gaele

OUi AVG est la version gratuite :/ et oui carrement je veux changer d'antivirus!!!!!! Premiere etape, " Relance Hijackthis avec Do a system scan only " en fermant ttes les appli et fini par fix check effectuee! Pr contre pr la suite, jai bien copie le texte sur note pad sur ton bureau en le nommant CleanReg.reg mais qd je double clique rien ne se passe!!!! Qu veux dire "en choisissant Tous les fichiers dans le champ Type." ???? Cest un ordi achete en thailande dc tt en en anglais! C'est qd jenregistre que je dois choisir Tous les fichiers type ou qd je l'ouvre? Pr info, je suis sous XP et pas vista! Je ressaye le tps que tu me reponde....

AD desinstalle! Voici le nouveau log Hijackthis Alors ten penses quoi? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:46:57, on 08/06/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller2.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\igfxsrvc.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Vasin\Vasin1\winhelp32.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nuevaq.fm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nuevaq.fm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nuevaq.fm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nuevaq.fm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nuevaq.fm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nuevaq.fm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nuevaq.fm R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.nuevaq.fm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.nuevaq.fm R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [NVIDIA Media Center Library] C:\Documents and Settings\Vasin\Vasin1\winlogon.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [NVIDIA Media Center Library] C:\Documents and Settings\Vasin\Vasin1\winlogon.exe O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.canalblog.com/sharedDocs/misc/u...geUploader5.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: ??????????????? Google (gupdate1caa818729136a2) (gupdate1caa818729136a2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller2.exe -- End of file - 8699 bytes

Salut apollo Ben tiens, justement on fait un tour du monde! Genre billet TDM 12 escales a 1804euros ca c'est pr dire que c'est accessible! On a un blog si tu tu veux jte file le lien Sinon, jai bien remonté le fichier demandé en fin de rapport USB. Voici le 1er rapport AD-scan ======= REPORT FROM AD-REMOVER | ONLY XP/VISTA/7 ======= Updated by C_XX on 08/06/10 at 13:40 Contact: AdRemover.contact@gmail.com website: http://pagesperso-orange.fr/NosTools/ad_remover.html C:\Program Files\Ad-Remover\ADR.exe (SCAN [1]) -> Launched at 16:49:10 on 08/06/2010, Normal boot Microsoft Windows XP Home Edition Service Pack 3 (X86) Vasin, YOUR-59C96182D8 ( ) ============== SEARCH ============== 0,Folder found: C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} 0,File found: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job 0,Folder found: C:\Documents and Settings\Vasin\Application Data\Mozilla\FireFox\Profiles\vxxxupmj.default\extensions\toolbar@ask.com 0,Folder found: C:\Documents and Settings\Vasin\Local Settings\Application Data\AskToolbar 3,File found: C:\WINDOWS\Installer\e1f86f.msi -- File opened: C:\Documents and Settings\Vasin\Application Data\Mozilla\FireFox\Profiles\vxxxupmj.default\Prefs.js -- Line found: user_pref("extensions.asktb.cbid", "UG"); Line found: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://es.ask.com/web?q={query}&o={o}&l={l}&... Line found: user_pref("extensions.asktb.fresh-install", false); Line found: user_pref("extensions.asktb.l", "dis"); Line found: user_pref("extensions.asktb.last-config-req", "1275950589640"); Line found: user_pref("extensions.asktb.locale", "en_ES"); Line found: user_pref("extensions.asktb.o", "15158"); Line found: user_pref("extensions.asktb.overlay-reloaded-using-restart", true); Line found: user_pref("extensions.asktb.qsrc", "2871"); Line found: user_pref("extensions.asktb.r", "3"); Line found: user_pref("extensions.asktb.search-suggestions-enabled", true); Line found: user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18,jqs@sun.com:1.0,... -- File closed -- 1,Key found: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} 1,Key found: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Key found: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393} 1,Key found: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} 1,Key found: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} 1,Key found: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} 1,Key found: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} 0,Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd 0,Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1 0,Key found: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL 1,Key found: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} 3,Key found: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} 3,Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} 0,Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} 0,Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} 0,Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} ============== ADDITIONNAL SCAN ============== ** Mozilla Firefox Version [3.6.3 (fr)] ** -- C:\Documents and Settings\Vasin\Application Data\Mozilla\FireFox\Profiles\vxxxupmj.default\Prefs.js -- browser.search.defaultenginename, Bing browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q= browser.startup.homepage_override.mstone, rv:1.9.2.3 keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q= ======================================== ** Internet Explorer Version [6.0.2900.5512] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.nuevaq.fm Default_Search_URL: hxxp://www.nuevaq.fm Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: hxxp://www.nuevaq.fm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Search Page: hxxp://www.nuevaq.fm Show_ToolBar: yes Start Page: hxxp://www.google.fr/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.nuevaq.fm Default_Search_URL: hxxp://www.nuevaq.fm Delete_Temp_Files_On_Exit: yes Local Page: hxxp://www.nuevaq.fm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.nuevaq.fm Start Page: hxxp://www.nuevaq.fm [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 File(s) C:\Program Files\Ad-Remover\Backup: 0 File(s) C:\Ad-Report-SCAN[1].txt - 3338 Byte(s) End at: 16:51:11, 08/06/2010 ============== E.O.F ============== Et voici le second AD-clean ======= REPORT FROM AD-REMOVER | ONLY XP/VISTA/7 ======= Updated by C_XX on 08/06/10 at 13:40 Contact: AdRemover.contact@gmail.com website: http://pagesperso-orange.fr/NosTools/ad_remover.html C:\Program Files\Ad-Remover\ADR.exe (CLEAN [1]) -> Launched at 16:51:43 on 08/06/2010, Normal boot Microsoft Windows XP Home Edition Service Pack 3 (X86) Vasin, YOUR-59C96182D8 ( ) ============== ACTION(S) ============== 0,Folder deleted: C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} 0,File deleted: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job 0,Folder deleted: C:\Documents and Settings\Vasin\Application Data\Mozilla\FireFox\Profiles\vxxxupmj.default\extensions\toolbar@ask.com 0,Folder deleted: C:\Documents and Settings\Vasin\Local Settings\Application Data\AskToolbar 3,File deleted: C:\WINDOWS\Installer\e1f86f.msi (!) -- Temporary files deleted. -- File opened: C:\Documents and Settings\Vasin\Application Data\Mozilla\FireFox\Profiles\vxxxupmj.default\Prefs.js -- Line deleted: user_pref("extensions.asktb.cbid", "UG"); Line deleted: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://es.ask.com/web?q={query}&o={o}&l={l}&... Line deleted: user_pref("extensions.asktb.fresh-install", false); Line deleted: user_pref("extensions.asktb.l", "dis"); Line deleted: user_pref("extensions.asktb.last-config-req", "1275950589640"); Line deleted: user_pref("extensions.asktb.locale", "en_ES"); Line deleted: user_pref("extensions.asktb.o", "15158"); Line deleted: user_pref("extensions.asktb.overlay-reloaded-using-restart", true); Line deleted: user_pref("extensions.asktb.qsrc", "2871"); Line deleted: user_pref("extensions.asktb.r", "3"); Line deleted: user_pref("extensions.asktb.search-suggestions-enabled", true); Line deleted: user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18,jqs@sun.com:1.0,... -- File closed -- 1,Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} 1,Key deleted: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Key deleted: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393} 1,Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} 1,Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} 1,Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} 1,Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} 0,Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd 0,Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1 0,Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL 1,Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} 3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} 3,Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} 0,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} 0,Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} 0,Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} ============== ADDITIONNAL SCAN ============== ** Mozilla Firefox Version [3.6.3 (fr)] ** -- C:\Documents and Settings\Vasin\Application Data\Mozilla\FireFox\Profiles\vxxxupmj.default\Prefs.js -- browser.search.defaultenginename, Bing browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q= browser.startup.homepage_override.mstone, rv:1.9.2.3 keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q= ======================================== ** Internet Explorer Version [6.0.2900.5512] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: hxxp://www.nuevaq.fm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: hxxp://www.nuevaq.fm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 172 File(s) C:\Program Files\Ad-Remover\Backup: 14 File(s) C:\Ad-Report-CLEAN[1].txt - 3552 Byte(s) C:\Ad-Report-SCAN[1].txt - 5185 Byte(s) End at: 16:53:46, 08/06/2010 ============== E.O.F ============== Un grand merci pr ton aide!!!!!

Rectifications, - Mozilla ne fonctionne plus - tjrs le meme detournement de la page d;accueil d'internet explorer - pb supp (si c'est lier) la sortie casque ne fonctionne plus (plus moy de se mater un film avec un meilleur son Attends instructions chef

Ca s'ameliore - mozilla refonctionne! - internet explorer, ce n'est plus la page http://www.nuevaq.fm/ qui s'affiche mais MSN messenger.....je viens de changer les parametres pr google, je verrai si ca tient! - la cles USB et la carte SD s'affichent comme des disques et non plus comme des dossiers PAR CONTRE tjrs pas acces aux donnees (ce sont uniquement les raccourcis qui apparaissent) a+ gaele

Comme demande voici le rapport apres suppression! ca n'a pas dure longtps le nettoyage, est-ce normal? Pr info, je suis en equateur, il y a dc un leger decallage horaire (7h mais acces a internet au moins demain et peut etre apres demain! Peux tu me donner un apercu de ce quil reste a traiter! Est-ce grave docteur? Merci pr ton aide! NB: il y a eu un pb avec les pages internet auj, la meme page s'est multiplier plusieurs fois (x20) et jai du me deconnecter pr arreter ca, bizar :/ ############################## | Usbfix 7.005 | [Deletion] User: Vasin (Administrator) # YOUR-59C96182D8 [ ] Updated 07/06/10 by El Desaparecido / C_XX Started at 00:28:26 | 08/06/2010 Website: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Intel® Atom CPU N280 @ 1.66GHz CPU 2: Intel® Atom CPU N280 @ 1.66GHz Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 6.0.2900.5512 Windows Firewall: Enabled Antivirus: AVG Anti-Virus Free 9.0 [Enabled | Updated] RAM -> 1014 Mb C:\ (%systemdrive%) -> Fixed drive # 71 Gb (6 Mb free - 9%) [] # NTFS D:\ -> Fixed drive # 72 Gb (5 Mb free - 7%) [] # NTFS E:\ -> Removable drive # 2 Gb (2 Mb free - 87%) [LEXAR] # FAT G:\ -> Removable drive # 15 Gb (2 Mb free - 11%) [CANON_DC] # FAT32 ################## | Files # Infected Folders | Deleted ! C:\HJT.exe Deleted ! C:\HJTInstall.exe Deleted ! E:\Autorun.inf Deleted ! G:\Autorun.inf Deleted ! C:\Recycler\S-1-5-21-0121096470-1566566296-871070307-1329 Deleted ! C:\Recycler\S-1-5-21-1195284824-3522668921-3994421981-1005 Deleted ! C:\Recycler\S-1-5-21-1195284824-3522668921-3994421981-500 Deleted ! C:\Recycler\S-1-5-21-3018247551-6138366280-287762529-5387 Deleted ! C:\Recycler\S-1-5-21-3514469747-1796199995-799477728-5720 Deleted ! C:\Recycler\S-1-5-21-5892208600-1933437830-625065307-1890 Deleted ! C:\Recycler\S-1-5-21-6033218734-5926139550-442308745-8501 Deleted ! C:\Recycler\S-1-5-21-8336321481-3899348666-861094509-1162 Deleted ! C:\Recycler\S-1-5-21-8400410257-9885886727-979400114-7157 Deleted ! C:\Recycler\S-1-5-21-854245398-1637723038-1614895754-1003 Deleted ! C:\Recycler\S-1-5-21-8582136427-1530743262-105926683-8578 Deleted ! C:\Recycler\S-1-5-21-8778797331-8521498704-092174517-0436 Deleted ! D:\Recycler\S-1-5-21-1195284824-3522668921-3994421981-1005 Deleted ! D:\Recycler\S-1-5-21-1195284824-3522668921-3994421981-500 Deleted ! G:\video GALAPAGOS.lnk ################## | Registry | Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DRWEB32.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FAMEH32.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firefox.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSAV32.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSMA32.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\opera.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpost.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\p.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safari.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trjscan.exe Deleted ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapro.exe ################## | Mountpoints2 | Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{3384c4b8-2079-11df-842f-0024540b8f18} ################## | Listing | [20/04/2010 - 09:07:06 | HD ] C:\$AVG [22/05/2009 - 17:02:47 | A | 0] C:\AUTOEXEC.BAT [20/04/2010 - 08:20:47 | RASH | 211] C:\boot.ini [22/05/2009 - 17:02:47 | A | 0] C:\CONFIG.SYS [20/04/2010 - 08:08:48 | D ] C:\Documents and Settings [07/06/2010 - 23:25:27 | ASH | 1063702528] C:\hiberfil.sys [22/05/2009 - 17:06:57 | D ] C:\Intel [22/05/2009 - 17:02:47 | RASH | 0] C:\IO.SYS [22/05/2009 - 17:02:47 | RASH | 0] C:\MSDOS.SYS [14/04/2008 - 14:00:00 | RASH | 47564] C:\NTDETECT.COM [14/04/2008 - 14:00:00 | RASH | 250048] C:\ntldr [07/06/2010 - 23:25:27 | ASH | 1598029824] C:\pagefile.sys [08/06/2010 - 00:14:41 | RD ] C:\Program Files [08/06/2010 - 00:29:09 | SHD ] C:\RECYCLER [22/05/2009 - 17:14:19 | A | 173] C:\Setup.log [22/01/2010 - 21:50:20 | SHD ] C:\System Volume Information [08/06/2010 - 00:29:07 | D ] C:\UsbFix [08/06/2010 - 00:29:16 | A | 3965] C:\Usbfix.txt [07/06/2010 - 18:26:25 | D ] C:\WINDOWS [23/05/2010 - 02:46:24 | D ] D:\DVD a envoyer [15/05/2010 - 17:26:22 | D ] D:\DVD Envoyes [15/05/2010 - 16:51:21 | RD ] D:\My Pictures [07/06/2010 - 17:09:50 | D ] D:\photos a graver [08/06/2010 - 00:29:09 | SHD ] D:\RECYCLER [22/01/2010 - 22:05:04 | SHD ] D:\System Volume Information [07/06/2010 - 05:50:20 | RASHD ] E:\photos texte blog [07/06/2010 - 05:51:40 | RASHD ] E:\DrivesGuideInfo [06/06/2010 - 22:53:28 | A | 1444] E:\photos texte blog.lnk [07/06/2010 - 05:51:42 | A | 1444] E:\DrivesGuideInfo.lnk [01/01/2007 - 12:00:00 | RASHD ] G:\DCIM [06/06/2010 - 23:03:24 | RASHD ] G:\video GALAPAGOS [06/06/2010 - 23:15:46 | RASHD ] G:\Galapagos [06/06/2010 - 23:23:12 | RASHD ] G:\selection video Galapagos [06/06/2010 - 20:17:10 | RASHD ] G:\photos texte blog [06/06/2010 - 20:17:20 | RASHD ] G:\blog galapagos [07/06/2010 - 05:41:52 | RASHD ] G:\DrivesGuideInfo [06/06/2010 - 22:48:16 | A | 1444] G:\DCIM.lnk [07/06/2010 - 05:41:56 | A | 1444] G:\Galapagos.lnk [07/06/2010 - 05:41:56 | A | 1444] G:\selection video Galapagos.lnk [07/06/2010 - 05:41:56 | A | 1444] G:\photos texte blog.lnk [07/06/2010 - 05:41:56 | A | 1444] G:\blog galapagos.lnk [07/06/2010 - 05:41:56 | A | 1444] G:\DrivesGuideInfo.lnk ################## | Vaccin | C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX) E:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX) G:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX) ################## | Upload | Please send the file: C:\UsbFix_Upload_Me_YOUR-59C96182D8.zip http://chiquitine.changelog.fr/Sample/Upload.php Thank you for your contribution. ################## | E.O.F |

installation de hijackthis ds C/prog files effectuee voici le nouveau rapport si ca change qqch! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:09:30, on 07/06/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Documents and Settings\Vasin\Vasin1\winlogon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller2.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Vasin\Vasin1\winhelp32.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\AVG\AVG9\avgcmgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nuevaq.fm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nuevaq.fm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nuevaq.fm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nuevaq.fm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nuevaq.fm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nuevaq.fm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nuevaq.fm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nuevaq.fm R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.nuevaq.fm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.nuevaq.fm R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing) O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [NVIDIA Media Center Library] C:\Documents and Settings\Vasin\Vasin1\winlogon.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [NVIDIA Media Center Library] C:\Documents and Settings\Vasin\Vasin1\winlogon.exe O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.canalblog.com/sharedDocs/misc/u...geUploader5.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: ??????????????? Google (gupdate1caa818729136a2) (gupdate1caa818729136a2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller2.exe -- End of file - 8757 bytes

Voici le rapport USBfix Alors qu'en penses tu? merci encore ############################## | Usbfix 7.005 | [Research] User: Vasin (Administrator) # YOUR-59C96182D8 [ ] Updated 07/06/10 by El Desaparecido / C_XX Started at 20:57:57 | 07/06/2010 Website: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Intel® Atom CPU N280 @ 1.66GHz CPU 2: Intel® Atom CPU N280 @ 1.66GHz Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 6.0.2900.5512 Windows Firewall: Enabled Antivirus: AVG Anti-Virus Free 9.0 [Enabled | Updated] RAM -> 1014 Mb C:\ (%systemdrive%) -> Fixed drive # 71 Gb (6 Mb free - 9%) [] # NTFS D:\ -> Fixed drive # 72 Gb (5 Mb free - 7%) [] # NTFS E:\ -> Removable drive # 2 Gb (2 Mb free - 87%) [LEXAR] # FAT G:\ -> Removable drive # 15 Gb (2 Mb free - 11%) [CANON_DC] # FAT32 ################## | Files # Infected Folders | Found ! E:\Autorun.inf Found ! G:\Autorun.inf Found ! C:\Recycler\S-1-5-21-0121096470-1566566296-871070307-1329 Found ! C:\Recycler\S-1-5-21-1195284824-3522668921-3994421981-1005 Found ! C:\Recycler\S-1-5-21-1195284824-3522668921-3994421981-500 Found ! C:\Recycler\S-1-5-21-3018247551-6138366280-287762529-5387 Found ! C:\Recycler\S-1-5-21-3514469747-1796199995-799477728-5720 Found ! C:\Recycler\S-1-5-21-5892208600-1933437830-625065307-1890 Found ! C:\Recycler\S-1-5-21-6033218734-5926139550-442308745-8501 Found ! C:\Recycler\S-1-5-21-8336321481-3899348666-861094509-1162 Found ! C:\Recycler\S-1-5-21-8400410257-9885886727-979400114-7157 Found ! C:\Recycler\S-1-5-21-854245398-1637723038-1614895754-1003 Found ! C:\Recycler\S-1-5-21-8582136427-1530743262-105926683-8578 Found ! C:\Recycler\S-1-5-21-8778797331-8521498704-092174517-0436 Found ! D:\Recycler\S-1-5-21-1195284824-3522668921-3994421981-1005 Found ! D:\Recycler\S-1-5-21-1195284824-3522668921-3994421981-500 Found ! G:\video GALAPAGOS.lnk ################## | Registry | Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DRWEB32.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FAMEH32.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firefox.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSAV32.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSMA32.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\opera.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpost.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\p.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safari.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trjscan.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapro.exe Found ! HKLM\software\microsoft\windows nt\currentversion\winlogon|Taskman ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\{3384c4b8-2079-11df-842f-0024540b8f18} Shell\AutoRun\Command = F:\DrivesGuideInfo\S-1-9-01-3739977401-4444491267-600313374-9146\svchost.exe Shell\open\Command = F:\DrivesGuideInfo\S-1-9-01-3739977401-4444491267-600313374-9146\svchost.exe HKCU\.\.\.\.\Explorer\MountPoints2\{d8de8787-1853-11df-842e-0024540b8f18} Shell\AutoRun\Command = G:\DrivesGuideInfo\S-1-9-01-3739977401-4444491267-600313374-9146\svchost.exe Shell\open\Command = G:\DrivesGuideInfo\S-1-9-01-3739977401-4444491267-600313374-9146\svchost.exe ################## | Vaccin | (!) This computer is not vaccinated! ################## | E.O.F |

Merci pr ta reponse Je vais suivre tes instructions.... je crois avoir reussi a faire un log hijackthis.......voici le rapport! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:37:41, on 07/06/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxtray.exe C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller2.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Vasin\Local Settings\Temporary Internet Files\Content.IE5\VUB2A9VI\HiJackThis[2].exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nuevaq.fm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nuevaq.fm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nuevaq.fm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nuevaq.fm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nuevaq.fm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nuevaq.fm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nuevaq.fm R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.nuevaq.fm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.nuevaq.fm R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing) O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [NVIDIA Media Center Library] C:\Documents and Settings\Vasin\Vasin1\winlogon.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [NVIDIA Media Center Library] C:\Documents and Settings\Vasin\Vasin1\winlogon.exe O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.canalblog.com/sharedDocs/misc/u...geUploader5.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: ??????????????? Google (gupdate1caa818729136a2) (gupdate1caa818729136a2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller2.exe -- End of file - 9033 bytes

Bonjour Je pense avoir un gros vilain virus qui se planque qq part et qui fait buger mon ordi. Pourtant rien n'est detecte par AVG! Ca deconne tjrs meme apres les scans. Je vais tacher de decrire les symptomes le plus clairement possible: 1) les cles USB et cartes SD parfois ne plus etre reconnues par l'ordi -> 1erement apparaissent comme un dossier et plus comme un disque externe, -> ds les proprietes, la cles est pleine mais n'apparaissent que les raccourcies des dossiers, je n'ai dc plus d'acces aux donnes -> si je scanne aucun virus n'est detecte sur la cle -> impossibilite de formater la cle -> impossibilite d'ejecter la cle, un message m'indique qu'un programme est en train de l'utiliser et ce n'est pas moi 2) barres d'outils ds le navigateur impossible a supprimer 3) detournement de la page d'acceuil du navigateur, UNIQUEMENT avec internet explorer, pr ma part c'est http://www.nuevaq.fm/ qui s'affiche 4) aujourd'hui antivirus AVG desactive et impossible de le mettre a jour, la fenetre commence par s'ouvrir puis se ferme 5) certaines commandes ne fonctionnent plus, -> Ctrl+Alt+ suppr pr voir les programmes qui tournenet ne marchent plus 6) Mozilla ne s'ouvre plus, meme apres l'avoir reinstaller 7) avec internet explorer, certain lien ne fonctionne pas comme pr le lien libellule.ch pr faire un loghijachthis (je ne sais pas du tt ce que c'est), un message d'erreur s'affiche et la fenetre se ferme parfois un message d'erreur s'affiche "run error, stack space" ou qqch du genre 9) rien n'apparait au scan general du systeme, bizarrement AVG refonctionne, tjrs rien de detecte mais voici ci joint ce quil y a ds ma corbeille "Infection";"Trojan horse Dropper.Generic2.AEO";"C:\System Volume Information\_restore{0E37331C-8A30-4B9B-A67F-A89B1846A56F}\RP26\A0007203.exe";"";"20/05/2010, 08:29:24" "Infection";"Trojan horse Generic17.ATXW";"C:\System Volume Information\_restore{0E37331C-8A30-4B9B-A67F-A89B1846A56F}\RP26\A0007204.exe";"";"20/05/2010, 14:36:13" "Infection";"Trojan horse Generic17.BLNE";"C:\System Volume Information\_restore{0E37331C-8A30-4B9B-A67F-A89B1846A56F}\RP26\A0007205.exe";"";"20/05/2010, 15:51:54" "Infection";"Trojan horse Generic17.BCYR";"C:\System Volume Information\_restore{0E37331C-8A30-4B9B-A67F-A89B1846A56F}\RP28\A0007420.exe";"";"20/05/2010, 20:45:53" "Warning";"Found Tracking cookie.247realmedia";"C:\Documents and Settings\Vasin\Application Data\Mozilla\Firefox\Profiles\vxxxupmj.default\cookies.sqlite";"";"21/05/2010, 08:23:11" "Warning";"Found Tracking cookie.2o7";"C:\Documents and Settings\Vasin\Cookies\vasin@2o7[1].txt";"";"21/05/2010, 08:23:38" "Warning";"Found Tracking cookie.Atdmt";"C:\Documents and Settings\Vasin\Cookies\vasin@atdmt[1].txt";"";"21/05/2010, 08:23:39" "Warning";"Found Tracking cookie.Bluestreak";"C:\Documents and Settings\Vasin\Cookies\vasin@bluestreak[2].txt";"";"21/05/2010, 08:23:39" "Warning";"Found Tracking cookie.Serving-sys";"C:\Documents and Settings\Vasin\Cookies\vasin@bs.serving-sys[2].txt";"";"21/05/2010, 08:23:39" "Warning";"Found Tracking cookie.Estat";"C:\Documents and Settings\Vasin\Cookies\vasin@estat[1].txt";"";"21/05/2010, 08:23:39" "Warning";"Found Tracking cookie.Mediaplex";"C:\Documents and Settings\Vasin\Cookies\vasin@mediaplex[2].txt";"";"21/05/2010, 08:23:40" "Warning";"Found Tracking cookie.2o7";"C:\Documents and Settings\Vasin\Cookies\vasin@msnportal.112.2o7[1].txt";"";"21/05/2010, 08:23:40" "Warning";"Found Tracking cookie.Serving-sys";"C:\Documents and Settings\Vasin\Cookies\vasin@serving-sys[1].txt";"";"21/05/2010, 08:23:41" "Warning";"Found Tracking cookie.Smartadserver";"C:\Documents and Settings\Vasin\Cookies\vasin@smartadserver[2].txt";"";"21/05/2010, 08:23:41" "Warning";"Found Tracking cookie.Webtrendslive";"C:\Documents and Settings\Vasin\Cookies\vasin@statse.webtrendslive[2].txt";"";"21/05/2010, 08:23:41" "Warning";"Found Tracking cookie.Tradedoubler";"C:\Documents and Settings\Vasin\Cookies\vasin@tradedoubler[2].txt";"";"21/05/2010, 08:23:42" "Warning";"Found Tracking cookie.Tribalfusion";"C:\Documents and Settings\Vasin\Cookies\vasin@tribalfusion[1].txt";"";"21/05/2010, 08:23:42" "Warning";"Found Tracking cookie.Weborama";"C:\Documents and Settings\Vasin\Cookies\vasin@weborama[1].txt";"";"21/05/2010, 08:23:42" "Infection";"Virus found Script/Exploit";"C:\Documents and Settings\Vasin\Local Settings\Temporary Internet Files\Content.IE5\KHAJC9YZ\shellcode_E[1].js";"";"22/05/2010, 01:06:28" "Infection";"Virus found Script/Exploit";"C:\Documents and Settings\Vasin\Local Settings\Temporary Internet Files\Content.IE5\4LMFGXAJ\shellcode_E[1].js";"";"22/05/2010, 15:44:08" "Infection";"Virus found Script/Exploit";"C:\Documents and Settings\Vasin\Local Settings\Temporary Internet Files\Content.IE5\8XWDY34D\shellcode_E[1].js";"";"22/05/2010, 15:46:10" "Infection";"Virus found Script/Exploit";"C:\Documents and Settings\Vasin\Local Settings\Temporary Internet Files\Content.IE5\KHAJC9YZ\shellcode_E[1].js";"";"22/05/2010, 23:19:45" "Warning";"Found Tracking cookie.Estat";"C:\Documents and Settings\Vasin\Application Data\Mozilla\Firefox\Profiles\vxxxupmj.default\cookies.sqlite";"";"23/05/2010, 03:42:04" "Warning";"Found Tracking cookie.Atdmt";"C:\Documents and Settings\Vasin\Cookies\vasin@atdmt[1].txt";"";"23/05/2010, 03:42:34" "Warning";"Found Tracking cookie.Serving-sys";"C:\Documents and Settings\Vasin\Cookies\vasin@bs.serving-sys[2].txt";"";"23/05/2010, 03:42:35" "Warning";"Found Tracking cookie.Mediaplex";"C:\Documents and Settings\Vasin\Cookies\vasin@mediaplex[2].txt";"";"23/05/2010, 03:42:35" "Warning";"Found Tracking cookie.Serving-sys";"C:\Documents and Settings\Vasin\Cookies\vasin@serving-sys[2].txt";"";"23/05/2010, 03:42:35" "Warning";"Found Tracking cookie.Tradedoubler";"C:\Documents and Settings\Vasin\Cookies\vasin@tradedoubler[1].txt";"";"23/05/2010, 03:42:36" "Warning";"Found Tracking cookie.Weborama";"C:\Documents and Settings\Vasin\Cookies\vasin@weborama[1].txt";"";"23/05/2010, 03:42:36" "Infection";"Trojan horse Generic17.KXE";"C:\System Volume Information\_restore{0E37331C-8A30-4B9B-A67F-A89B1846A56F}\RP15\A0003218.exe";"";"05/06/2010, 23:15:21" "Infection";"Trojan horse Generic17.BCYR";"C:\System Volume Information\_restore{0E37331C-8A30-4B9B-A67F-A89B1846A56F}\RP28\A0007422.exe";"";"05/06/2010, 23:16:07" "Infection";"Trojan horse VB.ZQG";"C:\System Volume Information\_restore{0E37331C-8A30-4B9B-A67F-A89B1846A56F}\RP28\A0007423.exe";"";"05/06/2010, 23:16:08" "Infection";"Trojan horse VB.ZQG";"C:\System Volume Information\_restore{0E37331C-8A30-4B9B-A67F-A89B1846A56F}\RP28\A0007421.exe";"";"05/06/2010, 23:16:08" "Infection";"Virus identified Worm/Generic.BIEF";"e:\DrivesGuideInfo\S-1-7-21-1439977401-7444491467-600013330-9141\svchost.exe";"";"06/06/2010, 22:25:59" "Infection";"Virus identified Worm/AutoRun.IX";"E:\PRIDJI\preslaba.exe";"";"06/06/2010, 22:27:14" "Infection";"Virus identified Win32/Cryptor";"E:\NOCHIMA\tonijeto.exe";"";"06/06/2010, 22:27:15" "Infection";"Virus identified Win32/Cryptor";"E:\SEKACHK\spinter.exe";"";"06/06/2010, 22:27:15" "Infection";"Virus identified Worm/Generic.BIEF";"E:\DrivesGuideInfo\svchost.exe";"";"06/06/2010, 22:27:15" Pr finir, on m'a parler de COMBOFIX mais jai besoin d'aide d'un tuteur..... Pr info, jai 2 partitions (mais pas linux) et jai sauvegarder ttes mes photos! Merci de m'indiquer la marche a suivre gaele