Nad_33

ah super merci pour le lien! Ca y est j'ai enlevé les restes d'AVP tool avec l'outil.

Non il n'y a jamais eu Kaspersky. Quant au pare-feu, il a toujours été activé jusqu'à l'apparition des problèmes la semaine dernière. Et le pare-feu norton, il est pas avec Internet security? car je n'ai que l'antivirus 2009 et je n'ai jamais vu de réglage du pare-feu... Je me rappelle plus du tout combien de temps il me reste avec norton, peut être 5 mois... mais je changerai après!

C'est celui de Windows, il s'est déconnecté automatiquement quand les problèmes de virus sont arrivés et qd je veux le réactiver, ça me dit que windows ne peut pas activer le service... Fichier log : Logfile of random's system information tool 1.07 (written by random/random) Run by Nadège at 2010-06-03 22:40:56 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 79 GB (83%) free of 95 GB Total RAM: 1022 MB (76% free) HijackThis download failed ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2054951153-2501660682-707765859-1005.job C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2054951153-2501660682-707765859-1005.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.DLL [2009-08-22 107896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-05-01 7557120] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "KB923561"=apphelp.dll,ShimFlushCache [] "KB955759"=apphelp.dll,ShimFlushCache [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "TSClientMSIUninstaller"=cmd.exe /C cscript C:\WINDOWS\Installer\TSClientMsiTrans\tscuinst.vbs [] "TSClientAXDisabler"=cmd.exe /C C:\WINDOWS\Installer\TSClientMsiTrans\tscdsbl.bat [] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE TabUserW.exe.lnk - C:\WINDOWS\system32\WTablet\TabUserW.exe Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\Nadège\Menu Démarrer\Programmes\Démarrage Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE _uninst_setup_9.0.0.722_31.05.2010_21-31.exe.lnk - C:\Documents and Settings\Nadège\Local Settings\temp\_uninst_setup_9.0.0.722_31.05.2010_21-31.exe.bat [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2006-03-22 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 233472] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\klmdb.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\klmdb.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Documents and Settings\Nadège\Mes documents\Downloads\utorrent.exe"="C:\Documents and Settings\Nadège\Mes documents\Downloads\utorrent.exe:*:Enabled:µTorrent" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Disabled:P2P service of Orbit Downloader" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" ======List of files/folders created in the last 1 months====== 2010-06-03 22:40:58 ----D---- C:\Program Files\trend micro 2010-06-03 22:40:56 ----D---- C:\rsit 2010-06-03 21:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$ 2010-06-03 21:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$ 2010-06-03 21:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$ 2010-06-03 21:00:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-06-03 20:59:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$ 2010-06-03 20:59:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$ 2010-06-03 20:59:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$ 2010-06-03 20:59:20 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-06-03 20:59:07 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-06-03 20:58:36 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$ 2010-06-03 20:58:03 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-06-03 20:57:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$ 2010-06-03 20:57:26 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-06-03 20:57:14 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2010-06-03 20:57:00 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2010-06-03 20:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-06-03 20:56:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2010-06-03 20:56:26 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2010-06-03 20:56:15 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2010-06-03 20:56:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2010-06-03 20:55:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2010-06-03 20:55:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2010-06-03 20:55:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2010-06-03 20:55:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$ 2010-06-03 20:54:54 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-06-03 20:54:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2010-06-03 20:54:27 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2010-06-03 20:54:10 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ 2010-06-03 20:53:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$ 2010-06-03 20:53:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$ 2010-06-03 20:53:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-06-03 20:53:01 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2010-06-03 20:52:49 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2010-06-03 20:52:33 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ 2010-06-03 20:52:13 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2010-06-03 20:51:59 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$ 2010-06-03 20:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2010-06-03 20:51:05 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2010-06-03 20:50:48 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$ 2010-06-03 20:50:36 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2010-06-03 20:50:22 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$ 2010-06-03 20:50:10 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$ 2010-06-03 20:49:57 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2010-06-03 20:49:44 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2010-06-03 20:49:31 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2010-06-03 20:49:20 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2010-06-03 20:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$ 2010-06-03 20:48:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2010-06-03 20:48:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2010-06-03 20:48:23 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2010-06-03 20:48:11 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2010-06-03 20:47:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2010-06-03 20:47:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ 2010-06-03 20:47:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2010-06-03 20:47:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2010-06-03 20:46:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2010-06-03 20:45:59 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-06-03 20:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$ 2010-06-03 20:45:28 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2010-06-03 20:45:15 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_1$ 2010-06-03 20:45:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2010-06-03 20:44:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2010-06-03 20:44:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2010-06-03 20:44:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2010-06-03 20:44:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2010-06-03 20:43:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2010-06-03 20:43:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2010-06-03 20:43:24 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2010-06-03 20:43:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$ 2010-06-03 20:42:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2010-06-03 20:42:45 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2010-06-03 20:42:33 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2010-06-03 20:42:21 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2010-06-03 20:42:09 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$ 2010-06-03 20:41:57 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2010-06-03 20:41:41 ----D---- C:\WINDOWS\LastGood.Tmp 2010-06-03 20:35:21 ----N---- C:\WINDOWS\system32\msxml6r.dll 2010-06-03 20:35:20 ----N---- C:\WINDOWS\system32\msxml6.dll 2010-06-03 20:35:17 ----N---- C:\WINDOWS\system32\smtpapi.dll 2010-06-03 20:35:17 ----N---- C:\WINDOWS\system32\rwnh.dll 2010-06-03 20:35:17 ----N---- C:\WINDOWS\system32\comsdupd.exe 2010-06-03 20:35:03 ----N---- C:\WINDOWS\system32\azroles.dll 2010-06-03 20:35:03 ----N---- C:\WINDOWS\system32\ativtmxx.dll 2010-06-03 20:35:03 ----N---- C:\WINDOWS\system32\ati3d1ag.dll 2010-06-03 20:35:03 ----N---- C:\WINDOWS\system32\ati2dvaa.dll 2010-06-03 20:35:03 ----N---- C:\WINDOWS\system32\aaclient.dll 2010-06-03 20:35:02 ----N---- C:\WINDOWS\system32\credssp.dll 2010-06-03 20:35:02 ----N---- C:\WINDOWS\system32\bitsprx4.dll 2010-06-03 20:35:01 ----N---- C:\WINDOWS\system32\dot3ui.dll 2010-06-03 20:35:01 ----N---- C:\WINDOWS\system32\dot3svc.dll 2010-06-03 20:35:01 ----N---- C:\WINDOWS\system32\dot3msm.dll 2010-06-03 20:35:01 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll 2010-06-03 20:35:01 ----N---- C:\WINDOWS\system32\dot3dlg.dll 2010-06-03 20:35:01 ----N---- C:\WINDOWS\system32\dot3cfg.dll 2010-06-03 20:35:01 ----N---- C:\WINDOWS\system32\dot3api.dll 2010-06-03 20:35:01 ----N---- C:\WINDOWS\system32\dimsroam.dll 2010-06-03 20:35:01 ----N---- C:\WINDOWS\system32\dimsntfy.dll 2010-06-03 20:35:01 ----N---- C:\WINDOWS\system32\dhcpqec.dll 2010-06-03 20:35:00 ----N---- C:\WINDOWS\system32\eapolqec.dll 2010-06-03 20:34:59 ----N---- C:\WINDOWS\system32\hsfcisp2.dll 2010-06-03 20:34:59 ----N---- C:\WINDOWS\system32\eapsvc.dll 2010-06-03 20:34:59 ----N---- C:\WINDOWS\system32\eapqec.dll 2010-06-03 20:34:59 ----N---- C:\WINDOWS\system32\eappprxy.dll 2010-06-03 20:34:59 ----N---- C:\WINDOWS\system32\eapphost.dll 2010-06-03 20:34:59 ----N---- C:\WINDOWS\system32\eappgnui.dll 2010-06-03 20:34:59 ----N---- C:\WINDOWS\system32\eappcfg.dll 2010-06-03 20:34:59 ----N---- C:\WINDOWS\system32\eapp3hst.dll 2010-06-03 20:34:58 ----N---- C:\WINDOWS\system32\ieencode.dll 2010-06-03 20:34:57 ----N---- C:\WINDOWS\system32\l2gpstore.dll 2010-06-03 20:34:57 ----N---- C:\WINDOWS\system32\kmsvc.dll 2010-06-03 20:34:57 ----N---- C:\WINDOWS\system32\kbdpash.dll 2010-06-03 20:34:57 ----N---- C:\WINDOWS\system32\kbdnepr.dll 2010-06-03 20:34:57 ----N---- C:\WINDOWS\system32\kbdiultn.dll 2010-06-03 20:34:57 ----N---- C:\WINDOWS\system32\kbdbhc.dll 2010-06-03 20:34:55 ----N---- C:\WINDOWS\system32\mmcperf.exe 2010-06-03 20:34:55 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll 2010-06-03 20:34:55 ----N---- C:\WINDOWS\system32\mmcex.dll 2010-06-03 20:34:55 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll 2010-06-03 20:34:55 ----N---- C:\WINDOWS\system32\mdmxsdk.dll 2010-06-03 20:34:54 ----N---- C:\WINDOWS\system32\msshavmsg.dll 2010-06-03 20:34:54 ----N---- C:\WINDOWS\system32\mssha.dll 2010-06-03 20:34:53 ----N---- C:\WINDOWS\system32\onex.dll 2010-06-03 20:34:53 ----N---- C:\WINDOWS\system32\napstat.exe 2010-06-03 20:34:53 ----N---- C:\WINDOWS\system32\napmontr.dll 2010-06-03 20:34:53 ----N---- C:\WINDOWS\system32\napipsec.dll 2010-06-03 20:34:53 ----N---- C:\WINDOWS\system32\mtxparhd.dll 2010-06-03 20:34:51 ----N---- C:\WINDOWS\system32\s3gnb.dll 2010-06-03 20:34:51 ----N---- C:\WINDOWS\system32\rhttpaa.dll 2010-06-03 20:34:51 ----N---- C:\WINDOWS\system32\rasqec.dll 2010-06-03 20:34:51 ----N---- C:\WINDOWS\system32\qutil.dll 2010-06-03 20:34:51 ----N---- C:\WINDOWS\system32\qcliprov.dll 2010-06-03 20:34:51 ----N---- C:\WINDOWS\system32\qagentrt.dll 2010-06-03 20:34:51 ----N---- C:\WINDOWS\system32\qagent.dll 2010-06-03 20:34:50 ----N---- C:\WINDOWS\system32\slserv.exe 2010-06-03 20:34:50 ----N---- C:\WINDOWS\system32\slrundll.exe 2010-06-03 20:34:50 ----N---- C:\WINDOWS\system32\slgen.dll 2010-06-03 20:34:50 ----N---- C:\WINDOWS\system32\slextspk.dll 2010-06-03 20:34:50 ----N---- C:\WINDOWS\system32\slcoinst.dll 2010-06-03 20:34:50 ----N---- C:\WINDOWS\system32\setupn.exe 2010-06-03 20:34:48 ----N---- C:\WINDOWS\system32\tspkg.dll 2010-06-03 20:34:48 ----N---- C:\WINDOWS\system32\tsgqec.dll 2010-06-03 20:34:46 ----N---- C:\WINDOWS\system32\wlanapi.dll 2010-06-03 20:34:45 ----N---- C:\WINDOWS\slrundll.exe 2010-06-03 20:34:43 ----D---- C:\WINDOWS\system32\fr 2010-06-03 20:34:43 ----D---- C:\WINDOWS\l2schemas 2010-06-03 20:34:42 ----D---- C:\WINDOWS\system32\bits 2010-06-03 20:21:25 ----A---- C:\WINDOWS\003098_.tmp 2010-06-03 20:14:05 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2010-05-31 23:57:56 ----HD---- C:\WINDOWS\PIF 2010-05-31 19:59:21 ----SHD---- C:\RECYCLER 2010-05-31 18:20:53 ----D---- C:\WINDOWS\temp 2010-05-27 00:00:03 ----A---- C:\WINDOWS\system32\grpconv.exe 2010-05-26 21:22:15 ----A---- C:\Boot.bak 2010-05-26 21:22:07 ----RASHD---- C:\cmdcons 2010-05-25 21:43:06 ----D---- C:\WINDOWS\ERDNT 2010-05-24 19:54:03 ----A---- C:\WINDOWS\ntbtlog.txt 2010-05-24 14:09:27 ----HD---- C:\WINDOWS\msdownld.tmp 2010-05-24 14:04:38 ----HDC---- C:\WINDOWS\ie8 2010-05-24 14:01:02 ----D---- C:\WINDOWS\system32\MpEngineStore 2010-05-22 21:15:46 ----D---- C:\WINDOWS\61D3AAE1D5214CD7939B37813DE8F955.TMP 2010-05-22 18:44:11 ----D---- C:\Documents and Settings\Nadège\Application Data\Malwarebytes 2010-05-22 18:43:02 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-05-21 21:30:55 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-20 21:06:50 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard 2010-05-19 18:29:54 ----D---- C:\Documents and Settings\Nadège\Application Data\ATManager 2010-05-08 16:35:58 ----D---- C:\Program Files\Safari 2010-05-05 17:54:45 ----D---- C:\Program Files\Namtuk ======List of files/folders modified in the last 1 months====== 2010-06-03 22:40:58 ----D---- C:\Program Files 2010-06-03 21:31:40 ----D---- C:\WINDOWS\system32 2010-06-03 21:12:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-06-03 21:08:23 ----A---- C:\WINDOWS\setuplog.txt 2010-06-03 21:07:09 ----D---- C:\WINDOWS\system32\Setup 2010-06-03 21:07:09 ----D---- C:\WINDOWS\AppPatch 2010-06-03 21:07:08 ----RSD---- C:\WINDOWS\Fonts 2010-06-03 21:07:08 ----D---- C:\WINDOWS\system32\wbem 2010-06-03 21:07:07 ----D---- C:\WINDOWS 2010-06-03 21:04:40 ----D---- C:\WINDOWS\security 2010-06-03 21:01:31 ----D---- C:\WINDOWS\system32\CatRoot2 2010-06-03 21:01:27 ----HD---- C:\WINDOWS\inf 2010-06-03 21:01:26 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-06-03 21:01:26 ----D---- C:\WINDOWS\system32\CatRoot 2010-06-03 21:01:25 ----D---- C:\WINDOWS\system32\drivers 2010-06-03 20:57:57 ----D---- C:\Program Files\Movie Maker 2010-06-03 20:55:13 ----D---- C:\Program Files\Outlook Express 2010-06-03 20:42:24 ----D---- C:\Program Files\Messenger 2010-06-03 20:35:35 ----D---- C:\WINDOWS\WinSxS 2010-06-03 20:35:17 ----D---- C:\WINDOWS\system32\inetsrv 2010-06-03 20:35:16 ----D---- C:\WINDOWS\network diagnostic 2010-06-03 20:35:15 ----D---- C:\WINDOWS\ime 2010-06-03 20:35:15 ----D---- C:\WINDOWS\Help 2010-06-03 20:34:45 ----D---- C:\WINDOWS\system32\usmt 2010-06-03 20:34:45 ----D---- C:\WINDOWS\system32\fr-fr 2010-06-03 20:34:43 ----SHD---- C:\WINDOWS\Installer 2010-06-03 20:34:42 ----D---- C:\WINDOWS\PeerNet 2010-06-03 20:27:05 ----D---- C:\WINDOWS\system32\Restore 2010-06-03 20:27:05 ----D---- C:\WINDOWS\system32\npp 2010-06-03 20:27:04 ----D---- C:\WINDOWS\msagent 2010-06-03 20:27:01 ----D---- C:\WINDOWS\srchasst 2010-06-03 20:26:59 ----D---- C:\Program Files\NetMeeting 2010-06-03 20:26:56 ----D---- C:\WINDOWS\system32\Com 2010-06-03 20:26:45 ----D---- C:\Program Files\Windows NT 2010-06-03 20:26:38 ----D---- C:\Program Files\Fichiers communs\System 2010-06-03 20:26:13 ----D---- C:\WINDOWS\system32\oobe 2010-06-03 20:26:10 ----D---- C:\WINDOWS\system 2010-06-03 20:14:03 ----D---- C:\WINDOWS\ehome 2010-06-02 20:17:18 ----D---- C:\downloads 2010-05-31 18:15:45 ----A---- C:\WINDOWS\system.ini 2010-05-31 18:13:06 ----D---- C:\Program Files\Fichiers communs 2010-05-27 00:10:35 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-05-26 21:54:12 ----D---- C:\WINDOWS\Registration 2010-05-26 21:22:15 ----RASH---- C:\boot.ini 2010-05-25 23:17:35 ----SD---- C:\WINDOWS\Tasks 2010-05-24 14:16:04 ----D---- C:\WINDOWS\Media 2010-05-24 14:16:04 ----D---- C:\Program Files\Internet Explorer 2010-05-24 13:54:42 ----D---- C:\Documents and Settings\Nadège\Application Data\Orbit 2010-05-23 10:37:17 ----D---- C:\Documents and Settings\Nadège\Application Data\Adobe 2010-05-23 10:37:03 ----D---- C:\Program Files\Fichiers communs\Adobe 2010-05-22 22:40:52 ----A---- C:\WINDOWS\vw.ini 2010-05-22 22:40:52 ----A---- C:\WINDOWS\LAROUSSE.INI 2010-05-22 21:16:29 ----SD---- C:\Documents and Settings\Nadège\Application Data\Microsoft 2010-05-22 14:46:13 ----SHD---- C:\System Volume Information 2010-05-20 19:56:15 ----A---- C:\WINDOWS\NeroDigital.ini 2010-05-16 21:34:39 ----D---- C:\Documents and Settings\Nadège\Application Data\uTorrent 2010-05-08 16:39:05 ----D---- C:\Documents and Settings\Nadège\Application Data\Apple Computer 2010-05-08 16:35:10 ----D---- C:\Program Files\Fichiers communs\Apple ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628] R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 191968] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040] S1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NAV\1008000.029\BHDrvx86.sys [2009-08-22 259632] S1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NAV\1008000.029\ccHPx86.sys [2010-02-04 482432] S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys [] S1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100513.002\IDSxpx86.sys [] S1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576] S1 nayqfzfg;nayqfzfg; \??\C:\WINDOWS\system32\drivers\nayqfzfg.sys [] S1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NAV\1008000.029\SRTSPX.SYS [2009-08-22 43696] S1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMTDI.SYS [2009-08-22 217136] S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-07-17 46167] S2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-03-23 21419] S2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-10-06 25628] S2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-10-06 2496] S2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-10-06 86524] S2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-10-06 14684] S2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-10-06 6364] S2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-10-06 87036] S2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-10-06 94332] S2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544] S2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032] S2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-08-02 12544] S3 adiusbae;USB ADSL LAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbae.sys [2003-09-29 117673] S3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-12-13 1124097] S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-04-02 471264] S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-22 1522688] S3 catchme;catchme; \??\C:\DOCUME~1\NADGE~1\LOCALS~1\Temp\catchme.sys [] S3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] S3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-01-13 163328] S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-05 4271616] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100523.004\NAVENG.SYS [] S3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100523.004\NAVEX15.SYS [] S3 NETw3x32;Pilote de carte réseau Intel® PRO/Wireless 3945ABG pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2006-07-26 1707776] S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS [] S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-05-01 3643296] S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904] S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008] S3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NAV\1008000.029\SRTSP.SYS [2009-08-22 308272] S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [] S3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMFW.SYS [2009-08-22 89904] S3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMIDS.SYS [2009-08-22 33072] S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-08-22 36400] S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-08-22 36400] S3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMNDIS.SYS [2009-08-22 36400] S3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560] S3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 9344] S3 TVALD;Toshiba Mobile PC Service; C:\WINDOWS\system32\DRIVERS\NBSMI.sys [2005-10-20 6144] S3 Tvs;TOSHIBA Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2006-05-30 45696] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-07-09 39424] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WsAudioDevice_383;WsAudioDevice_383; C:\WINDOWS\system32\drivers\WsAudioDevice_383.sys [2008-11-19 16640] S3 WUDFRd;WUDFRd; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712] S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-03-22 405504] S2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] S2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-18 40960] S2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-08-02 434176] S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-31 153376] S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] S2 NetFxUpdate_v1.0.3705;Microsoft .NET Framework v1.0.3705 Update; C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\NetfxUpdate.exe [2007-12-17 82976] S2 Norton AntiVirus;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe [2009-08-22 117640] S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-05-01 143428] S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [] S2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-08-02 327680] S2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-08-02 937984] S2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2009-01-07 26144] S2 TabletService;TabletService; C:\WINDOWS\system32\Tablet.exe [2005-12-06 753664] S2 TAPPSRV;TOSHIBA Application Service; C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe [2006-02-07 35840] S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] -----------------EOF----------------- Fichier Info info.txt logfile of random's system information tool 1.06 2010-06-03 22:41:13 ======Uninstall list====== -->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} Adobe Setup-->MsiExec.exe /I{82503EA7-7E08-4AA8-90E9-BE4D0A6D453F} Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log Apple Application Support-->MsiExec.exe /I{E1B2DF7C-A176-4A1D-9D32-3CEC5037A524} Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assist TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x40c Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe" Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Canon Camera Window for ZoomBrowser EX-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A29EA741-24F7-4C07-9B2C-06CB6491BE4A} Canon Utilities PhotoStitch 3.1-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C05E2D43-A05F-4835-A15C-CD0AD1576506} Canon Utilities ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2} Capture My Screen 1-->"C:\Program Files\Namtuk\Capture My Screen\unins000.exe" Commandes TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x40c UNINSTALL Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe Correctif pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe" Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Correctif pour Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" dBpowerAMP DirectShow Decoder Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP DirectShow Decoder Codec.dat dBpowerAMP FLAC Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP FLAC Codec.dat dBpowerAMP Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat Easy-WebPrint-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu" Formatage de carte mémoire SD TOSHIBA-->MsiExec.exe /X{48CF9A66-5F03-4025-ABD0-B3A3FA095A59} Free - Kit de connexion-->C:\Program Files\Free.fr\uninstall.exe Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} Gestion d'énergie TOSHIBA-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll" Google Earth-->MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90} High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Intel® PRO Network Connections Drivers-->Prounstl.exe InterVideo WinDVD for TOSHIBA-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944} J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} Java 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Java SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} K-Lite Codec Pack 3.5.7 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" K-Lite Video Conversion Pack 1.0.0-->"C:\Program Files\K-Lite Video Conversion Pack\unins000.exe" Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Logiciel Intel® PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F} Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c} Manuels TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EB6332B-AF02-457C-A31C-835458C5B48B}\setup.exe" -l0x40c -removeonly mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779} mDrWiFi-->MsiExec.exe /I{90CC4231-94AC-45CD-991A-0253BFAC0650} MediaInfo 0.7.5.5-->C:\Program Files\MediaInfo\uninst.exe mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68} Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office 2000 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7} Microsoft Office OneNote 2003-->MsiExec.exe /I{91A1040C-6000-11D3-8CFE-0150048383C9} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977165-v2)-->"C:\WINDOWS\$NtUninstallKB977165-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe" Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe" Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F} mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7} mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5} mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9} mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4} mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401} mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023} Nero 7 Premium-->MsiExec.exe /I{7A66C7E3-5212-1A19-70A7-1F0FBA691036} Network Stumbler 0.4.0 (remove only)-->"C:\Program Files\Network Stumbler\uninst.exe" Norton AntiVirus-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\562C4DD5\16.8.0.41\InstStub.exe /X NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI OpenMG Secure Module 4.7.00-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL Orbit Downloader-->"C:\Program Files\Orbitdownloader\unins000.exe" Outil de diagnostic PC TOSHIBA-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{2C38F661-26B7-445D-B87D-B53FE2D3BD42} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PHOTOfunSTUDIO -viewer--->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\Setup.exe -runfromtemp -l0x040cPackage -removeonly QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68} RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0 Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F} Réducteur de bruit lect. CD/DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x40c Replay Music-->"C:\WINDOWS\Replay Music\uninstall.exe" "/U:C:\Program Files\Replay Music 3\Uninstall\uninstall.xml" Ri4m v5-->C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe Safari-->MsiExec.exe /I{A67BB21E-D419-45BB-AB86-7D87D14BBCE2} SAGEM F@st 800-908-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\Setup.exe" -l0x40c SD Secure Module-->MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85} Security Update for Microsoft .NET Framework 2.0 (KB922770)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Security Update pour Microsoft .NET Framework 2.0 (KB917283)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Son virtuel TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\setup.exe" /uninstall Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011} Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Tablette-->C:\Program Files\Tablet\Remove.exe /u Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{4497AFF6-98C4-4F49-B073-F48F42BCBF9E} /l1036 TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x40c UNINSTALL TOSHIBA Hotkey Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64DD71BC-3109-4C88-9AD3-D5422644B722}\setup.exe" -l0x40c TOSHIBA Software Modem-->Tosmreg -U TOSHIBA TouchPad ON/Off Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{69BE47C2-36FE-4397-8199-85D8EAE69982}\setup.exe" -l0x40c TOSHIBA Utilities-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}\setup.exe" -l0x40c Utilitaire de zoom TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\Setup.exe" -l0x40c VLC media player 0.9.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe" Windows Desktop Search -->"C:\WINDOWS\$NtUninstallKB911993-V2$\spuninst\spuninst.exe" Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Édition Media Center 2005 KB888316-->C:\WINDOWS\$NtUninstallKB888316$\spuninst\spuninst.exe Windows XP Media Center Edition 2005 KB894553-->C:\WINDOWS\$NtUninstallKB894553$\spuninst\spuninst.exe Windows XP Media Center Edition 2005 KB895678-->C:\WINDOWS\$NtUninstallKB895678$\spuninst\spuninst.exe Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe" Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" X10 Hardware-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log Xvid 1.1.3 final uninstall-->"C:\Program Files\Xvid\unins000.exe" ======Security center information====== AV: Norton AntiVirus (disabled) ======System event log====== Computer Name: TOSH Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{7E8B454F-541C-4E4C-BB17-6FC4B1A8EC91} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 50663 Source Name: Tcpip Time Written: 20100418214439.000000+120 Event Type: Informations User: Computer Name: TOSH Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{7E8B454F-541C-4E4C-BB17-6FC4B1A8EC91} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 50662 Source Name: Tcpip Time Written: 20100418214419.000000+120 Event Type: Informations User: Computer Name: TOSH Event Code: 7036 Message: Le service Hôte de périphérique universel Plug-and-Play est entré dans l'état : en cours d'exécution. Record Number: 50661 Source Name: Service Control Manager Time Written: 20100418212628.000000+120 Event Type: Informations User: Computer Name: TOSH Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Hôte de périphérique universel Plug-and-Play. Record Number: 50660 Source Name: Service Control Manager Time Written: 20100418212628.000000+120 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: TOSH Event Code: 14000 Message: MTP WPD Driver has started successfully. Record Number: 50659 Source Name: WPDMTPDriver Time Written: 20100418212542.000000+120 Event Type: Informations User: =====Application event log===== Computer Name: TOSH Event Code: 1004 Message: Échec de détection du produit '{91A1040C-6000-11D3-8CFE-0150048383C9}', fonctionnalité 'ProofingToolsFiles_1036', composant '{52632D7C-8AAB-11D2-900A-00805F9B1201}. La ressource 'C:\Program Files\Fichiers communs\Microsoft Shared\PROOF\MSWDS_FR.LEX' n'existe pas Record Number: 47875 Source Name: MsiInstaller Time Written: 20090630190343.000000+120 Event Type: Avertissement User: TOSH\Nadège Computer Name: TOSH Event Code: 1004 Message: Échec de détection du produit '{91A1040C-6000-11D3-8CFE-0150048383C9}', fonctionnalité 'ProofingToolsFiles_1036', composant '{52632D7C-8AAB-11D2-900A-00805F9B1201}. La ressource 'C:\Program Files\Fichiers communs\Microsoft Shared\PROOF\MSWDS_FR.LEX' n'existe pas Record Number: 47874 Source Name: MsiInstaller Time Written: 20090630190343.000000+120 Event Type: Avertissement User: TOSH\Nadège Computer Name: TOSH Event Code: 1004 Message: Échec de détection du produit '{91A1040C-6000-11D3-8CFE-0150048383C9}', fonctionnalité 'ProofingToolsFiles_1036', composant '{52632D7C-8AAB-11D2-900A-00805F9B1201}. La ressource 'C:\Program Files\Fichiers communs\Microsoft Shared\PROOF\MSWDS_FR.LEX' n'existe pas Record Number: 47873 Source Name: MsiInstaller Time Written: 20090630190343.000000+120 Event Type: Avertissement User: TOSH\Nadège Computer Name: TOSH Event Code: 1004 Message: Échec de détection du produit '{91A1040C-6000-11D3-8CFE-0150048383C9}', fonctionnalité 'ProofingToolsFiles_1036', composant '{52632D7C-8AAB-11D2-900A-00805F9B1201}. La ressource 'C:\Program Files\Fichiers communs\Microsoft Shared\PROOF\MSWDS_FR.LEX' n'existe pas Record Number: 47872 Source Name: MsiInstaller Time Written: 20090630190242.000000+120 Event Type: Avertissement User: TOSH\Nadège Computer Name: TOSH Event Code: 1004 Message: Échec de détection du produit '{91A1040C-6000-11D3-8CFE-0150048383C9}', fonctionnalité 'ProofingToolsFiles_1036', composant '{52632D7C-8AAB-11D2-900A-00805F9B1201}. La ressource 'C:\Program Files\Fichiers communs\Microsoft Shared\PROOF\MSWDS_FR.LEX' n'existe pas Record Number: 47871 Source Name: MsiInstaller Time Written: 20090630190242.000000+120 Event Type: Avertissement User: TOSH\Nadège ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;C:\Program Files\QuickTime\QTSystem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=0f06 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip "SAFEBOOT_OPTION"=MINIMAL -----------------EOF-----------------

Bonsoir Apollo, j'ai tout désinstallé et voici le rapport de ToolsCleaner : [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ] --> Recherche: C:\Documents and Settings\Nadège\Bureau\HijackThis.exe: trouvé ! --------------------------------- --> Suppression: C:\Documents and Settings\Nadège\Bureau\HijackThis.exe: supprimé ! J'ai installé le SP3 et hélas, rien ne change : le portable redémarre toujours tout seul après l'affichage "Windows Xp", et en mode sans echec je ne peux toujours pas remettre le pare-feu... Merci pour ton aide et tes précieux conseils, et j'irai faire un tour sur le forum de Marie Enfin, c'est vraiment la poisse! je me débarrasse des virus et paf, un autre problème arrive lol

non il n'a crée aucun fichier sur le bureau. J'ai copié le rapport (choix sur Important events), enfin c'est tout ce que j'ai vu : Autoscan: completed 44 minutes ago (events: 7, objects: 334373, time: 03:45:56) 31/05/2010 20:07:52 Task started 31/05/2010 20:27:29 Detected: EICAR-Test-File C:\Documents and Settings\Nadège\DoctorWeb\Quarantine\Av-test.txt 31/05/2010 20:28:56 Untreated: EICAR-Test-File C:\Documents and Settings\Nadège\DoctorWeb\Quarantine\Av-test.txt Cannot be disinfected 31/05/2010 20:29:47 Deleted: EICAR-Test-File C:\Documents and Settings\Nadège\DoctorWeb\Quarantine\Av-test.txt 31/05/2010 21:22:56 Detected: Worm.Win32.Pinit.ln C:\Qoobox\Quarantine\C\WINDOWS\system32\nmklo.dll.vir 31/05/2010 21:23:43 Deleted: Worm.Win32.Pinit.ln C:\Qoobox\Quarantine\C\WINDOWS\system32\nmklo.dll.vir 31/05/2010 23:53:48 Task completed ah et oui il m'a proposé de le désinstaller. Et comme d'hab il redémarre sans arret en mode normal :/

Ca y est le scan est fini Mais par contre il n'y a pas d'onglet Events et quand je clique sur Report, je n'ai pas la possibilité de l'enregistrer :/

3 jours!! ah quand même!! je ne battrais pas le record lol j'en suis à 35% et il scanne depuis 1h35. en tout cas merci d'avoir proposé toutes ces solutions, avant le possible formatage!

Ca ne peut pas venir d'une ancienne procédure d'un autre forum car je ne suis inscrite que sur celui ci et jamais je n'aurai utilisé Combofix tte seule, j'aurai trop la trouille de faire un truc de travers... Par contre je n'avais pas jeter le rapport avant de re-utiliser CF... ça peut venir de là?

Ben je l'ai passé uniquement quand tu me l'as demandé! alors là je comprends pas tout et je ne trouve pas les rapports ComboFix2,3 etc... A chaque fois il n'y avait que le rapport à la fin du scan... Sinon le pc, je suis toujours obligée de le démarrer en mode sans échec sinon il redémarre tout seul. Et meme en mode sans échec je ne peux pas remettre le pare-feu...

Salut Apollo, j'espère que tu as passé un bon week-end! J'ai lancé Combofix, et voici le rapport : ComboFix 10-05-30.09 - Nadège 31/05/2010 18:07:53.6.2 - x86 MINIMAL Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1022.778 [GMT 2:00] Lancé depuis: c:\documents and settings\Nadège\Bureau\panpan.exe AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} . ((((((((((((((((((((((((((((( Fichiers créés du 2010-04-28 au 2010-05-31 )))))))))))))))))))))))))))))))))))) . 2010-05-26 22:00 . 2010-05-26 22:00 -------- d-----w- c:\windows\LastGood.Tmp 2010-05-26 22:00 . 2004-08-10 12:00 39424 -c--a-w- c:\windows\system32\dllcache\grpconv.exe 2010-05-26 22:00 . 2004-08-10 12:00 39424 ----a-w- c:\windows\system32\grpconv.exe 2010-05-26 22:00 . 2004-08-10 12:00 182912 -c--a-w- c:\windows\system32\dllcache\ndis.sys 2010-05-26 22:00 . 2004-08-10 12:00 182912 ----a-w- c:\windows\system32\drivers\ndis.sys 2010-05-24 12:21 . 2010-05-24 12:21 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2010-05-24 12:09 . 2010-05-24 12:09 -------- d--h--w- c:\windows\msdownld.tmp 2010-05-24 12:04 . 2010-05-24 12:09 -------- dc-h--w- c:\windows\ie8 2010-05-24 12:01 . 2010-05-24 12:04 -------- d-----w- c:\windows\system32\MpEngineStore 2010-05-22 19:15 . 2010-05-22 19:16 -------- d-----w- c:\windows\61D3AAE1D5214CD7939B37813DE8F955.TMP 2010-05-22 16:43 . 2010-05-22 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-05-22 16:43 . 2010-05-23 08:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-21 19:30 . 2010-05-23 10:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-21 19:27 . 2010-05-23 09:56 -------- d-----w- c:\windows\system32\config\systemprofile\Tracing 2010-05-20 19:06 . 2010-05-20 19:06 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard 2010-05-19 16:30 . 2004-08-03 20:59 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys 2010-05-19 16:30 . 2004-08-03 20:59 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 ----a-w- c:\windows\system32\drivers\i2omgmt.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 ----a-w- c:\windows\system32\drivers\changer.sys 2010-05-08 14:39 . 2010-05-08 14:39 37192 ---ha-w- c:\windows\system32\mlfcache.dat 2010-05-08 14:35 . 2010-05-08 14:36 -------- d-----w- c:\program files\Safari 2010-05-05 15:54 . 2010-05-05 15:54 -------- d-----w- c:\program files\Namtuk . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-31 16:14 . 2009-05-27 18:16 1324 ----a-w- c:\windows\system32\d3d9caps.dat 2010-05-26 19:53 . 2009-03-08 10:35 12914 ----a-w- c:\windows\system32\tablet.dat 2010-05-25 19:01 . 2001-08-23 17:15 3328 ----a-w- c:\windows\system32\drivers\pciide.sys 2010-05-23 08:37 . 2006-09-22 11:49 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-05-08 14:35 . 2007-11-15 18:50 -------- d-----w- c:\program files\Fichiers communs\Apple 2010-05-02 18:43 . 2009-07-03 18:45 -------- d-----w- c:\program files\Replay Music 3 2010-05-02 18:26 . 2009-07-03 18:45 323584 ----a-w- c:\windows\system32\AUDIOGENIE2.DLL 2010-03-29 15:38 . 2006-09-15 12:24 75704 ----a-w- c:\windows\system32\perfc00C.dat 2010-03-29 15:38 . 2006-09-15 12:24 468728 ----a-w- c:\windows\system32\perfh00C.dat 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll 2010-03-10 20:33 . 2010-03-10 20:33 300616 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll 2010-03-10 20:32 . 2010-03-10 20:32 329312 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll 2010-03-04 02:00 . 2010-03-04 02:00 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe . ((((((((((((((((((((((((((((( SnapShot@2010-05-25_21.15.21 ))))))))))))))))))))))))))))))))))))))))) . + 2010-05-26 22:00 . 2008-04-13 17:34 39424 c:\windows\LastGood.Tmp\system32\grpconv.exe + 2010-05-26 22:00 . 2008-04-13 10:20 182656 c:\windows\LastGood.Tmp\system32\drivers\ndis.sys . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-01 7557120] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] c:\documents and settings\NadŠge\Menu D‚marrer\Programmes\D‚marrage\ Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-3-17 59080] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-908\dslmon.exe [2008-3-24 962663] Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-18 65588] TabUserW.exe.lnk - c:\windows\system32\WTablet\TabUserW.exe [2009-3-8 114688] Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2006-3-26 257752] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\Nadège\\Mes documents\\Downloads\\utorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Orbitdownloader\\orbitnet.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1008000.029\SymEFA.sys [04/02/2010 18:12 310320] R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [22/09/2006 13:56 7040] S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NAV\1008000.029\BHDrvx86.sys [04/02/2010 18:12 259632] S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1008000.029\cchpx86.sys [04/02/2010 18:12 482432] S1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100513.002\IDSXpx86.sys [18/05/2010 17:50 329592] S1 nayqfzfg;nayqfzfg;\??\c:\windows\system32\drivers\nayqfzfg.sys --> c:\windows\system32\drivers\nayqfzfg.sys [?] S2 Norton AntiVirus;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe [04/02/2010 18:12 117640] S3 adiusbae;USB ADSL LAN Adapter;c:\windows\system32\drivers\adiusbae.sys [24/03/2008 15:20 117673] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [27/08/2009 10:00 102448] S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [15/09/2009 20:12 21344] S3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\wsaudiodevice_383.sys [26/06/2009 20:51 16640] . Contenu du dossier 'Tâches planifiées' 2010-04-29 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-05-26 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2054951153-2501660682-707765859-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2010-05-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2054951153-2501660682-707765859-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] . . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204 IE: &MSN Search - c:\program files\MSN Toolbar Suite\msntb.dll/search.htm IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202 IE: Easy-WebPrint Ajouter à la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html IE: Easy-WebPrint Prévisualiser - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html . - - - - ORPHELINS SUPPRIMES - - - - AddRemove-Adobe_b2b4b1546e74314f8131ded43e4bd9d - c:\program files\Fichiers communs\Adobe\Installers\b2b4b1546e74314f8131ded43e4bd9d\Setup.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-31 18:15 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton AntiVirus] "ImagePath"="\"c:\program files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe\" /s \"Norton AntiVirus\" /m \"c:\program files\Norton AntiVirus\Engine\16.8.0.41\diMaster.dll\" /prefetch:1" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(228) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(1204) c:\progra~1\WINDOW~3\wmpband.dll c:\windows\system32\ieframe.dll . Heure de fin: 2010-05-31 18:20:51 ComboFix-quarantined-files.txt 2010-05-31 16:20 ComboFix2.txt 2010-05-26 21:05 ComboFix3.txt 2010-05-26 20:09 ComboFix4.txt 2010-05-26 19:29 ComboFix5.txt 2010-05-26 22:10 Avant-CF: 83 439 038 464 octets libres Après-CF: 83 389 890 560 octets libres - - End Of File - - 926A31B776B490C50963926C72132727

Et bien je vais le mettre dans mes favoris Je te souhaite une bonne journée et un bon week-end!

merci (hum "Apollo et compagnie".... quelque chose à voir avec toi?)

Ah je vois que tu aimes le défi lol Par contre je n'aurais pas d'accès à internet ce week-end (je peux pas embarquer le portable du boulot cette fois, dommage lol) donc je téléchargerais Combofix lundi pour avoir la dernière mise à jour. Et je ferais aussi un controle de température au cas où... Au fait, quels antivirus gratuit et payant tu me conseilles ?

Salut! le scan complet est ENFIN terminé (ça a "juste" pris +de 4h!). A la fin du scan, il n'y avait pas de petite icône, j'ai directement enregistré le rapport. J'ai redémarré et re-belotte, l'ordi redémarre sans cesse tout seul :/ Voici le rapport Dr Web : Av-test.txt;C:\DOCUME~1\NADGE~1\LOCALS~1\Temp;EICAR Test File (NOT a Virus!);Irréparable.Quarantaine.; {D978B602-089A-4ED8-8FF2-FB51E07468D2}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{05425D51-971;Trojan.PWS.GoldSpy.2268;; {D978B602-089A-4ED8-8FF2-FB51E07468D2}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{05425D51-971;Conteneur comporte des objets infectés;Quarantaine.; {5AAFD0ED-A6F0-4FD3-BD0D-281AFEC5053F}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{2E4D99E6-E22;Trojan.DownLoader1.8300;; {5AAFD0ED-A6F0-4FD3-BD0D-281AFEC5053F}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{2E4D99E6-E22;Conteneur comporte des objets infectés;Quarantaine.; {7F5918EA-AB7F-4E1B-AE2C-F651110FFDD3}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{2E4D99E6-E22;Trojan.DisableSR.10;; {7F5918EA-AB7F-4E1B-AE2C-F651110FFDD3}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{2E4D99E6-E22;Conteneur comporte des objets infectés;Quarantaine.; {9D40AE16-0B96-4B0E-A16E-BF07217E9C69}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{2E4D99E6-E22;Trojan.DisableSR.10;; {9D40AE16-0B96-4B0E-A16E-BF07217E9C69}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{2E4D99E6-E22;Conteneur comporte des objets infectés;Quarantaine.; {01A8B07C-D2F1-48DA-A3A1-7F19EA2F27C8}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {01A8B07C-D2F1-48DA-A3A1-7F19EA2F27C8}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {024DF305-8422-4B4E-84FB-3B6DF3ED4990}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {024DF305-8422-4B4E-84FB-3B6DF3ED4990}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {035113B5-9FF5-46D7-9260-471F97843024}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {035113B5-9FF5-46D7-9260-471F97843024}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {04D2409D-C74A-40C4-8690-35BA39F2E804}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {04D2409D-C74A-40C4-8690-35BA39F2E804}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {04DB0597-F787-4C15-A795-16D1F1325271}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {04DB0597-F787-4C15-A795-16D1F1325271}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {0925F2A5-3731-4F12-B783-E3A0CCD43C6F}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {0925F2A5-3731-4F12-B783-E3A0CCD43C6F}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {0A6C834D-17C3-4BD8-BE15-1D1C077F3828}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {0A6C834D-17C3-4BD8-BE15-1D1C077F3828}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {0CAD7148-7292-48DB-92F6-901C9964767F}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {0CAD7148-7292-48DB-92F6-901C9964767F}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {13EBAACA-EAE4-4BC1-B9D0-49E62E0E7F88}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {13EBAACA-EAE4-4BC1-B9D0-49E62E0E7F88}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {1B825CC1-208A-49D8-9BF0-28A36E149AB2}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {1B825CC1-208A-49D8-9BF0-28A36E149AB2}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {24459500-DF5C-45FF-85F9-BCC7A76607FB}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {24459500-DF5C-45FF-85F9-BCC7A76607FB}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {343EC139-F347-416A-B223-951B580DABC0}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {343EC139-F347-416A-B223-951B580DABC0}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {3770F8B4-D308-4794-A55B-60243A1C44F4}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {3770F8B4-D308-4794-A55B-60243A1C44F4}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {3A522270-A923-45CA-84E1-ACF6C7E5AE57}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {3A522270-A923-45CA-84E1-ACF6C7E5AE57}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {3CB43A68-1B17-4284-B568-1A9F9EF6E103}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {3CB43A68-1B17-4284-B568-1A9F9EF6E103}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {3E67A5DE-6838-4B31-8C7F-D627779C4C3C}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {3E67A5DE-6838-4B31-8C7F-D627779C4C3C}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {3E7603E7-60EC-4094-9EED-22D3A153FFC7}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {3E7603E7-60EC-4094-9EED-22D3A153FFC7}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {470F65C5-406E-4EAF-A80B-FCA56A4E1A0B}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {470F65C5-406E-4EAF-A80B-FCA56A4E1A0B}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {47884837-C9C9-4CB1-B951-1C853DAD5147}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {47884837-C9C9-4CB1-B951-1C853DAD5147}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {4D845D26-EBB9-42CA-AE05-1DE11DB0C4EB}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {4D845D26-EBB9-42CA-AE05-1DE11DB0C4EB}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {5055A7D6-3273-443A-8DAC-889601A8FA85}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {5055A7D6-3273-443A-8DAC-889601A8FA85}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {5683F670-5935-4AD5-9D6A-50962B944DBC}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {5683F670-5935-4AD5-9D6A-50962B944DBC}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {58BAE1AE-925F-42C5-9495-85214B74EF8C}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {58BAE1AE-925F-42C5-9495-85214B74EF8C}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {5BB69283-A6EE-42B0-952A-3EBE81E462F5}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {5BB69283-A6EE-42B0-952A-3EBE81E462F5}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {6188CE95-D39F-4C31-9EE8-0B672D4B3AD6}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {6188CE95-D39F-4C31-9EE8-0B672D4B3AD6}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {6285CBC5-3293-4E31-AD86-DC275CCC0E62}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {6285CBC5-3293-4E31-AD86-DC275CCC0E62}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {68A38243-E1AE-4971-B312-07D23307C4F7}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {68A38243-E1AE-4971-B312-07D23307C4F7}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {6F13AFB5-4508-48E8-A43E-EA3859F0EC50}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {6F13AFB5-4508-48E8-A43E-EA3859F0EC50}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {72CE3595-0386-4BEF-8CC8-00B596EF2891}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {72CE3595-0386-4BEF-8CC8-00B596EF2891}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {74B4E522-70FD-49CF-A34C-021CAB883D50}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {74B4E522-70FD-49CF-A34C-021CAB883D50}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {7E656713-7A5C-48EF-8696-13FEF62D5AF0}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {7E656713-7A5C-48EF-8696-13FEF62D5AF0}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {80E736B6-3078-4564-80AC-23CD6DCEDAA7}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {80E736B6-3078-4564-80AC-23CD6DCEDAA7}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {80F8057A-1FC4-4EEC-BF02-D550C8CF5A84}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {80F8057A-1FC4-4EEC-BF02-D550C8CF5A84}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {824749AB-174B-42AF-AF46-F6AEE2154A5A}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {824749AB-174B-42AF-AF46-F6AEE2154A5A}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {84CB6CB7-B4B1-4F2C-A629-B723FE513D58}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {84CB6CB7-B4B1-4F2C-A629-B723FE513D58}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {8CD759A3-C0B4-43BB-8FD2-F527C0097B18}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {8CD759A3-C0B4-43BB-8FD2-F527C0097B18}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {9BDA1426-3672-4913-AF73-CC02A62349DE}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {9BDA1426-3672-4913-AF73-CC02A62349DE}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {9CAE8AEB-F3E3-4E33-B8AE-FEBAF04B76FE}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {9CAE8AEB-F3E3-4E33-B8AE-FEBAF04B76FE}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {AFFAA708-5398-4055-A40A-653EBEC08985}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.MulDrop1.15398;; {AFFAA708-5398-4055-A40A-653EBEC08985}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {B4446E03-4B61-4757-851D-73D403919EFB}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {B4446E03-4B61-4757-851D-73D403919EFB}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {B5E819AF-52D4-4163-87D3-8F1FA3776C99}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {B5E819AF-52D4-4163-87D3-8F1FA3776C99}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {C3846B1C-1DE5-4525-AF47-FCCA1E5AC226}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {C3846B1C-1DE5-4525-AF47-FCCA1E5AC226}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {C9B86A06-64E4-4665-9E10-FD8DEB7BAE40}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {C9B86A06-64E4-4665-9E10-FD8DEB7BAE40}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {CA12C28F-21F2-4262-8A7F-15CC9FEBA0F6}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {CA12C28F-21F2-4262-8A7F-15CC9FEBA0F6}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {CFBAA88F-7EDA-4C25-8371-97B231B13412}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {CFBAA88F-7EDA-4C25-8371-97B231B13412}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {CFD25927-1F74-4556-AE5B-FBC11E4A1439}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {CFD25927-1F74-4556-AE5B-FBC11E4A1439}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {D512538A-9982-4174-9114-AE813280D885}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {D512538A-9982-4174-9114-AE813280D885}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {D9EAAFFF-E308-469C-9EB4-328A8CF22B85}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {D9EAAFFF-E308-469C-9EB4-328A8CF22B85}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {DA587E07-3268-4DB2-B57A-31CC6AC895F8}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {DA587E07-3268-4DB2-B57A-31CC6AC895F8}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {DEDEE1EF-B6BF-4706-8A77-0868D7B9EB38}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {DEDEE1EF-B6BF-4706-8A77-0868D7B9EB38}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {DF73CC66-93C8-4342-A237-7BEBE0EF4F58}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {DF73CC66-93C8-4342-A237-7BEBE0EF4F58}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {DFDE79AA-880D-42D4-8135-D65CD030AC9C}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {DFDE79AA-880D-42D4-8135-D65CD030AC9C}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {E8635945-0BEE-40B7-B6D7-3C5BDBDDA723}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {E8635945-0BEE-40B7-B6D7-3C5BDBDDA723}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {EAB142E3-9F82-41D9-9795-13EFD46020FA}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {EAB142E3-9F82-41D9-9795-13EFD46020FA}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {EC4ECB6F-F50E-466F-9D50-CD35239BD831}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {EC4ECB6F-F50E-466F-9D50-CD35239BD831}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {F9C6D206-5FCD-412C-B385-310A747F3FAE}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {F9C6D206-5FCD-412C-B385-310A747F3FAE}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {FBB795B1-5329-4CC5-8400-7C78AC5B370C}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Trojan.NtRootKit.6929;; {FBB795B1-5329-4CC5-8400-7C78AC5B370C}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{43B64A98-3A0;Conteneur comporte des objets infectés;Quarantaine.; {730D6B17-3B09-4C16-B209-24D8259CA325}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{5F94D3C9-192;Trojan.DisableSR.10;; {730D6B17-3B09-4C16-B209-24D8259CA325}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{5F94D3C9-192;Conteneur comporte des objets infectés;Quarantaine.; {9C858573-6FB2-4CFF-9846-EAC2E8F257C6}.qbd\data001;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{5F94D3C9-192;Trojan.DisableSR.10;; {9C858573-6FB2-4CFF-9846-EAC2E8F257C6}.qbd;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QBackup\{5F94D3C9-192;Conteneur comporte des objets infectés;Quarantaine.; RegUBP2b-Nadège.reg;C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2;Trojan.StartPage.1505;Supprimé.; Setup.exe\data004;C:\Program Files\Fichiers communs\Adobe\Installers\b2b4b1546e74314f8131ded43e4bd9d\Setup.exe;Trojan.KeyLogger.5996;; Setup.exe;C:\Program Files\Fichiers communs\Adobe\Installers\b2b4b1546e74314f8131ded43e4bd9d;Conteneur comporte des objets infectés;Quarantaine.; cooper.mine.vir;C:\Qoobox\Quarantine\C\WINDOWS\system32;Win32.HLLW.Okamai.7;Supprimé.; h7t.wt.vir;C:\Qoobox\Quarantine\C\WINDOWS\system32;Win32.HLLW.Okamai.5;Supprimé.; hgtd.ruy.vir;C:\Qoobox\Quarantine\C\WINDOWS\system32;Win32.HLLW.Okamai.5;Supprimé.; grpconv.exe.vir;C:\Qoobox\Quarantine\C\WINDOWS\system32\wbem;Trojan.Botnetlog.158;Supprimé.; A0001327.sys;C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP6;BackDoor.Bulknet.417;Désinfecté.; A0003109.reg;C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP6;Trojan.StartPage.1505;Supprimé.; A0003110.exe\data004;C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP6\A0003110.exe;Trojan.KeyLogger.5996;; A0003110.exe;C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP6;Conteneur comporte des objets infectés;Quarantaine.; Vu l'heure, à demain surement lol

ok! je ferais ça demain car je pique du nez aussi a demain!

J'ai relancé Combofix, et à l'étape 3... l'ordi a redémarré, tout seul! c normal? non en fait il n'arrete pas de redémarrer si je le lance en mode normal!

Windows n'a rien dit! Par contre ça c'est passé très vite et il me semble qu'il était écrit 2 fois "1 fichier(s) copié(s)"... ou alors j'ai mal vu, c'est possible aussi

rooooh on dirait que mon ordi te lance un défi

oui oui j'approuve, vaut mieux 2 avis voici le rapport : ComboFix 10-05-26.01 - Nadège 26/05/2010 22:56:38.5.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1022.492 [GMT 2:00] Lancé depuis: c:\documents and settings\Nadège\Bureau\panpan.exe Commutateurs utilisés :: c:\documents and settings\Nadège\Bureau\CFScript.txt AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\grpconv.exe . . . manque!! . ((((((((((((((((((((((((((((( Fichiers créés du 2010-04-26 au 2010-05-26 )))))))))))))))))))))))))))))))))))) . 2010-05-24 12:21 . 2010-05-24 12:21 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2010-05-24 12:09 . 2010-05-24 12:09 -------- d--h--w- c:\windows\msdownld.tmp 2010-05-24 12:04 . 2010-05-24 12:09 -------- dc-h--w- c:\windows\ie8 2010-05-24 12:01 . 2010-05-24 12:04 -------- d-----w- c:\windows\system32\MpEngineStore 2010-05-22 19:15 . 2010-05-22 19:16 -------- d-----w- c:\windows\61D3AAE1D5214CD7939B37813DE8F955.TMP 2010-05-22 16:43 . 2010-05-22 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-05-22 16:43 . 2010-05-23 08:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-21 19:30 . 2010-05-23 10:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-21 19:27 . 2010-05-23 09:56 -------- d-----w- c:\windows\system32\config\systemprofile\Tracing 2010-05-20 19:06 . 2010-05-20 19:06 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard 2010-05-19 16:30 . 2004-08-03 20:59 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys 2010-05-19 16:30 . 2004-08-03 20:59 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 ----a-w- c:\windows\system32\drivers\i2omgmt.sys 2010-05-19 16:30 . 2010-05-19 16:30 211072 -c--a-w- c:\windows\system32\dllcache\ndis.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 ----a-w- c:\windows\system32\drivers\changer.sys 2010-05-08 14:39 . 2010-05-08 14:39 37192 ---ha-w- c:\windows\system32\mlfcache.dat 2010-05-08 14:35 . 2010-05-08 14:36 -------- d-----w- c:\program files\Safari 2010-05-05 15:54 . 2010-05-05 15:54 -------- d-----w- c:\program files\Namtuk . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-26 19:53 . 2009-03-08 10:35 12914 ----a-w- c:\windows\system32\tablet.dat 2010-05-25 19:01 . 2001-08-23 17:15 3328 ----a-w- c:\windows\system32\drivers\pciide.sys 2010-05-23 08:37 . 2006-09-22 11:49 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-05-08 14:35 . 2007-11-15 18:50 -------- d-----w- c:\program files\Fichiers communs\Apple 2010-05-02 18:43 . 2009-07-03 18:45 -------- d-----w- c:\program files\Replay Music 3 2010-05-02 18:26 . 2009-07-03 18:45 323584 ----a-w- c:\windows\system32\AUDIOGENIE2.DLL 2010-03-29 15:38 . 2006-09-15 12:24 75704 ----a-w- c:\windows\system32\perfc00C.dat 2010-03-29 15:38 . 2006-09-15 12:24 468728 ----a-w- c:\windows\system32\perfh00C.dat 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll 2010-03-10 20:33 . 2010-03-10 20:33 300616 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll 2010-03-10 20:32 . 2010-03-10 20:32 329312 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll 2010-03-04 02:00 . 2010-03-04 02:00 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe . ------- Sigcheck ------- [-] 2010-05-19 16:30 . 93B984ECAFF503D80C61E76A9959CEEA . 211072 . . [------] . . c:\windows\system32\dllcache\ndis.sys c:\windows\System32\drivers\ndis.sys ... manque !! . ((((((((((((((((((((((((((((( SnapShot@2010-05-25_21.15.21 ))))))))))))))))))))))))))))))))))))))))) . + 2010-05-26 19:54 . 2010-05-26 19:54 16384 c:\windows\Temp\Perflib_Perfdata_4dc.dat + 2010-05-26 19:52 . 2010-05-26 19:52 16384 c:\windows\Temp\Perflib_Perfdata_4a0.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-01 7557120] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] c:\documents and settings\NadŠge\Menu D‚marrer\Programmes\D‚marrage\ Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-3-17 59080] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-908\dslmon.exe [2008-3-24 962663] Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-18 65588] TabUserW.exe.lnk - c:\windows\system32\WTablet\TabUserW.exe [2009-3-8 114688] Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2006-3-26 257752] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\Nadège\\Mes documents\\Downloads\\utorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Orbitdownloader\\orbitnet.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1008000.029\SymEFA.sys [04/02/2010 18:12 310320] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NAV\1008000.029\BHDrvx86.sys [04/02/2010 18:12 259632] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1008000.029\cchpx86.sys [04/02/2010 18:12 482432] R2 Norton AntiVirus;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe [04/02/2010 18:12 117640] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [27/08/2009 10:00 102448] R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [22/09/2006 13:56 7040] S1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100513.002\IDSXpx86.sys [18/05/2010 17:50 329592] S1 nayqfzfg;nayqfzfg;\??\c:\windows\system32\drivers\nayqfzfg.sys --> c:\windows\system32\drivers\nayqfzfg.sys [?] S3 adiusbae;USB ADSL LAN Adapter;c:\windows\system32\drivers\adiusbae.sys [24/03/2008 15:20 117673] S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [15/09/2009 20:12 21344] S3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\wsaudiodevice_383.sys [26/06/2009 20:51 16640] --- Autres Services/Pilotes en mémoire --- *Deregistered* - klmd23 . Contenu du dossier 'Tâches planifiées' 2010-04-29 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-05-26 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2054951153-2501660682-707765859-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2010-05-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2054951153-2501660682-707765859-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] . . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204 IE: &MSN Search - c:\program files\MSN Toolbar Suite\msntb.dll/search.htm IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202 IE: Easy-WebPrint Ajouter à la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html IE: Easy-WebPrint Prévisualiser - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-26 23:02 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton AntiVirus] "ImagePath"="\"c:\program files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe\" /s \"Norton AntiVirus\" /m \"c:\program files\Norton AntiVirus\Engine\16.8.0.41\diMaster.dll\" /prefetch:1" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(308) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(1544) c:\progra~1\WINDOW~3\wmpband.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Heure de fin: 2010-05-26 23:05:06 ComboFix-quarantined-files.txt 2010-05-26 21:05 ComboFix2.txt 2010-05-26 20:09 ComboFix3.txt 2010-05-26 19:29 ComboFix4.txt 2010-05-26 18:58 Avant-CF: 82 496 716 800 octets libres Après-CF: 82 471 776 256 octets libres - - End Of File - - 26CB7FEDCDF1CD9DDEBA36CDBC4872E9

Et voilà! 22:27:57:078 3272 TDSS rootkit removing tool 2.3.1.0 May 25 2010 12:52:14 22:27:57:078 3272 ================================================================================ 22:27:57:078 3272 SystemInfo: 22:27:57:078 3272 OS Version: 5.1.2600 ServicePack: 2.0 22:27:57:078 3272 Product type: Workstation 22:27:57:078 3272 ComputerName: TOSH 22:27:57:078 3272 UserName: Nadège 22:27:57:078 3272 Windows directory: C:\WINDOWS 22:27:57:078 3272 Processor architecture: Intel x86 22:27:57:078 3272 Number of processors: 2 22:27:57:078 3272 Page size: 0x1000 22:27:57:078 3272 Boot type: Normal boot 22:27:57:078 3272 ================================================================================ 22:27:57:906 3272 Initialize success 22:27:57:906 3272 22:27:57:906 3272 Scanning Services ... 22:27:59:468 3272 Raw services enum returned 378 services 22:27:59:468 3272 22:27:59:468 3272 Scanning Drivers ... 22:28:01:062 3272 ACPI (0bd94fbfc14ea3606cd6ca4c0255baa3) C:\WINDOWS\system32\DRIVERS\ACPI.sys 22:28:01:140 3272 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 22:28:01:203 3272 ADILOADER (6278ab04aae16c1438f3c4d34706c3b7) C:\WINDOWS\system32\Drivers\adildr.sys 22:28:01:312 3272 adiusbae (bdab1cd900c9130f79132a1a29328aaa) C:\WINDOWS\system32\DRIVERS\adiusbae.sys 22:28:01:437 3272 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys 22:28:01:500 3272 AegisP (15e655baa989444f56787ef558823643) C:\WINDOWS\system32\DRIVERS\AegisP.sys 22:28:01:562 3272 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys 22:28:01:718 3272 AgereSoftModem (c41a5740468d0b9cb46e6390a0e15ce3) C:\WINDOWS\system32\DRIVERS\AGRSM.sys 22:28:02:203 3272 AR5211 (65b963f05458a7ee00473eb21ce3789d) C:\WINDOWS\system32\DRIVERS\ar5211.sys 22:28:02:265 3272 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 22:28:02:328 3272 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 22:28:02:375 3272 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys 22:28:02:546 3272 ati2mtag (221f0a33229cce7bf2f7640d3bb8845d) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 22:28:02:609 3272 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 22:28:02:734 3272 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 22:28:02:750 3272 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 22:28:02:890 3272 BHDrvx86 (76154fa6a742c613b44bb636b1a7c057) C:\WINDOWS\System32\Drivers\NAV\1008000.029\BHDrvx86.sys 22:28:03:328 3272 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 22:28:03:484 3272 ccHP (8973ff34b83572d867b5b928905ad5ac) C:\WINDOWS\System32\Drivers\NAV\1008000.029\ccHPx86.sys 22:28:03:562 3272 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 22:28:03:593 3272 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys 22:28:03:687 3272 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys 22:28:03:765 3272 Changer (daf1a8193b6caf0fb858cadcc5c4af4a) C:\WINDOWS\system32\drivers\Changer.sys 22:28:03:843 3272 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 22:28:03:906 3272 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys 22:28:03:968 3272 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys 22:28:04:015 3272 DLABOIOM (ee4325becef51b8c32b4329097e4f301) C:\WINDOWS\system32\DLA\DLABOIOM.SYS 22:28:04:046 3272 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS 22:28:04:078 3272 DLADResN (1519522fd0cc96e84bd0eaf585cdbf65) C:\WINDOWS\system32\DLA\DLADResN.SYS 22:28:04:125 3272 DLAIFS_M (752376e109a090970bfa9722f0f40b03) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 22:28:04:343 3272 DLAOPIOM (62ee7902e74b90bf1ccc4643fc6c07a7) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 22:28:04:375 3272 DLAPoolM (5c220124c5afeaee84a9bb89d685c17b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS 22:28:04:421 3272 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS 22:28:04:453 3272 DLAUDFAM (4ebb78d9bbf072119363b35b9b3e518f) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 22:28:04:484 3272 DLAUDF_M (333b770e52d2cea7bd86391120466e43) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 22:28:04:562 3272 dmboot (e2d3b7620310fe56685f9b15a6b404b3) C:\WINDOWS\system32\drivers\dmboot.sys 22:28:04:656 3272 dmio (c77f5c20aa70197a69aa84baa9de43c8) C:\WINDOWS\system32\drivers\dmio.sys 22:28:04:671 3272 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 22:28:04:687 3272 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys 22:28:04:734 3272 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys 22:28:04:765 3272 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS 22:28:04:781 3272 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS 22:28:04:812 3272 E100B (83403675cab29e7a4b885b11e7c855d8) C:\WINDOWS\system32\DRIVERS\e100b325.sys 22:28:05:140 3272 eeCtrl (96bcd90ed9235a21629effde5e941fb1) C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys 22:28:05:187 3272 EraserUtilRebootDrv (392c86f6b45c0bc696c32c27f51e749f) C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 22:28:05:500 3272 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys 22:28:05:593 3272 fbxusb (504e93682655a7b3af1fb5bff3f44322) C:\WINDOWS\system32\DRIVERS\fbxusb32.sys 22:28:05:656 3272 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys 22:28:05:671 3272 Fips (8b121ff880683607ab2aef0340721718) C:\WINDOWS\system32\drivers\Fips.sys 22:28:05:703 3272 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys 22:28:05:781 3272 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 22:28:05:875 3272 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 22:28:05:906 3272 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 22:28:05:953 3272 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 22:28:06:015 3272 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys 22:28:06:234 3272 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 22:28:06:328 3272 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys 22:28:06:453 3272 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys 22:28:06:531 3272 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys 22:28:06:609 3272 i8042prt (d1efcbd693b5ba21314d06368c471070) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 22:28:06:687 3272 ialm (0f0194c4b635c10c3f785e4fee52d641) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 22:28:07:046 3272 IDSxpx86 (6e42876010256ee5119baf0838574e0c) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100513.002\IDSxpx86.sys 22:28:07:343 3272 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys 22:28:07:687 3272 IntcAzAudAddService (7c09d605fcae64e3cb11ebf90fb1e3a1) C:\WINDOWS\system32\drivers\RtkHDAud.sys 22:28:07:843 3272 intelppm (dd5ad1e79ac26d3f8d8828ad4627f160) C:\WINDOWS\system32\DRIVERS\intelppm.sys 22:28:07:875 3272 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 22:28:08:125 3272 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 22:28:08:375 3272 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys 22:28:08:531 3272 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys 22:28:08:562 3272 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys 22:28:08:609 3272 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys 22:28:08:656 3272 isapnp (54632f1a7de61dc3615d756f2a90fa72) C:\WINDOWS\system32\DRIVERS\isapnp.sys 22:28:08:671 3272 Kbdclass (e798705e8dc7fab596ef6bfdf167e007) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 22:28:08:687 3272 kbdhid (62dd5eefcec4ef4163f1168d4262a9e4) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 22:28:08:750 3272 klmd23 (0b06b0a25e08df0d536402bce3bde61e) C:\WINDOWS\system32\drivers\klmd.sys 22:28:08:796 3272 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys 22:28:08:859 3272 KSecDD (1be7cc2535d760ae4d481576eb789f24) C:\WINDOWS\system32\drivers\KSecDD.sys 22:28:09:171 3272 lbrtfdc (cc50a66548c2f285bc8a7b0b8aa578e3) C:\WINDOWS\system32\drivers\lbrtfdc.sys 22:28:09:218 3272 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys 22:28:09:281 3272 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 22:28:09:343 3272 Modem (5ac7e16f5b40a6da14b5f2b3ada4693e) C:\WINDOWS\system32\drivers\Modem.sys 22:28:09:359 3272 Mouclass (7d4f19411bd941e1d432a99e24230386) C:\WINDOWS\system32\DRIVERS\mouclass.sys 22:28:09:421 3272 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 22:28:09:484 3272 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys 22:28:09:578 3272 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 22:28:09:671 3272 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 22:28:09:750 3272 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys 22:28:10:000 3272 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys 22:28:10:046 3272 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 22:28:10:078 3272 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys 22:28:10:093 3272 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 22:28:10:109 3272 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys 22:28:10:453 3272 NAVENG (83518e6cc82bdc3c3db0c12d1c9a2275) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100523.004\NAVENG.SYS 22:28:10:593 3272 NAVEX15 (85cf37740fe06c7a2eaa7f6c81f0819c) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100523.004\NAVEX15.SYS 22:28:11:062 3272 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 22:28:11:109 3272 Ndisuio (eefa1ce63805d2145978621be5c6d955) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 22:28:11:484 3272 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 22:28:11:562 3272 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys 22:28:11:953 3272 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys 22:28:12:140 3272 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys 22:28:12:156 3272 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys 22:28:12:312 3272 NETw3x32 (50f5de54e1d1646c02078f3eddc15a8e) C:\WINDOWS\system32\DRIVERS\NETw3x32.sys 22:28:12:421 3272 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys 22:28:12:453 3272 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys 22:28:12:500 3272 NSNDIS5 (53f7546e8daefb3a0813f5e19c4613c9) C:\WINDOWS\system32\NSNDIS5.SYS 22:28:12:890 3272 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys 22:28:13:187 3272 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 22:28:13:421 3272 nv (ac5267c71f72fb42511ed5790ba0e9f5) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 22:28:13:562 3272 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 22:28:13:578 3272 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 22:28:13:875 3272 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 22:28:13:937 3272 Parport (318696359ac7df48d1e51974ec527dd2) C:\WINDOWS\system32\drivers\Parport.sys 22:28:13:984 3272 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys 22:28:14:031 3272 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 22:28:14:078 3272 PCI (7c5da5c1ed801ad8b0309d5514f0b75e) C:\WINDOWS\system32\DRIVERS\pci.sys 22:28:14:125 3272 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 22:28:14:140 3272 Pcmcia (641da274e163617ea7a33506bc6da8e3) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 22:28:14:187 3272 PenClass (4a108cc9cc0e0605e68cce7021479879) C:\WINDOWS\system32\Drivers\PenClass.sys 22:28:14:296 3272 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys 22:28:14:343 3272 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys 22:28:14:375 3272 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 22:28:14:406 3272 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys 22:28:14:484 3272 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 22:28:14:515 3272 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 22:28:14:531 3272 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 22:28:14:546 3272 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 22:28:14:578 3272 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys 22:28:14:625 3272 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 22:28:14:671 3272 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 22:28:15:015 3272 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys 22:28:15:062 3272 redbook (2cc30b68dd62b73d444a41322cd7fc4c) C:\WINDOWS\system32\DRIVERS\redbook.sys 22:28:15:140 3272 s24trans (2862adb14481ac28f98105ff33a99eb0) C:\WINDOWS\system32\DRIVERS\s24trans.sys 22:28:15:218 3272 sdbus (a1ab8355ecf5ace3f2d5a47fc8a231e9) C:\WINDOWS\system32\DRIVERS\sdbus.sys 22:28:15:296 3272 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 22:28:15:359 3272 Serial (653201755ca96ab4aaa4131daf6da356) C:\WINDOWS\system32\drivers\Serial.sys 22:28:15:390 3272 sffdisk (6d669b3532b54c5ffafca6d80aea260a) C:\WINDOWS\system32\DRIVERS\sffdisk.sys 22:28:15:421 3272 sffp_sd (9a1cb664621383746c9e2ae350cb02db) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys 22:28:15:437 3272 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys 22:28:15:531 3272 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys 22:28:15:593 3272 sr (b52181023b827acda36c1b76751ebffd) C:\WINDOWS\system32\DRIVERS\sr.sys 22:28:15:734 3272 SRTSP (e81f6caeab9ad5732e94c07c97866aa2) C:\WINDOWS\System32\Drivers\NAV\1008000.029\SRTSP.SYS 22:28:16:062 3272 SRTSPX (e28de499d942b08058bffac69d4122b6) C:\WINDOWS\system32\drivers\NAV\1008000.029\SRTSPX.SYS 22:28:16:140 3272 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys 22:28:16:250 3272 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys 22:28:16:281 3272 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys 22:28:16:390 3272 SymEFA (d0885f6e24259a6c65e68d6ad749910a) C:\WINDOWS\system32\drivers\NAV\1008000.029\SYMEFA.SYS 22:28:16:500 3272 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 22:28:16:640 3272 SYMFW (1e825026436c4eac3e1a11d1e9c33f2c) C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMFW.SYS 22:28:16:953 3272 SYMIDS (7a20b7d774ef0f16cf81b898bfeca772) C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMIDS.SYS 22:28:17:031 3272 SymIM (c6db9f873b09c63f5cb1de10c08bf6f9) C:\WINDOWS\system32\DRIVERS\SymIM.sys 22:28:17:031 3272 SymIMMP (c6db9f873b09c63f5cb1de10c08bf6f9) C:\WINDOWS\system32\DRIVERS\SymIM.sys 22:28:17:062 3272 SYMNDIS (5ab7d00ea6b7a6fcd5067c632ec6f039) C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMNDIS.SYS 22:28:17:140 3272 SYMTDI (e4fa8bbb96e314e9508865de1a767538) C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMTDI.SYS 22:28:17:234 3272 SynTP (a6cc8c28d5aad4179ef32f05bed55e91) C:\WINDOWS\system32\DRIVERS\SynTP.sys 22:28:17:296 3272 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys 22:28:17:390 3272 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys 22:28:17:437 3272 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys 22:28:17:484 3272 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys 22:28:17:546 3272 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys 22:28:17:578 3272 tifm21 (244cfbffdefb77f3df571a8cd108fc06) C:\WINDOWS\system32\drivers\tifm21.sys 22:28:17:640 3272 tosrfec (cc069342ee0eae55b32a0ae99cf6185c) C:\WINDOWS\system32\DRIVERS\tosrfec.sys 22:28:17:656 3272 TVALD (676db15ddf2e0ff6ec03068dea428b8b) C:\WINDOWS\system32\DRIVERS\NBSMI.sys 22:28:17:937 3272 Tvs (546dfba6486569120d33f7ad6e94efdd) C:\WINDOWS\system32\DRIVERS\Tvs.sys 22:28:18:062 3272 Udfs (7cef3e36843bf5dd55120fcce88800ce) C:\WINDOWS\system32\drivers\Udfs.sys 22:28:18:171 3272 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys 22:28:18:265 3272 USBAAPL (60a68a5ea173a97971ee9f1ff49eb2b3) C:\WINDOWS\system32\Drivers\usbaapl.sys 22:28:18:312 3272 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys 22:28:18:359 3272 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys 22:28:18:390 3272 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys 22:28:18:703 3272 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 22:28:19:062 3272 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 22:28:19:187 3272 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys 22:28:19:250 3272 VolSnap (313b1a0d5db26dfe1c34a6c13b2ce0a7) C:\WINDOWS\system32\drivers\VolSnap.sys 22:28:19:281 3272 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys 22:28:19:359 3272 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys 22:28:19:453 3272 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 22:28:19:546 3272 WsAudioDevice_383 (85ece26f326c2d07ba77a60343468272) C:\WINDOWS\system32\drivers\WsAudioDevice_383.sys 22:28:19:640 3272 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 22:28:19:843 3272 WUDFRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 22:28:20:031 3272 X10Hid (81e8da36ce70858898d5eb81e28a47d2) C:\WINDOWS\system32\Drivers\x10hid.sys 22:28:20:046 3272 22:28:20:046 3272 Completed 22:28:20:046 3272 22:28:20:046 3272 Results: 22:28:20:046 3272 Registry objects infected / cured / cured on reboot: 0 / 0 / 0 22:28:20:046 3272 File objects infected / cured / cured on reboot: 0 / 0 / 0 22:28:20:046 3272 22:28:20:046 3272 KLMD(ARK) unloaded successfully

ComboFix 10-05-26.01 - Nadège 26/05/2010 21:57:32.4.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1022.458 [GMT 2:00] Lancé depuis: c:\documents and settings\Nadège\Bureau\panpan.exe AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\grpconv.exe . . . manque!! . ((((((((((((((((((((((((((((( Fichiers créés du 2010-04-26 au 2010-05-26 )))))))))))))))))))))))))))))))))))) . 2010-05-24 12:21 . 2010-05-24 12:21 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2010-05-24 12:09 . 2010-05-24 12:09 -------- d--h--w- c:\windows\msdownld.tmp 2010-05-24 12:04 . 2010-05-24 12:09 -------- dc-h--w- c:\windows\ie8 2010-05-24 12:01 . 2010-05-24 12:04 -------- d-----w- c:\windows\system32\MpEngineStore 2010-05-22 19:15 . 2010-05-22 19:16 -------- d-----w- c:\windows\61D3AAE1D5214CD7939B37813DE8F955.TMP 2010-05-22 16:43 . 2010-05-22 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-05-22 16:43 . 2010-05-23 08:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-21 19:30 . 2010-05-23 10:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-21 19:27 . 2010-05-23 09:56 -------- d-----w- c:\windows\system32\config\systemprofile\Tracing 2010-05-20 19:06 . 2010-05-20 19:06 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard 2010-05-19 16:30 . 2004-08-03 20:59 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys 2010-05-19 16:30 . 2004-08-03 20:59 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 ----a-w- c:\windows\system32\drivers\i2omgmt.sys 2010-05-19 16:30 . 2010-05-19 16:30 211072 -c--a-w- c:\windows\system32\dllcache\ndis.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 ----a-w- c:\windows\system32\drivers\changer.sys 2010-05-08 14:39 . 2010-05-08 14:39 37192 ---ha-w- c:\windows\system32\mlfcache.dat 2010-05-08 14:35 . 2010-05-08 14:36 -------- d-----w- c:\program files\Safari 2010-05-05 15:54 . 2010-05-05 15:54 -------- d-----w- c:\program files\Namtuk . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-26 19:53 . 2009-03-08 10:35 12914 ----a-w- c:\windows\system32\tablet.dat 2010-05-25 19:01 . 2001-08-23 17:15 3328 ----a-w- c:\windows\system32\drivers\pciide.sys 2010-05-23 08:37 . 2006-09-22 11:49 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-05-08 14:35 . 2007-11-15 18:50 -------- d-----w- c:\program files\Fichiers communs\Apple 2010-05-02 18:43 . 2009-07-03 18:45 -------- d-----w- c:\program files\Replay Music 3 2010-05-02 18:26 . 2009-07-03 18:45 323584 ----a-w- c:\windows\system32\AUDIOGENIE2.DLL 2010-03-29 15:38 . 2006-09-15 12:24 75704 ----a-w- c:\windows\system32\perfc00C.dat 2010-03-29 15:38 . 2006-09-15 12:24 468728 ----a-w- c:\windows\system32\perfh00C.dat 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll 2010-03-10 20:33 . 2010-03-10 20:33 300616 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll 2010-03-10 20:32 . 2010-03-10 20:32 329312 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll 2010-03-04 02:00 . 2010-03-04 02:00 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe . ------- Sigcheck ------- [-] 2010-05-19 16:30 . 93B984ECAFF503D80C61E76A9959CEEA . 211072 . . [------] . . c:\windows\system32\dllcache\ndis.sys c:\windows\System32\drivers\ndis.sys ... manque !! . ((((((((((((((((((((((((((((( SnapShot@2010-05-25_21.15.21 ))))))))))))))))))))))))))))))))))))))))) . + 2010-05-26 19:54 . 2010-05-26 19:54 16384 c:\windows\Temp\Perflib_Perfdata_4dc.dat + 2010-05-26 19:52 . 2010-05-26 19:52 16384 c:\windows\Temp\Perflib_Perfdata_4a0.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-01 7557120] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] c:\documents and settings\NadŠge\Menu D‚marrer\Programmes\D‚marrage\ Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-3-17 59080] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-908\dslmon.exe [2008-3-24 962663] Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-18 65588] TabUserW.exe.lnk - c:\windows\system32\WTablet\TabUserW.exe [2009-3-8 114688] Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2006-3-26 257752] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\Nadège\\Mes documents\\Downloads\\utorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Orbitdownloader\\orbitnet.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1008000.029\SymEFA.sys [04/02/2010 18:12 310320] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NAV\1008000.029\BHDrvx86.sys [04/02/2010 18:12 259632] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1008000.029\cchpx86.sys [04/02/2010 18:12 482432] R2 Norton AntiVirus;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe [04/02/2010 18:12 117640] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [27/08/2009 10:00 102448] R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [22/09/2006 13:56 7040] S1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100513.002\IDSXpx86.sys [18/05/2010 17:50 329592] S1 nayqfzfg;nayqfzfg;\??\c:\windows\system32\drivers\nayqfzfg.sys --> c:\windows\system32\drivers\nayqfzfg.sys [?] S3 adiusbae;USB ADSL LAN Adapter;c:\windows\system32\drivers\adiusbae.sys [24/03/2008 15:20 117673] S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [15/09/2009 20:12 21344] S3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\wsaudiodevice_383.sys [26/06/2009 20:51 16640] . Contenu du dossier 'Tâches planifiées' 2010-04-29 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-05-26 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2054951153-2501660682-707765859-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2010-05-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2054951153-2501660682-707765859-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] . . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204 IE: &MSN Search - c:\program files\MSN Toolbar Suite\msntb.dll/search.htm IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202 IE: Easy-WebPrint Ajouter à la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html IE: Easy-WebPrint Prévisualiser - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-26 22:05 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton AntiVirus] "ImagePath"="\"c:\program files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe\" /s \"Norton AntiVirus\" /m \"c:\program files\Norton AntiVirus\Engine\16.8.0.41\diMaster.dll\" /prefetch:1" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(308) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3180) c:\progra~1\WINDOW~3\wmpband.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Heure de fin: 2010-05-26 22:09:06 ComboFix-quarantined-files.txt 2010-05-26 20:09 ComboFix2.txt 2010-05-26 19:29 ComboFix3.txt 2010-05-26 18:58 Avant-CF: 82 527 608 832 octets libres Après-CF: 82 474 561 536 octets libres - - End Of File - - C664C96CA0A47C2CA9DBC5101956877D

J'ai fait la manip mais je n'ai pas eu de rapport nommé CF_RC.txt Par contre j'ai eu un rapport Combofix.txt ComboFix 10-05-26.01 - Nadège 26/05/2010 21:23:02.3.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1022.506 [GMT 2:00] Lancé depuis: c:\documents and settings\Nadège\Bureau\panpan.exe Commutateurs utilisés :: c:\documents and settings\Nadège\Bureau\WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Fichiers communs\Real\Update_OB\lang\rpsearch_fr.dll c:\program files\Real\RealPlayer\converter\rnuninst_fr.dll c:\program files\Real\RealPlayer\lang\cdplay_fr.dll c:\program files\Real\RealPlayer\lang\dbcomp_fr.dll c:\program files\Real\RealPlayer\lang\embed_fr.dll c:\program files\Real\RealPlayer\lang\gemctl_fr.dll c:\program files\Real\RealPlayer\lang\mydevices_fr.dll c:\program files\Real\RealPlayer\lang\pngui_fr.dll c:\program files\Real\RealPlayer\lang\rjctl_fr.dll c:\program files\Real\RealPlayer\lang\rjdlg_fr.dll c:\program files\Real\RealPlayer\lang\rjeq_fr.dll c:\program files\Real\RealPlayer\lang\rjfade_fr.dll c:\program files\Real\RealPlayer\lang\rjmisc_fr.dll c:\program files\Real\RealPlayer\lang\rjprog_fr.dll c:\program files\Real\RealPlayer\lang\rjres_fr.dll c:\program files\Real\RealPlayer\lang\rjskin_fr.dll c:\program files\Real\RealPlayer\lang\rjviz_fr.dll c:\program files\Real\RealPlayer\lang\rjwma_fr.dll c:\program files\Real\RealPlayer\lang\rnuninst_fr.dll c:\program files\Real\RealPlayer\lang\rpapp_fr.dll c:\program files\Real\RealPlayer\lang\rpbgr_fr.dll c:\program files\Real\RealPlayer\lang\rpbrp_fr.dll c:\program files\Real\RealPlayer\lang\rpclsvc_fr.dll c:\program files\Real\RealPlayer\lang\rpclutil_fr.dll c:\program files\Real\RealPlayer\lang\rpdemand_fr.dll c:\program files\Real\RealPlayer\lang\rpdsplyr_fr.dll c:\program files\Real\RealPlayer\lang\rpext_fr.dll c:\program files\Real\RealPlayer\lang\rpgutil_fr.dll c:\program files\Real\RealPlayer\lang\rpmnpane_fr.dll c:\program files\Real\RealPlayer\lang\rpplylst_fr.dll c:\program files\Real\RealPlayer\lang\rpsearch_fr.dll c:\program files\Real\RealPlayer\lang\rpwebctl_fr.dll c:\program files\Real\RealPlayer\lang\systray_fr.dll c:\program files\Real\RealPlayer\lang\tcdinfo_fr.dll c:\program files\Real\RealPlayer\lang\tclsvc_fr.dll c:\program files\Real\RealPlayer\lang\tdwnmgr_fr.dll c:\program files\Real\RealPlayer\lang\tearm_fr.dll c:\program files\Real\RealPlayer\lang\teasdk_fr.dll c:\program files\Real\RealPlayer\lang\tmdedit_fr.dll c:\program files\Real\RealPlayer\lang\tmp3_fr.dll c:\program files\Real\RealPlayer\lang\twave_fr.dll c:\program files\Real\RealPlayer\lang\upgrdhlp_fr.dll c:\program files\Real\RealPlayer\lang\upgrdlib_fr.dll c:\windows\system32\grpconv.exe . . . manque!! . ((((((((((((((((((((((((((((( Fichiers créés du 2010-04-26 au 2010-05-26 )))))))))))))))))))))))))))))))))))) . 2010-05-24 12:21 . 2010-05-24 12:21 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2010-05-24 12:09 . 2010-05-24 12:09 -------- d--h--w- c:\windows\msdownld.tmp 2010-05-24 12:04 . 2010-05-24 12:09 -------- dc-h--w- c:\windows\ie8 2010-05-24 12:01 . 2010-05-24 12:04 -------- d-----w- c:\windows\system32\MpEngineStore 2010-05-22 19:15 . 2010-05-22 19:16 -------- d-----w- c:\windows\61D3AAE1D5214CD7939B37813DE8F955.TMP 2010-05-22 16:43 . 2010-05-22 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-05-22 16:43 . 2010-05-23 08:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-21 19:30 . 2010-05-23 10:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-21 19:27 . 2010-05-23 09:56 -------- d-----w- c:\windows\system32\config\systemprofile\Tracing 2010-05-20 19:06 . 2010-05-20 19:06 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard 2010-05-19 16:30 . 2004-08-03 20:59 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys 2010-05-19 16:30 . 2004-08-03 20:59 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 ----a-w- c:\windows\system32\drivers\i2omgmt.sys 2010-05-19 16:30 . 2010-05-19 16:30 211072 -c--a-w- c:\windows\system32\dllcache\ndis.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 ----a-w- c:\windows\system32\drivers\changer.sys 2010-05-08 14:39 . 2010-05-08 14:39 37192 ---ha-w- c:\windows\system32\mlfcache.dat 2010-05-08 14:35 . 2010-05-08 14:36 -------- d-----w- c:\program files\Safari 2010-05-05 15:54 . 2010-05-05 15:54 -------- d-----w- c:\program files\Namtuk . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-26 17:59 . 2009-03-08 10:35 12914 ----a-w- c:\windows\system32\tablet.dat 2010-05-25 19:01 . 2001-08-23 17:15 3328 ----a-w- c:\windows\system32\drivers\pciide.sys 2010-05-23 08:37 . 2006-09-22 11:49 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-05-08 14:35 . 2007-11-15 18:50 -------- d-----w- c:\program files\Fichiers communs\Apple 2010-05-02 18:43 . 2009-07-03 18:45 -------- d-----w- c:\program files\Replay Music 3 2010-05-02 18:26 . 2009-07-03 18:45 323584 ----a-w- c:\windows\system32\AUDIOGENIE2.DLL 2010-03-29 15:38 . 2006-09-15 12:24 75704 ----a-w- c:\windows\system32\perfc00C.dat 2010-03-29 15:38 . 2006-09-15 12:24 468728 ----a-w- c:\windows\system32\perfh00C.dat 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll 2010-03-10 20:33 . 2010-03-10 20:33 300616 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll 2010-03-10 20:32 . 2010-03-10 20:32 329312 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll 2010-03-04 02:00 . 2010-03-04 02:00 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe . ------- Sigcheck ------- [-] 2010-05-19 16:30 . 93B984ECAFF503D80C61E76A9959CEEA . 211072 . . [------] . . c:\windows\system32\dllcache\ndis.sys c:\windows\System32\drivers\ndis.sys ... manque !! . ((((((((((((((((((((((((((((( SnapShot@2010-05-25_21.15.21 ))))))))))))))))))))))))))))))))))))))))) . + 2010-05-26 17:59 . 2010-05-26 17:59 16384 c:\windows\Temp\Perflib_Perfdata_60c.dat + 2010-05-26 17:58 . 2010-05-26 17:58 16384 c:\windows\Temp\Perflib_Perfdata_590.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-01 7557120] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] c:\documents and settings\NadŠge\Menu D‚marrer\Programmes\D‚marrage\ Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-3-17 59080] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-908\dslmon.exe [2008-3-24 962663] Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-18 65588] TabUserW.exe.lnk - c:\windows\system32\WTablet\TabUserW.exe [2009-3-8 114688] Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2006-3-26 257752] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\Nadège\\Mes documents\\Downloads\\utorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Orbitdownloader\\orbitnet.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1008000.029\SymEFA.sys [04/02/2010 18:12 310320] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NAV\1008000.029\BHDrvx86.sys [04/02/2010 18:12 259632] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1008000.029\cchpx86.sys [04/02/2010 18:12 482432] R2 Norton AntiVirus;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe [04/02/2010 18:12 117640] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [27/08/2009 10:00 102448] R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [22/09/2006 13:56 7040] S1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100513.002\IDSXpx86.sys [18/05/2010 17:50 329592] S1 nayqfzfg;nayqfzfg;\??\c:\windows\system32\drivers\nayqfzfg.sys --> c:\windows\system32\drivers\nayqfzfg.sys [?] S3 adiusbae;USB ADSL LAN Adapter;c:\windows\system32\drivers\adiusbae.sys [24/03/2008 15:20 117673] S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [15/09/2009 20:12 21344] S3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\wsaudiodevice_383.sys [26/06/2009 20:51 16640] . Contenu du dossier 'Tâches planifiées' 2010-04-29 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-05-26 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2054951153-2501660682-707765859-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2010-05-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2054951153-2501660682-707765859-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] . . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204 IE: &MSN Search - c:\program files\MSN Toolbar Suite\msntb.dll/search.htm IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202 IE: Easy-WebPrint Ajouter à la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html IE: Easy-WebPrint Prévisualiser - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-26 21:27 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton AntiVirus] "ImagePath"="\"c:\program files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe\" /s \"Norton AntiVirus\" /m \"c:\program files\Norton AntiVirus\Engine\16.8.0.41\diMaster.dll\" /prefetch:1" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(304) c:\windows\system32\Ati2evxx.dll . Heure de fin: 2010-05-26 21:29:45 ComboFix-quarantined-files.txt 2010-05-26 19:29 ComboFix2.txt 2010-05-26 18:58 Avant-CF: 82 528 550 912 octets libres Après-CF: 82 500 521 984 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect - - End Of File - - 1C4DED162202243BE0803E43CCD4AD59

Et ben, ce fut rapide cette fois! voici le rapport : ComboFix 10-05-26.01 - Nadège 26/05/2010 20:48:15.2.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1022.547 [GMT 2:00] Lancé depuis: c:\documents and settings\Nadège\Bureau\panpan.exe AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} * Un nouveau point de restauration a été créé AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Exécution préalable ------- . c:\docume~1\NADGE~1\LOCALS~1\Temp\install_flash_player.exe c:\windows\system32\cooper.mine c:\windows\system32\h7t.wt c:\windows\system32\hgtd.ruy c:\windows\system32\nmklo.dll c:\windows\system32\wbem\grpconv.exe c:\windows\system32\zh9qide.log -- Exécution préalable -- c:\windows\system32\grpconv.exe . . . manque!! -------- c:\windows\system32\grpconv.exe . . . manque!! . ((((((((((((((((((((((((((((( Fichiers créés du 2010-04-26 au 2010-05-26 )))))))))))))))))))))))))))))))))))) . 2010-05-24 12:21 . 2010-05-24 12:21 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2010-05-24 12:09 . 2010-05-24 12:09 -------- d--h--w- c:\windows\msdownld.tmp 2010-05-24 12:04 . 2010-05-24 12:09 -------- dc-h--w- c:\windows\ie8 2010-05-24 12:01 . 2010-05-24 12:04 -------- d-----w- c:\windows\system32\MpEngineStore 2010-05-22 19:15 . 2010-05-22 19:16 -------- d-----w- c:\windows\61D3AAE1D5214CD7939B37813DE8F955.TMP 2010-05-22 16:43 . 2010-05-22 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-05-22 16:43 . 2010-05-23 08:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-21 19:30 . 2010-05-23 10:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-21 19:27 . 2010-05-23 09:56 -------- d-----w- c:\windows\system32\config\systemprofile\Tracing 2010-05-20 19:06 . 2010-05-20 19:06 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard 2010-05-19 16:30 . 2004-08-03 20:59 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys 2010-05-19 16:30 . 2004-08-03 20:59 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 ----a-w- c:\windows\system32\drivers\i2omgmt.sys 2010-05-19 16:30 . 2010-05-19 16:30 211072 -c--a-w- c:\windows\system32\dllcache\ndis.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys 2010-05-19 16:30 . 2004-08-03 21:00 8192 ----a-w- c:\windows\system32\drivers\changer.sys 2010-05-08 14:39 . 2010-05-08 14:39 37192 ---ha-w- c:\windows\system32\mlfcache.dat 2010-05-08 14:35 . 2010-05-08 14:36 -------- d-----w- c:\program files\Safari 2010-05-05 15:54 . 2010-05-05 15:54 -------- d-----w- c:\program files\Namtuk . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-26 17:59 . 2009-03-08 10:35 12914 ----a-w- c:\windows\system32\tablet.dat 2010-05-25 19:01 . 2001-08-23 17:15 3328 ----a-w- c:\windows\system32\drivers\pciide.sys 2010-05-23 08:37 . 2006-09-22 11:49 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-05-08 14:35 . 2007-11-15 18:50 -------- d-----w- c:\program files\Fichiers communs\Apple 2010-05-02 18:43 . 2009-07-03 18:45 -------- d-----w- c:\program files\Replay Music 3 2010-05-02 18:26 . 2009-07-03 18:45 323584 ----a-w- c:\windows\system32\AUDIOGENIE2.DLL 2010-03-29 15:38 . 2006-09-15 12:24 75704 ----a-w- c:\windows\system32\perfc00C.dat 2010-03-29 15:38 . 2006-09-15 12:24 468728 ----a-w- c:\windows\system32\perfh00C.dat 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll 2010-03-10 20:33 . 2010-03-10 20:33 300616 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll 2010-03-10 20:33 . 2010-03-10 20:33 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll 2010-03-10 20:32 . 2010-03-10 20:32 329312 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll 2010-03-04 02:00 . 2010-03-04 02:00 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe . ------- Sigcheck ------- [-] 2010-05-19 16:30 . 93B984ECAFF503D80C61E76A9959CEEA . 211072 . . [------] . . c:\windows\system32\dllcache\ndis.sys c:\windows\System32\drivers\ndis.sys ... manque !! . ((((((((((((((((((((((((((((( SnapShot@2010-05-25_21.15.21 ))))))))))))))))))))))))))))))))))))))))) . + 2010-05-26 17:59 . 2010-05-26 17:59 16384 c:\windows\Temp\Perflib_Perfdata_60c.dat + 2010-05-26 17:58 . 2010-05-26 17:58 16384 c:\windows\Temp\Perflib_Perfdata_590.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-01 7557120] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] c:\documents and settings\NadŠge\Menu D‚marrer\Programmes\D‚marrage\ Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-3-17 59080] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-908\dslmon.exe [2008-3-24 962663] Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-18 65588] TabUserW.exe.lnk - c:\windows\system32\WTablet\TabUserW.exe [2009-3-8 114688] Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2006-3-26 257752] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\Nadège\\Mes documents\\Downloads\\utorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Orbitdownloader\\orbitnet.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1008000.029\SymEFA.sys [04/02/2010 18:12 310320] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NAV\1008000.029\BHDrvx86.sys [04/02/2010 18:12 259632] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1008000.029\cchpx86.sys [04/02/2010 18:12 482432] R2 Norton AntiVirus;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe [04/02/2010 18:12 117640] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [27/08/2009 10:00 102448] R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [22/09/2006 13:56 7040] S1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100513.002\IDSXpx86.sys [18/05/2010 17:50 329592] S1 nayqfzfg;nayqfzfg;\??\c:\windows\system32\drivers\nayqfzfg.sys --> c:\windows\system32\drivers\nayqfzfg.sys [?] S3 adiusbae;USB ADSL LAN Adapter;c:\windows\system32\drivers\adiusbae.sys [24/03/2008 15:20 117673] S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [15/09/2009 20:12 21344] S3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\wsaudiodevice_383.sys [26/06/2009 20:51 16640] . Contenu du dossier 'Tâches planifiées' 2010-04-29 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-05-26 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2054951153-2501660682-707765859-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] 2010-05-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2054951153-2501660682-707765859-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09] . . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204 IE: &MSN Search - c:\program files\MSN Toolbar Suite\msntb.dll/search.htm IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202 IE: Easy-WebPrint Ajouter à la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html IE: Easy-WebPrint Prévisualiser - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html . - - - - ORPHELINS SUPPRIMES - - - - AddRemove-HijackThis - E:\HijackThis.exe AddRemove-Streamripper - c:\program files\Streamripper\Uninstall.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-26 20:54 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton AntiVirus] "ImagePath"="\"c:\program files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe\" /s \"Norton AntiVirus\" /m \"c:\program files\Norton AntiVirus\Engine\16.8.0.41\diMaster.dll\" /prefetch:1" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(304) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(2320) c:\progra~1\WINDOW~3\wmpband.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Heure de fin: 2010-05-26 20:58:01 ComboFix-quarantined-files.txt 2010-05-26 18:57 Avant-CF: 82 566 098 944 octets libres Après-CF: 82 517 245 952 octets libres - - End Of File - - BDF26099CC1FAA0C8F68C74E394D476E

Salut, Euh, pour le nettoyage c'est pas gagné, sur mon portable il n'y a pas de trappe d'accès rapide au ventilateur... Mais je m'y attaquerai quand même plus tard Pour en revenir à Combofix, j'ai redémarré l'ordinateur sans problème (apparemment) suite à la coupure d'hier soir. Que dois-je faire? faire le cliquer-déposer du package sur CF puis relancer CF?

Bon ben j'attendais le rapport (il était en cours) quand soudain... l'ordi s'est éteint! je pense qu'il n'a surchauffé! arghh! Je vais devoir refaire toute la manip en le rallumant ?