17:11 -------- d-----w- c:\program files\Vuze 2010-03-22 16:22 . 2009-08-04 21:55 74656 ----a-w- c:\documents and settings\Anthony\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-03-22 16:14 . 2009-08-04 21:16 76507 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-02-03 21:19 . 2010-02-03 21:19 -------- d-----w- c:\program files\Fichiers communs\logishrd . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2009-04-02 10:47 333192 -c--a-w- c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392] "Steam"="c:\program files\steam\steam.exe" [2010-02-28 1217872] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-21 468408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-25 61440] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "RTHDCPL"="RTHDCPL.EXE" [2009-08-24 18702336] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "HomePlayer"="c:\program files\HomePlayer\HomePlayer.exe" [2007-11-06 294912] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WUAppSetup"="c:\program files\Fichiers communs\logishrd\WUApp32.exe" [2007-02-03 430080] c:\documents and settings\Anthony\Menu D‚marrer\Programmes\D‚marrage\ LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-3-16 503808] OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] PyGrenouille.lnk - c:\program files\PyGrenouille\pygrenouille.exe [2009-8-18 91648] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= "c:\\Program Files\\Steam\\Steam.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Steam\\steamapps\\montetanthony\\counter-strike source\\hl2.exe"= "c:\\Program Files\\HomePlayer\\HomePlayer.exe"= "c:\\Program Files\\HomePlayer\\VLC\\vlc.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\system32\\sessmgr.exe"= R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [04/08/2009 23:19 108289] R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [30/08/2009 18:11 464264] R2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [30/08/2009 18:11 234888] R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;c:\windows\system32\drivers\WlanUZXP.sys [08/09/2009 18:59 260608] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [09/09/2009 00:36 1684736] . Contenu du dossier 'Tâches planifiées' 2009-10-24 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-01-03 c:\windows\Tasks\Norton Security Scan for Anthony.job - c:\program files\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2009-08-20 15:45] 2010-03-23 c:\windows\Tasks\User_Feed_Synchronization-{52173315-1334-432F-9171-250ACDBE1DDF}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/webhp?hl=fr uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: {06E5EC13-5606-48F8-B972-85B673C5ADD7} = 212.27.53.252,212.27.54.252 TCP: {1E6050A5-8C48-4B34-BFDB-A9A7B437862B} = 212.27.53.252,212.27.54.252 TCP: {8E55DB6B-EBF8-4B65-8F5A-10FC7C478DA4} = 212.27.53.252,212.27.54.252 FF - ProfilePath - c:\documents and settings\Anthony\Application Data\Mozilla\Firefox\Profiles\odhrnnm3.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr . - - - - ORPHELINS SUPPRIMES - - - - MSConfigStartUp-10174215 - c:\docume~1\ALLUSE~1\APPLIC~1\10174215\10174215.exe MSConfigStartUp-22042818 - c:\documents and settings\All Users\Application Data\22042818\22042818.exe ************************************************************************** Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1032) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3572) c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Heure de fin: 2010-03-23 22:04:09 ComboFix-quarantined-files.txt 2010-03-23 21:04 Avant-CF: 49 349 931 008 octets libres Après-CF: 49 518 092 288 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect - - End Of File - - F29AC347916AEBC8375FC703E0F368FF