Rollez

Apollo, J'ai posté un message sur le site ci-dessus référencé et j'ai procédé au nettoyage comme demandé. Pour ce qui est de la désinstallation du pilote pour mon clavier, j'ai bien tenté, mais sans succès... En cherchant sur le net, beaucoup de monde est resté sans réponse également. On fera sans. En tout cas, je souhaite vous remercier énormément pour votre support très efficace et pour le temps que vous m'avez consacré. Je n'hésiterai nullement à faire part de cette expérience à mes proches et à faire la pub de votre site que je viens seulement découvrir. Cordialement.

Voici les rapports demandés : -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0: scan report Saturday, July 24, 2010 Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Last database update: Saturday, July 24, 2010 11:37:36 Records in database: 4223904 -------------------------------------------------------------------------------- Scan settings: scan using the following database: extended Scan archives: yes Scan e-mail databases: yes Scan area - My Computer: A:\ C:\ D:\ E:\ Scan statistics: Objects scanned: 74884 Threats found: 1 Infected objects found: 2 Suspicious objects found: 0 Scan duration: 02:04:44 File name / Threat / Threats count C:\Documents and Settings\Papa\Bureau\ComboFix.exe Infected: Trojan-Clicker.Win32.Wistler.a 1 C:\Qoobox\Quarantine\gMBR_sector0.dat Infected: Trojan-Clicker.Win32.Wistler.a 1 Selected area has been scanned. ===================================================================================================================== Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4343 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 24/07/2010 15:12:37 mbam-log-2010-07-24 (15-12-37).txt Type d'examen: Examen complet (C:\|D:\|H:\|) Elément(s) analysé(s): 237705 Temps écoulé: 57 minute(s), 46 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Voilà c'est fait. MBAM a mis 1 heure pour vérifier tout :-/ Rapport Log.txt : Logfile of random's system information tool 1.08 (written by random/random) Run by Papa at 2010-07-24 14:25:10 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 15 GB (44%) free of 35 GB Total RAM: 2038 MB (61% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:26:03, on 24/07/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Symantec\SPA\smc.exe C:\Program Files\Symantec\SPA\snac.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\McAfee\Common Framework\FrameworkService.exe C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\Symantec\SPA\SmcGui.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\Papa\Bureau\RSIT.exe C:\Program Files\trend micro\Papa.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Symantec Protection Agent 5.1 (SmcService) - Symantec Corporation - C:\Program Files\Symantec\SPA\smc.exe O23 - Service: Symantec NAC Service (SNAC) - Symantec Corporation - C:\Program Files\Symantec\SPA\snac.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe -- End of file - 5306 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}] scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll [2009-06-08 58688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\UdaterUI.exe [2006-11-17 136768] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-01-23 155648] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-01-23 126976] "ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-06-08 111952] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-10-14 623992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamserviceHD] C:\Program Files\Hercules\Hercules DualPix HD Webcam\Camservice.exe [2008-02-06 79144] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-05-28 1468296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] C:\Program Files\uTorrent\uTorrent.exe [2010-07-14 322352] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Hyperappel du Petit Larousse 2010.lnk] C:\PROGRA~1\Larousse\PETITL~1\bin\HYPERA~1.EXE [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2005-01-23 348160] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\HomePlayer\HomePlayer.exe"="C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer" "C:\Program Files\HomePlayer\VLC\vlc.exe"="C:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Disabled:Windows Live Call" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======List of files/folders created in the last 3 months====== 2010-07-24 14:25:10 ----D---- C:\rsit 2010-07-24 13:40:52 ----SHD---- C:\Config.Msi 2010-07-24 12:35:20 ----SHD---- C:\RECYCLER 2010-07-24 11:45:53 ----A---- C:\ComboFix.txt 2010-07-24 11:34:26 ----A---- C:\Boot.bak 2010-07-24 11:34:18 ----RASHD---- C:\cmdcons 2010-07-23 12:16:34 ----A---- C:\WINDOWS\zip.exe 2010-07-23 12:16:34 ----A---- C:\WINDOWS\SWXCACLS.exe 2010-07-23 12:16:34 ----A---- C:\WINDOWS\SWSC.exe 2010-07-23 12:16:34 ----A---- C:\WINDOWS\SWREG.exe 2010-07-23 12:16:34 ----A---- C:\WINDOWS\sed.exe 2010-07-23 12:16:34 ----A---- C:\WINDOWS\PEV.exe 2010-07-23 12:16:34 ----A---- C:\WINDOWS\NIRCMD.exe 2010-07-23 12:16:34 ----A---- C:\WINDOWS\MBR.exe 2010-07-23 12:16:34 ----A---- C:\WINDOWS\grep.exe 2010-07-23 12:16:26 ----D---- C:\WINDOWS\ERDNT 2010-07-23 12:15:10 ----D---- C:\Qoobox 2010-07-23 11:59:59 ----D---- C:\WINDOWS\WBEM 2010-07-23 11:59:44 ----N---- C:\WINDOWS\system32\spmsg.dll 2010-07-23 11:59:44 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2010-07-23 11:58:59 ----HDC---- C:\WINDOWS\ie8 2010-07-23 11:58:59 ----D---- C:\WINDOWS\system32\en-US 2010-07-23 11:35:37 ----N---- C:\WINDOWS\SchedLgU.Txt 2010-07-18 13:08:06 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2010-07-18 10:24:09 ----D---- C:\Program Files\trend micro 2010-07-17 20:57:52 ----A---- C:\WINDOWS\system32\drivers\fsbts.sys 2010-07-17 17:51:07 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-07-17 17:51:07 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-07-17 17:16:41 ----D---- C:\Program Files\Fichiers communs\Java 2010-07-17 17:16:26 ----A---- C:\WINDOWS\system32\javaws.exe 2010-07-17 17:16:25 ----A---- C:\WINDOWS\system32\javaw.exe 2010-07-17 17:16:25 ----A---- C:\WINDOWS\system32\java.exe 2010-07-15 18:59:51 ----D---- C:\Documents and Settings\Papa\Application Data\QuickScan 2010-07-15 16:28:59 ----A---- C:\WINDOWS\msnfix.txt 2010-07-15 13:59:49 ----D---- C:\Program Files\HomePlayer 2010-07-13 19:03:09 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2010-07-13 11:44:23 ----D---- C:\Documents and Settings\All Users\Application Data\F-Secure 2010-07-13 11:26:06 ----D---- C:\Documents and Settings\All Users\Application Data\Sun 2010-07-13 11:25:26 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-06-15 21:14:33 ----A---- C:\WINDOWS\system32\drivers\mfebopk.sys 2010-06-15 21:14:33 ----A---- C:\WINDOWS\system32\drivers\mfeavfk.sys 2010-06-15 21:14:33 ----A---- C:\WINDOWS\system32\drivers\mfeapfk.sys 2010-06-15 21:14:32 ----A---- C:\WINDOWS\system32\drivers\mfetdik.sys 2010-06-15 21:14:32 ----A---- C:\WINDOWS\system32\drivers\mfehidk.sys 2010-06-15 21:14:28 ----D---- C:\Program Files\common files 2010-06-15 21:14:16 ----D---- C:\Program Files\Fichiers communs\McAfee 2010-05-09 17:03:22 ----D---- C:\Documents and Settings\All Users\Application Data\DivX 2010-05-04 23:59:24 ----D---- C:\WINDOWS\Minidump ======List of files/folders modified in the last 3 months====== 2010-07-24 14:25:00 ----D---- C:\WINDOWS\Prefetch 2010-07-24 14:21:11 ----D---- C:\WINDOWS 2010-07-24 14:20:17 ----D---- C:\WINDOWS\Temp 2010-07-24 14:18:54 ----RD---- C:\Program Files 2010-07-24 14:12:29 ----SD---- C:\Documents and Settings\Papa\Application Data\Microsoft 2010-07-24 14:00:37 ----D---- C:\Documents and Settings\Papa\Application Data\uTorrent 2010-07-24 13:40:51 ----SHD---- C:\WINDOWS\Installer 2010-07-24 13:40:43 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2010-07-24 13:40:38 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-07-24 13:40:38 ----D---- C:\WINDOWS\system32\drivers 2010-07-24 13:40:36 ----D---- C:\WINDOWS\system32 2010-07-24 13:39:30 ----SD---- C:\WINDOWS\Tasks 2010-07-24 13:35:28 ----HD---- C:\WINDOWS\inf 2010-07-24 13:35:27 ----D---- C:\WINDOWS\system32\CatRoot2 2010-07-24 13:32:39 ----ASH---- C:\boot.ini 2010-07-24 11:42:43 ----A---- C:\WINDOWS\system.ini 2010-07-24 11:38:20 ----D---- C:\WINDOWS\AppPatch 2010-07-24 11:38:17 ----D---- C:\Program Files\Fichiers communs 2010-07-23 12:16:33 ----SHD---- C:\System Volume Information 2010-07-23 12:16:33 ----D---- C:\WINDOWS\system32\Restore 2010-07-23 12:01:36 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-07-23 12:01:36 ----D---- C:\WINDOWS\Help 2010-07-23 12:01:36 ----D---- C:\Program Files\Internet Explorer 2010-07-23 12:00:10 ----D---- C:\WINDOWS\system32\config 2010-07-23 11:59:53 ----D---- C:\WINDOWS\Media 2010-07-21 22:01:55 ----D---- C:\Program Files\Mozilla Firefox 2010-07-20 21:34:34 ----A---- C:\WINDOWS\NeroDigital.ini 2010-07-20 20:03:36 ----D---- C:\Documents and Settings\Papa\Application Data\vlc 2010-07-19 12:07:15 ----A---- C:\WINDOWS\win.ini 2010-07-18 12:08:13 ----D---- C:\Program Files\CCleaner 2010-07-17 18:21:27 ----D---- C:\WINDOWS\system32\drivers\etc 2010-07-17 17:16:17 ----D---- C:\Program Files\Java 2010-07-15 16:33:59 ----D---- C:\QUARANTINE 2010-07-15 14:48:10 ----D---- C:\Documents and Settings\Papa\Application Data\dvdcss 2010-07-14 14:11:52 ----D---- C:\Program Files\uTorrent 2010-07-13 19:52:56 ----D---- C:\Program Files\WinRAR 2010-07-13 19:03:23 ----D---- C:\WINDOWS\SoftwareDistribution 2010-06-18 23:10:37 ----D---- C:\Program Files\Messenger Plus! Live 2010-06-16 22:37:34 ----D---- C:\Program Files\Freeplayer 2010-06-16 01:19:50 ----D---- C:\Program Files\Fichiers communs\DivX Shared 2010-06-16 01:19:50 ----D---- C:\Program Files\DivX 2010-06-15 21:14:29 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee 2010-06-15 21:14:16 ----D---- C:\Program Files\McAfee 2010-05-09 15:20:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-05-05 23:01:03 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-04-27 20:40:40 ----N---- C:\WINDOWS\system32\vxblock.dll 2010-04-27 20:40:40 ----N---- C:\WINDOWS\system32\pxwave.dll 2010-04-27 20:40:40 ----N---- C:\WINDOWS\system32\pxsfs.dll 2010-04-27 20:40:40 ----N---- C:\WINDOWS\system32\pxmas.dll 2010-04-27 20:40:40 ----N---- C:\WINDOWS\system32\pxinsi64.exe 2010-04-27 20:40:40 ----N---- C:\WINDOWS\system32\pxinsa64.exe 2010-04-27 20:40:40 ----N---- C:\WINDOWS\system32\pxhpinst.exe 2010-04-27 20:40:40 ----N---- C:\WINDOWS\system32\pxdrv.dll 2010-04-27 20:40:40 ----N---- C:\WINDOWS\system32\pxcpyi64.exe 2010-04-27 20:40:40 ----N---- C:\WINDOWS\system32\pxcpya64.exe 2010-04-27 20:40:40 ----N---- C:\WINDOWS\system32\pxafs.dll 2010-04-27 20:40:40 ----N---- C:\WINDOWS\system32\px.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 fsbts;fsbts; C:\WINDOWS\system32\Drivers\fsbts.sys [2010-07-17 41256] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648] R0 SysPlant;SysPlant for NT; C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys [2008-10-31 94032] R0 Teefer;Teefer for NT; C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys [2008-10-31 104912] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys [] R1 mfetdik;McAfee Inc.; C:\WINDOWS\system32\drivers\mfetdik.sys [2009-06-08 52168] R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632] R1 wpsdrvnt;wpsdrvnt; \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys [] R2 wg3n;SyGate for NT, wg3n; C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys [2008-10-31 15184] R2 wg4n;SyGate for NT, wg4n; C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys [2008-10-31 15184] R2 wg5n;SyGate for NT, wg5n; C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys [2008-10-31 15184] R2 wg6n;SyGate for NT, wg6n; C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys [2008-10-31 15184] R2 WGX;Extend WG Protocol Driver; C:\WINDOWS\SYSTEM32\Drivers\WGX.sys [2008-10-31 41232] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-05-10 156160] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-01-23 804317] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [] R3 mfeapfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeapfk.sys [2009-06-08 65000] R3 mfeavfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-06-08 73512] R3 mfebopk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-06-08 34408] R3 mfehidk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfehidk.sys [2009-06-08 177864] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2009-05-28 27792] R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-03-22 260224] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 APL531;Hercules Dualpix HD Webcam; C:\WINDOWS\System32\Drivers\HDvidv.sys [2007-07-13 285952] S3 atidgllk;atidgllk; \??\C:\dell\drivers\R105090\atidgllk.sys [] S3 camfilt2;camfilt2; C:\WINDOWS\system32\DRIVERS\camfilt2.sys [2008-02-01 103720] S3 catchme;catchme; \??\C:\DOCUME~1\Papa\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys [] S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys [] S3 fbxusb;Carte réseau virtuelle FreeBox USB (32 bits); C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2007-08-27 31128] S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter; \??\C:\Documents and Settings\Papa\Local Settings\Temp\{97579417-DE09-4743-B59B-611E72D87A72}\fsgk.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S4 Pcmcvc;Pcmcvc; C:\WINDOWS\system32\drivers\Pcmcvc.sys [] S4 SysGuard;SysGuard; C:\WINDOWS\System32\Drivers\Sysguard.sys [2008-10-31 42496] S4 vsdatant;vsdatant; C:\WINDOWS\system32\drivers\vsdatant.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-06-22 153376] R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2006-11-17 104000] R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe [2009-06-08 144704] R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe [2009-06-08 54608] R2 SmcService;Symantec Protection Agent 5.1; C:\Program Files\Symantec\SPA\smc.exe [2008-10-31 1962832] R2 SNAC;Symantec NAC Service; C:\Program Files\Symantec\SPA\snac.exe [2008-10-31 222544] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S4 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-11-04 68096] S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-24 654848] -----------------EOF----------------- Rapport info.txt : info.txt logfile of random's system information tool 1.08 2010-07-24 14:26:07 ======Uninstall list====== -->C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL AC3Filter 1.62b-->"C:\Program Files\AC3Filter\unins000.exe" Adobe Acrobat 8.1.3 Professional-->msiexec /I {AC76BA86-1033-F400-7760-000000000003} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe" adsl TV-->C:\Program Files\adslTV\Uninstal.exe AIDA32 v3.93-->"C:\Program Files\AIDA32 - Personal System Information\unins000.exe" Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} AVIConverter 5.1.6-->C:\Program Files\AVIConverter\uninst.exe Broadcom Advanced Control Suite 2-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2E086814-7392-4E0F-ADB8-54A81E47406C} /l1036 Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{7E369B27-13E2-41A5-9879-358EE1C8B5AD} Caricature Studio Green 3.6-->MsiExec.exe /I{AC5019DA-5DC2-44E6-808A-1A68F3CCA79D} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" CDex extraction audio-->"C:\Program Files\CDex_150\uninstall.exe" Configuration DivX-->C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com Dell Driver Reset Tool-->MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76} Direct Show Ogg Vorbis Filter (remove only)-->"C:\WINDOWS\system32\OggDSuninst.exe" DivX Converter-->C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER DivX Plus DirectShow Filters-->C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe /DSFILTERS Dofus 1.28.0-->C:\Program Files\Dofus\uninstall.exe DriverAgent by eSupport.com-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe" Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} Hattrick Organizer (remove only)-->C:\HattrickOrganizer\Uninstall.exe Hercules DualPix HD Webcam-->C:\Program Files\InstallShield Installation Information\{F0CFDC72-63D2-4086-A54F-1514494394A0}\setup.exe -runfromtemp -l0x040c -removeonly HiJackThis-->MsiExec.exe /X{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A} HomePlayer 1.5.9b-->C:\Program Files\HomePlayer\uninst.exe Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Intel® Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582 IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe Java DB 10.3.1.4-->MsiExec.exe /X{CD49361E-3FE6-457E-90A1-9C59E29B5D02} Java 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF} Java SE Development Kit 6 Update 10-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160100} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" McAfee VirusScan Enterprise-->MsiExec.exe /I{35C03C04-3F1F-42C2-A989-A757EE691F65} MediaCoder 0.7.3.4612-->C:\Program Files\MediaCoder\uninst.exe Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Mozilla Firefox (3.6.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mpeg Layer3 Codec FHG-Radium v1.263-->C:\WINDOWS\UNWISE.EXE C:\audio\L3CODE~1\INSTALL.LOG MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} SopCast 2.0.4-->C:\Program Files\SopCast\uninst.exe SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x40c -removeonly Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Symantec Protection Agent 5.1-->MsiExec.exe /X{DFCC8B8F-8583-43CA-AA33-ECBC20EA1F35} VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421} VDownloader 0.82-->"C:\Program Files\VDOWNLOADER\unins000.exe" Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" VLC media player 1.0.5-->C:\Program Files\adslTV\uninstall.exe Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Xvid 1.2.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe" ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: McAfee VirusScan Enterprise FW: Symantec Protection Agent 5.1 ======System event log====== Computer Name: CHTIPC Event Code: 9 Message: Broadcom NetXtreme 57xx Gigabit Controller: Network controller configured for 100Mb full-duplex link. Record Number: 5 Source Name: b57w2k Time Written: 20100720115024.000000+120 Event Type: Informations User: Computer Name: CHTIPC Event Code: 15 Message: Broadcom NetXtreme 57xx Gigabit Controller: Driver initialized successfully. Record Number: 4 Source Name: b57w2k Time Written: 20100720115024.000000+120 Event Type: Informations User: Computer Name: CHTIPC Event Code: 1001 Message: L'ordinateur a redémarré après une vérification d'erreur. La vérification d'erreur était : 0x000000f4 (0x00000003, 0x8a024880, 0x8a0249f4, 0x805c8bfc). Un vidage a été enregistré dans : C:\WINDOWS\Minidump\Mini072010-02.dmp. Record Number: 3 Source Name: Save Dump Time Written: 20100720115008.000000+120 Event Type: Informations User: Computer Name: CHTIPC Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 2 Source Name: EventLog Time Written: 20100720115001.000000+120 Event Type: Informations User: Computer Name: CHTIPC Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 3 Uniprocessor Free. Record Number: 1 Source Name: EventLog Time Written: 20100720115001.000000+120 Event Type: Informations User: =====Application event log===== Computer Name: CHTIPC Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 1274 Source Name: SecurityCenter Time Written: 20100618220626.000000+120 Event Type: Informations User: Computer Name: CHTIPC Event Code: 1002 Message: L'environnement s'est arrêté de façon inattendue et Explorer.exe a redémarré. Record Number: 1273 Source Name: Winlogon Time Written: 20100617231524.000000+120 Event Type: Informations User: Computer Name: CHTIPC Event Code: 4097 Message: L'application, C:\WINDOWS\explorer.exe, a généré une erreur d'application L'erreur s'est produite le 06/17/2010 à 23:15:21.953 L'exception générée était c0000005 à l'adresse 04E89290 (<nosymbols>) Record Number: 1272 Source Name: DrWatson Time Written: 20100617231522.000000+120 Event Type: Informations User: Computer Name: CHTIPC Event Code: 1000 Message: Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x04e89290. Record Number: 1271 Source Name: Application Error Time Written: 20100617231412.000000+120 Event Type: erreur User: Computer Name: CHTIPC Event Code: 1002 Message: L'environnement s'est arrêté de façon inattendue et Explorer.exe a redémarré. Record Number: 1270 Source Name: Winlogon Time Written: 20100617212902.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Fichiers communs\DivX Shared "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel "PROCESSOR_REVISION"=0401 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "DEFLOGDIR"=C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection "VSEDEFLOGDIR"=C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection -----------------EOF----------------- Raport MBAM : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4343 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 24/07/2010 15:12:37 mbam-log-2010-07-24 (15-12-37).txt Type d'examen: Examen complet (C:\|D:\|H:\|) Elément(s) analysé(s): 237705 Temps écoulé: 57 minute(s), 46 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Je confirme que le son n'a plus été modifié depuis et que pour l'instant pas une PUB n'est apparue et IE ne s'est plus lancé sournoisement en mode caché...A priori, l'éradition de la bébette a bien eu lieu. Cependant, mes boutons multimédia du mon clavie Dell SK-8135, contrôlant notamment le volume, ect ne fonctionne plus Afin de ne pas mourrir idiot, pourrais je savoir ce que c'était ?

Fait. Lors du reboot, contrairement à avant, je voyais l'option avec la console de récupération apparaitre (2 sec) mais là, plus du tout.. Et pourtant je suis bien à 8 sec conformément à la procédure ci-dessus. A priori, le niveau du son n'est plus à zéro par défaut dès l'ouverture du système et d'après mon pare-feu, IE ne s'est pas lancé tout seul en caché. Pour les pubs, rien pour le moment mais comme cela reste aléatoire, je ne sais pas si ce problème est réglé ou pas pour le moment. Dois-je comprendre que cela a réussi ? Quelle est la suite ?

Fait. Seul Hic, il ne m'a pas demandé de redémarrer mon PC. Dois je le faire manuellement ?

Voici :

Bonjour, Opération effectuée. Voici le rapport : ComboFix 10-07-23.02 - Papa 24/07/2010 11:35:44.2.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2038.1347 [GMT 2:00] Lancé depuis: c:\documents and settings\Papa\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\Papa\Bureau\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe AV: McAfee VirusScan Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0} FW: Symantec Protection Agent 5.1 *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} . ((((((((((((((((((((((((((((( Fichiers créés du 2010-06-24 au 2010-07-24 )))))))))))))))))))))))))))))))))))) . 2010-07-23 15:29 . 2010-07-23 15:29 -------- d-sh--w- c:\documents and settings\Tilou\IETldCache 2010-07-23 13:07 . 2010-07-23 13:07 -------- d-sh--w- c:\documents and settings\Juju\IETldCache 2010-07-23 10:04 . 2010-07-23 10:04 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE 2010-07-23 10:03 . 2010-07-23 10:03 -------- d-sh--w- c:\documents and settings\Papa\IETldCache 2010-07-23 10:02 . 2010-07-23 10:02 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2010-07-23 09:59 . 2009-01-07 16:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2010-07-23 09:58 . 2010-07-23 09:59 -------- dc-h--w- c:\windows\ie8 2010-07-23 05:08 . 2010-07-12 08:55 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-07-20 09:36 . 2010-07-20 09:37 -------- d-----w- C:\rsit 2010-07-20 09:04 . 2010-07-23 11:19 -------- d-----w- c:\program files\Ad-Remover 2010-07-20 08:38 . 2010-07-20 08:43 -------- d-----w- c:\program files\ZHPFix 2010-07-20 08:31 . 2010-07-20 08:55 -------- d-----w- c:\program files\ZHPDiag 2010-07-18 18:26 . 2010-07-18 18:26 -------- d-----w- c:\documents and settings\NetworkService\Bureau 2010-07-18 11:31 . 2010-07-12 08:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-07-18 11:08 . 2010-07-18 11:08 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2010-07-18 11:06 . 2010-07-18 11:06 -------- d-----w- c:\documents and settings\Papa\Local Settings\Application Data\Sunbelt Software 2010-07-18 11:05 . 2010-07-18 11:05 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E} 2010-07-18 11:05 . 2010-07-12 08:56 2979280 -c--a-w- c:\documents and settings\All Users\Application Data\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}\Ad-AwareInstall.exe 2010-07-18 11:04 . 2010-07-18 11:04 -------- d-----w- c:\program files\Lavasoft 2010-07-18 08:24 . 2010-07-20 09:51 -------- d-----w- c:\program files\trend micro 2010-07-18 08:23 . 2010-07-18 08:23 388096 ----a-r- c:\documents and settings\Papa\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-07-17 18:57 . 2010-07-17 18:57 41256 ----a-w- c:\windows\system32\drivers\fsbts.sys 2010-07-17 15:51 . 2010-07-23 09:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-07-17 15:51 . 2010-07-17 15:54 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-07-17 15:16 . 2010-07-17 15:16 -------- d-----w- c:\program files\Fichiers communs\Java 2010-07-15 16:59 . 2010-07-15 17:02 -------- d-----w- c:\documents and settings\Papa\Application Data\QuickScan 2010-07-15 16:59 . 2010-05-31 14:34 702120 ----a-w- c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll 2010-07-15 16:59 . 2010-05-31 14:34 868456 ----a-w- c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll 2010-07-15 11:59 . 2010-07-15 12:00 -------- d-----w- c:\program files\HomePlayer 2010-07-13 17:11 . 2010-07-13 17:11 61440 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-489f32aa-n\decora-sse.dll 2010-07-13 17:11 . 2010-07-13 17:11 12800 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-489f32aa-n\decora-d3d.dll 2010-07-13 17:11 . 2010-07-13 17:11 503808 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-13680281-n\msvcp71.dll 2010-07-13 17:11 . 2010-07-13 17:11 499712 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-13680281-n\jmc.dll 2010-07-13 17:11 . 2010-07-13 17:11 348160 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-13680281-n\msvcr71.dll 2010-07-13 09:44 . 2010-07-13 09:44 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure 2010-07-13 09:25 . 2010-07-13 09:25 503808 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4184f128-n\msvcp71.dll 2010-07-13 09:25 . 2010-07-13 09:25 499712 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4184f128-n\jmc.dll 2010-07-13 09:25 . 2010-07-13 09:25 348160 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4184f128-n\msvcr71.dll 2010-07-13 09:25 . 2010-07-13 09:25 61440 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5653cfa5-n\decora-sse.dll 2010-07-13 09:25 . 2010-07-13 09:25 12800 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5653cfa5-n\decora-d3d.dll 2010-07-13 09:25 . 2010-06-22 02:36 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-07-13 00:19 . 2010-07-13 00:19 -------- d-----r- c:\documents and settings\NetworkService\Favoris 2010-07-11 09:02 . 2010-07-23 10:03 -------- d-----r- c:\documents and settings\LocalService\Favoris . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-20 18:03 . 2010-03-03 23:19 -------- d-----w- c:\documents and settings\Papa\Application Data\vlc 2010-07-20 12:59 . 2009-08-24 12:38 -------- d-----w- c:\documents and settings\Papa\Application Data\uTorrent 2010-07-18 11:30 . 2009-10-31 03:18 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-07-18 11:04 . 2009-10-23 23:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2010-07-18 10:08 . 2010-04-23 15:46 -------- d-----w- c:\program files\CCleaner 2010-07-17 15:16 . 2009-08-23 23:43 -------- d-----w- c:\program files\Java 2010-07-16 12:16 . 2010-01-10 14:48 -------- d-----w- c:\documents and settings\Juju\Application Data\vlc 2010-07-15 12:48 . 2009-11-27 23:35 -------- d-----w- c:\documents and settings\Papa\Application Data\dvdcss 2010-07-14 12:11 . 2009-08-24 12:39 -------- d-----w- c:\program files\uTorrent 2010-07-06 20:26 . 2010-03-04 14:36 -------- d-----w- c:\documents and settings\Tilou\Application Data\vlc 2010-06-18 21:10 . 2009-08-24 14:59 -------- d-----w- c:\program files\Messenger Plus! Live 2010-06-16 20:37 . 2009-09-06 10:11 -------- d-----w- c:\program files\Freeplayer 2010-06-15 23:20 . 2010-05-14 18:15 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-06-15 23:20 . 2010-05-09 15:03 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX 2010-06-15 23:19 . 2010-06-15 23:19 56765 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe 2010-06-15 23:19 . 2009-08-23 23:56 -------- d-----w- c:\program files\Fichiers communs\DivX Shared 2010-06-15 23:19 . 2009-08-23 23:56 -------- d-----w- c:\program files\DivX 2010-06-15 23:19 . 2010-06-15 23:19 56997 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe 2010-06-15 23:19 . 2010-06-15 23:19 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe 2010-06-15 23:19 . 2010-06-15 23:19 57715 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe 2010-06-15 23:19 . 2010-06-15 23:19 84062 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe 2010-06-15 23:18 . 2010-06-15 23:18 54153 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe 2010-06-15 23:18 . 2010-06-15 23:18 54128 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe 2010-06-15 23:18 . 2010-06-15 23:18 54644 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe 2010-06-15 23:18 . 2010-06-15 23:18 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe 2010-06-15 23:16 . 2010-05-14 18:15 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll 2010-06-15 23:16 . 2010-05-14 18:15 895256 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe 2010-06-15 19:14 . 2009-08-23 23:49 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2010-06-15 19:14 . 2010-06-15 19:14 -------- d-----w- c:\program files\common files 2010-06-15 19:14 . 2010-06-15 19:14 -------- d-----w- c:\program files\Fichiers communs\McAfee 2010-06-15 19:14 . 2009-08-23 23:48 -------- d-----w- c:\program files\McAfee 2010-06-03 08:05 . 2010-06-18 23:27 343552 ----a-w- c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll 2010-05-14 18:15 . 2010-05-14 18:15 57054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 54166 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 57532 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 56458 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 54174 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe 2010-05-14 18:14 . 2010-05-14 18:14 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe 2010-05-09 13:20 . 2008-04-14 12:00 72126 ----a-w- c:\windows\system32\perfc00C.dat 2010-05-09 13:20 . 2008-04-14 12:00 460986 ----a-w- c:\windows\system32\perfh00C.dat 2010-04-29 13:39 . 2009-10-24 10:25 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-29 13:39 . 2009-10-24 10:25 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-27 18:40 . 2009-08-23 23:56 126448 ------w- c:\windows\system32\pxinsi64.exe 2010-04-27 18:40 . 2009-08-23 23:56 123888 ------w- c:\windows\system32\pxcpyi64.exe 2010-04-27 18:40 . 2009-08-23 23:39 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys 2010-04-27 18:40 . 2009-08-23 23:39 133616 ------w- c:\windows\system32\pxafs.dll . ((((((((((((((((((((((((((((( SnapShot@2010-07-23_10.23.39 ))))))))))))))))))))))))))))))))))))))))) . + 2010-07-24 09:05 . 2010-07-24 09:05 16384 c:\windows\Temp\Perflib_Perfdata_740.dat + 2009-08-23 23:03 . 2010-07-24 09:33 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2009-08-23 23:03 . 2010-07-23 10:17 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2009-08-23 23:03 . 2010-07-24 09:33 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - 2009-08-23 23:03 . 2010-07-23 10:17 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2009-08-23 23:03 . 2010-07-24 09:33 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat - 2009-08-23 23:03 . 2010-07-23 10:17 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2006-11-17 136768] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-01-23 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-01-23 126976] "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2009-06-08 111952] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Hyperappel du Petit Larousse 2010.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Hyperappel du Petit Larousse 2010.lnk backup=c:\windows\pss\Hyperappel du Petit Larousse 2010.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] 2008-10-14 19:38 623992 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamserviceHD] 2008-02-06 13:21 79144 ----a-w- c:\program files\Hercules\Hercules DualPix HD Webcam\CamService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] 2009-05-28 16:43 1468296 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)] 2010-04-29 13:39 1090952 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] 2004-10-14 12:42 1404928 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2009-03-05 14:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 09:44 248552 ----a-w- c:\program files\Fichiers communs\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2010-07-14 01:16 322352 ----a-w- c:\program files\uTorrent\uTorrent.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\HomePlayer\\HomePlayer.exe"= "c:\\Program Files\\HomePlayer\\VLC\\vlc.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [17/07/2010 20:57 41256] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [18/07/2010 13:31 64288] R3 APL531;Hercules Dualpix HD Webcam;c:\windows\system32\drivers\HDvidv.sys [31/01/2010 20:07 285952] R3 camfilt2;camfilt2;c:\windows\system32\drivers\camfilt2.sys [31/01/2010 20:07 103720] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12/07/2010 10:55 1352832] S3 atidgllk;atidgllk;c:\dell\drivers\R105090\atidgllk.sys [24/08/2009 02:34 5120] S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [21/02/2010 18:56 23456] S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;\??\c:\documents and settings\Papa\Local Settings\Temp\{97579417-DE09-4743-B59B-611E72D87A72}\fsgk.sys --> c:\documents and settings\Papa\Local Settings\Temp\{97579417-DE09-4743-B59B-611E72D87A72}\fsgk.sys [?] S3 fbxusb;Carte réseau virtuelle FreeBox USB (32 bits);c:\windows\system32\drivers\fbxusb32.sys [20/10/2004 14:23 31128] S4 Pcmcvc;Pcmcvc; [x] S4 SysGuard;SysGuard;c:\windows\system32\drivers\Sysguard.sys [24/08/2009 01:50 42496] . Contenu du dossier 'Tâches planifiées' 2010-07-24 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-07-12 08:55] . . ------- Examen supplémentaire ------- . FF - ProfilePath - c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\ FF - prefs.js: browser.startup.homepage - www.google.fr FF - component: c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll FF - plugin: c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll FF - plugin: c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-07-24 11:42 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\vsdatant] "ImagePath"="" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,6b,47,75,66,68,fa,46,a4,06,48,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,6b,47,75,66,68,fa,46,a4,06,48,\ . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(3732) c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\eappprxy.dll c:\program files\Symantec\SPA\SnacNp.dll . Heure de fin: 2010-07-24 11:45:50 ComboFix-quarantined-files.txt 2010-07-24 09:45 ComboFix2.txt 2010-07-23 10:25 Avant-CF: 15 634 644 992 octets libres Après-CF: 15 773 663 232 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect - - End Of File - - DD223358F7867F918F1025046B6A4923

ok... Juste une chose, avant de procéder à cela pour être sûr. Vous me demandez d'installer la console de récupération pour Xp SP2 alors que je suis en XP SP3. C'est bien cela? Ce n'est pas une erreur de pack ?

Bonjour, Xp SP3... Pour la console, je ne savais pas si c'était vraiment utile de l'installer.

Bonjour à tous. Voila, cela fait presque 2 semaines que je me retrouve ennuyé par des pubs intempestives qui s'ouvrent exclusivement par Internet explorer, et ce même si je ne suis pas en train de naviguer. A savoir que je navigue exclusivement par Firefox Mozilla. Symptômes recensés: 1 - D'après mon pare-feu, IE semble se connecter à l'ouverture du PC alors qu'aucune fenêtre n'est pourtant apparente. 2 - De façon aléatoire, une page de pub (pas que française), différente à chaque fois apparait même sans aucune connexion de navigateur demandée et mêm si je n'ai pas autorisé l'accès à internet par le biais de mon part feu. 3 - Le son PC, lors d'écoute de films ou musiques, se met à zéro tout seul. Une fois le son remis, il se recoupe de façon aléatoire. 4 - Lorsque je suis sur une fenêtre ouverte, que ce soit internet, MSn, fichier word, ect, toujours de façon aléatoire, cette fenêtre se retrouve dé-sélectionnée sans que je n'en fasse la demande (difficile à expliquer ceci, j'espère que vous me comprendrez). Je précise que mon anti virus est à jour (mcafee version pro) et protégé par un parefeu Symantec protection agent 5.1. Je scanne régulièrement mon pc avec Ad-aware, Spyboot, Malware malbytes et ceux-ci ne trouvent rien. J'ai donc scanné mon pc avec différents logiciels comme ad-removal, Gmer (mon pc plante et reboote tout seul si ce n'est pas fait en mode sans echec), ZHPfix, easy cleaner, fseasyclean.. Toujours sans succès. En ayant parcouru de nombreux forums, les rapports Hijackthis + combofix + MBRcheck sont requis afin d'y voir plus clair... Alors les voici : ComboFix 10-07-22.01 - Papa 23/07/2010 12:18:39.1.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2038.1394 [GMT 2:00] Lancé depuis: c:\documents and settings\Papa\Bureau\ComboFix.exe AV: McAfee VirusScan Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0} FW: Symantec Protection Agent 5.1 *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés du 2010-06-23 au 2010-07-23 )))))))))))))))))))))))))))))))))))) . 2010-07-23 10:04 . 2010-07-23 10:04 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE 2010-07-23 10:03 . 2010-07-23 10:03 -------- d-sh--w- c:\documents and settings\Papa\IETldCache 2010-07-23 10:02 . 2010-07-23 10:02 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2010-07-23 09:59 . 2009-01-07 16:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2010-07-23 09:58 . 2010-07-23 09:59 -------- dc-h--w- c:\windows\ie8 2010-07-23 05:08 . 2010-07-12 08:55 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-07-20 09:36 . 2010-07-20 09:37 -------- d-----w- C:\rsit 2010-07-20 09:04 . 2010-07-23 00:18 -------- d-----w- c:\program files\Ad-Remover 2010-07-20 08:38 . 2010-07-20 08:43 -------- d-----w- c:\program files\ZHPFix 2010-07-20 08:31 . 2010-07-20 08:55 -------- d-----w- c:\program files\ZHPDiag 2010-07-18 18:26 . 2010-07-18 18:26 -------- d-----w- c:\documents and settings\NetworkService\Bureau 2010-07-18 11:31 . 2010-07-12 08:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-07-18 11:08 . 2010-07-18 11:08 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2010-07-18 11:06 . 2010-07-18 11:06 -------- d-----w- c:\documents and settings\Papa\Local Settings\Application Data\Sunbelt Software 2010-07-18 11:05 . 2010-07-18 11:05 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E} 2010-07-18 11:05 . 2010-07-12 08:56 2979280 -c--a-w- c:\documents and settings\All Users\Application Data\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}\Ad-AwareInstall.exe 2010-07-18 11:04 . 2010-07-18 11:04 -------- d-----w- c:\program files\Lavasoft 2010-07-18 08:24 . 2010-07-20 09:51 -------- d-----w- c:\program files\trend micro 2010-07-18 08:23 . 2010-07-18 08:23 388096 ----a-r- c:\documents and settings\Papa\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-07-17 18:57 . 2010-07-17 18:57 41256 ----a-w- c:\windows\system32\drivers\fsbts.sys 2010-07-17 15:51 . 2010-07-23 09:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-07-17 15:51 . 2010-07-17 15:54 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-07-17 15:16 . 2010-07-17 15:16 -------- d-----w- c:\program files\Fichiers communs\Java 2010-07-15 16:59 . 2010-07-15 17:02 -------- d-----w- c:\documents and settings\Papa\Application Data\QuickScan 2010-07-15 16:59 . 2010-05-31 14:34 702120 ----a-w- c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll 2010-07-15 16:59 . 2010-05-31 14:34 868456 ----a-w- c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll 2010-07-15 11:59 . 2010-07-15 12:00 -------- d-----w- c:\program files\HomePlayer 2010-07-13 17:11 . 2010-07-13 17:11 61440 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-489f32aa-n\decora-sse.dll 2010-07-13 17:11 . 2010-07-13 17:11 12800 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-489f32aa-n\decora-d3d.dll 2010-07-13 17:11 . 2010-07-13 17:11 503808 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-13680281-n\msvcp71.dll 2010-07-13 17:11 . 2010-07-13 17:11 499712 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-13680281-n\jmc.dll 2010-07-13 17:11 . 2010-07-13 17:11 348160 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-13680281-n\msvcr71.dll 2010-07-13 09:44 . 2010-07-13 09:44 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure 2010-07-13 09:25 . 2010-07-13 09:25 503808 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4184f128-n\msvcp71.dll 2010-07-13 09:25 . 2010-07-13 09:25 499712 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4184f128-n\jmc.dll 2010-07-13 09:25 . 2010-07-13 09:25 348160 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4184f128-n\msvcr71.dll 2010-07-13 09:25 . 2010-07-13 09:25 61440 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5653cfa5-n\decora-sse.dll 2010-07-13 09:25 . 2010-07-13 09:25 12800 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5653cfa5-n\decora-d3d.dll 2010-07-13 09:25 . 2010-06-22 02:36 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-07-13 00:19 . 2010-07-13 00:19 -------- d-----r- c:\documents and settings\NetworkService\Favoris 2010-07-11 09:02 . 2010-07-23 10:03 -------- d-----r- c:\documents and settings\LocalService\Favoris . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-20 18:03 . 2010-03-03 23:19 -------- d-----w- c:\documents and settings\Papa\Application Data\vlc 2010-07-20 12:59 . 2009-08-24 12:38 -------- d-----w- c:\documents and settings\Papa\Application Data\uTorrent 2010-07-18 11:30 . 2009-10-31 03:18 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-07-18 11:04 . 2009-10-23 23:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2010-07-18 10:08 . 2010-04-23 15:46 -------- d-----w- c:\program files\CCleaner 2010-07-17 15:16 . 2009-08-23 23:43 -------- d-----w- c:\program files\Java 2010-07-16 12:16 . 2010-01-10 14:48 -------- d-----w- c:\documents and settings\Juju\Application Data\vlc 2010-07-15 12:48 . 2009-11-27 23:35 -------- d-----w- c:\documents and settings\Papa\Application Data\dvdcss 2010-07-14 12:11 . 2009-08-24 12:39 -------- d-----w- c:\program files\uTorrent 2010-07-06 20:26 . 2010-03-04 14:36 -------- d-----w- c:\documents and settings\Tilou\Application Data\vlc 2010-06-18 21:10 . 2009-08-24 14:59 -------- d-----w- c:\program files\Messenger Plus! Live 2010-06-16 20:37 . 2009-09-06 10:11 -------- d-----w- c:\program files\Freeplayer 2010-06-15 23:20 . 2010-05-14 18:15 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-06-15 23:20 . 2010-05-09 15:03 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX 2010-06-15 23:19 . 2010-06-15 23:19 56765 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe 2010-06-15 23:19 . 2009-08-23 23:56 -------- d-----w- c:\program files\Fichiers communs\DivX Shared 2010-06-15 23:19 . 2009-08-23 23:56 -------- d-----w- c:\program files\DivX 2010-06-15 23:19 . 2010-06-15 23:19 56997 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe 2010-06-15 23:19 . 2010-06-15 23:19 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe 2010-06-15 23:19 . 2010-06-15 23:19 57715 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe 2010-06-15 23:19 . 2010-06-15 23:19 84062 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe 2010-06-15 23:18 . 2010-06-15 23:18 54153 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe 2010-06-15 23:18 . 2010-06-15 23:18 54128 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe 2010-06-15 23:18 . 2010-06-15 23:18 54644 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe 2010-06-15 23:18 . 2010-06-15 23:18 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe 2010-06-15 23:16 . 2010-05-14 18:15 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll 2010-06-15 23:16 . 2010-05-14 18:15 895256 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe 2010-06-15 19:14 . 2009-08-23 23:49 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2010-06-15 19:14 . 2010-06-15 19:14 -------- d-----w- c:\program files\common files 2010-06-15 19:14 . 2010-06-15 19:14 -------- d-----w- c:\program files\Fichiers communs\McAfee 2010-06-15 19:14 . 2009-08-23 23:48 -------- d-----w- c:\program files\McAfee 2010-06-03 08:05 . 2010-06-18 23:27 343552 ----a-w- c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll 2010-05-14 18:15 . 2010-05-14 18:15 57054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 54166 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 57532 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 56458 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 54174 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe 2010-05-14 18:14 . 2010-05-14 18:14 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe 2010-05-09 13:20 . 2008-04-14 12:00 72126 ----a-w- c:\windows\system32\perfc00C.dat 2010-05-09 13:20 . 2008-04-14 12:00 460986 ----a-w- c:\windows\system32\perfh00C.dat 2010-04-29 13:39 . 2009-10-24 10:25 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-29 13:39 . 2009-10-24 10:25 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-27 18:40 . 2009-08-23 23:56 126448 ------w- c:\windows\system32\pxinsi64.exe 2010-04-27 18:40 . 2009-08-23 23:56 123888 ------w- c:\windows\system32\pxcpyi64.exe 2010-04-27 18:40 . 2009-08-23 23:39 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys 2010-04-27 18:40 . 2009-08-23 23:39 133616 ------w- c:\windows\system32\pxafs.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2006-11-17 136768] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-01-23 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-01-23 126976] "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2009-06-08 111952] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Hyperappel du Petit Larousse 2010.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Hyperappel du Petit Larousse 2010.lnk backup=c:\windows\pss\Hyperappel du Petit Larousse 2010.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] 2008-10-14 19:38 623992 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamserviceHD] 2008-02-06 13:21 79144 ----a-w- c:\program files\Hercules\Hercules DualPix HD Webcam\CamService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] 2009-05-28 16:43 1468296 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)] 2010-04-29 13:39 1090952 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] 2004-10-14 12:42 1404928 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2009-03-05 14:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 09:44 248552 ----a-w- c:\program files\Fichiers communs\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2010-07-14 01:16 322352 ----a-w- c:\program files\uTorrent\uTorrent.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\HomePlayer\\HomePlayer.exe"= "c:\\Program Files\\HomePlayer\\VLC\\vlc.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [17/07/2010 20:57 41256] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [18/07/2010 13:31 64288] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12/07/2010 10:55 1352832] S3 APL531;Hercules Dualpix HD Webcam;c:\windows\system32\drivers\HDvidv.sys [31/01/2010 20:07 285952] S3 atidgllk;atidgllk;c:\dell\drivers\R105090\atidgllk.sys [24/08/2009 02:34 5120] S3 camfilt2;camfilt2;c:\windows\system32\drivers\camfilt2.sys [31/01/2010 20:07 103720] S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [21/02/2010 18:56 23456] S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;\??\c:\documents and settings\Papa\Local Settings\Temp\{97579417-DE09-4743-B59B-611E72D87A72}\fsgk.sys --> c:\documents and settings\Papa\Local Settings\Temp\{97579417-DE09-4743-B59B-611E72D87A72}\fsgk.sys [?] S3 fbxusb;Carte réseau virtuelle FreeBox USB (32 bits);c:\windows\system32\drivers\fbxusb32.sys [20/10/2004 14:23 31128] S4 Pcmcvc;Pcmcvc; [x] S4 SysGuard;SysGuard;c:\windows\system32\drivers\Sysguard.sys [24/08/2009 01:50 42496] . Contenu du dossier 'Tâches planifiées' 2010-07-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-07-12 08:55] . . ------- Examen supplémentaire ------- . FF - ProfilePath - c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\ FF - prefs.js: browser.startup.homepage - www.google.fr FF - component: c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll FF - plugin: c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll FF - plugin: c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHELINS SUPPRIMES - - - - ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file) MSConfigStartUp-Device Detection - c:\program files\Auchan\Photogenie\dd.exe MSConfigStartUp-qplsec - c:\windows\system32\qwmmmse.exe MSConfigStartUp-UIUCU - c:\docume~1\Papa\LOCALS~1\Temp\UIUCU.EXE ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-07-23 12:23 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\vsdatant] "ImagePath"="" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,6b,47,75,66,68,fa,46,a4,06,48,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,6b,47,75,66,68,fa,46,a4,06,48,\ . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(3448) c:\windows\system32\webcheck.dll c:\windows\system32\IEFRAME.dll c:\windows\system32\eappprxy.dll c:\program files\Symantec\SPA\SnacNp.dll . Heure de fin: 2010-07-23 12:25:48 ComboFix-quarantined-files.txt 2010-07-23 10:25 Avant-CF: 15 708 676 096 octets libres Après-CF: 15 824 404 480 octets libres - - End Of File - - 4632705EFAF094A6D9DE8EB65D49CECC --------------------------------------------------------------------------------------------------- ComboFix 10-07-22.01 - Papa 23/07/2010 12:18:39.1.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2038.1394 [GMT 2:00] Lancé depuis: c:\documents and settings\Papa\Bureau\ComboFix.exe AV: McAfee VirusScan Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0} FW: Symantec Protection Agent 5.1 *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés du 2010-06-23 au 2010-07-23 )))))))))))))))))))))))))))))))))))) . 2010-07-23 10:04 . 2010-07-23 10:04 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE 2010-07-23 10:03 . 2010-07-23 10:03 -------- d-sh--w- c:\documents and settings\Papa\IETldCache 2010-07-23 10:02 . 2010-07-23 10:02 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2010-07-23 09:59 . 2009-01-07 16:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2010-07-23 09:58 . 2010-07-23 09:59 -------- dc-h--w- c:\windows\ie8 2010-07-23 05:08 . 2010-07-12 08:55 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-07-20 09:36 . 2010-07-20 09:37 -------- d-----w- C:\rsit 2010-07-20 09:04 . 2010-07-23 00:18 -------- d-----w- c:\program files\Ad-Remover 2010-07-20 08:38 . 2010-07-20 08:43 -------- d-----w- c:\program files\ZHPFix 2010-07-20 08:31 . 2010-07-20 08:55 -------- d-----w- c:\program files\ZHPDiag 2010-07-18 18:26 . 2010-07-18 18:26 -------- d-----w- c:\documents and settings\NetworkService\Bureau 2010-07-18 11:31 . 2010-07-12 08:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-07-18 11:08 . 2010-07-18 11:08 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2010-07-18 11:06 . 2010-07-18 11:06 -------- d-----w- c:\documents and settings\Papa\Local Settings\Application Data\Sunbelt Software 2010-07-18 11:05 . 2010-07-18 11:05 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E} 2010-07-18 11:05 . 2010-07-12 08:56 2979280 -c--a-w- c:\documents and settings\All Users\Application Data\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}\Ad-AwareInstall.exe 2010-07-18 11:04 . 2010-07-18 11:04 -------- d-----w- c:\program files\Lavasoft 2010-07-18 08:24 . 2010-07-20 09:51 -------- d-----w- c:\program files\trend micro 2010-07-18 08:23 . 2010-07-18 08:23 388096 ----a-r- c:\documents and settings\Papa\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-07-17 18:57 . 2010-07-17 18:57 41256 ----a-w- c:\windows\system32\drivers\fsbts.sys 2010-07-17 15:51 . 2010-07-23 09:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-07-17 15:51 . 2010-07-17 15:54 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-07-17 15:16 . 2010-07-17 15:16 -------- d-----w- c:\program files\Fichiers communs\Java 2010-07-15 16:59 . 2010-07-15 17:02 -------- d-----w- c:\documents and settings\Papa\Application Data\QuickScan 2010-07-15 16:59 . 2010-05-31 14:34 702120 ----a-w- c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll 2010-07-15 16:59 . 2010-05-31 14:34 868456 ----a-w- c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll 2010-07-15 11:59 . 2010-07-15 12:00 -------- d-----w- c:\program files\HomePlayer 2010-07-13 17:11 . 2010-07-13 17:11 61440 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-489f32aa-n\decora-sse.dll 2010-07-13 17:11 . 2010-07-13 17:11 12800 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-489f32aa-n\decora-d3d.dll 2010-07-13 17:11 . 2010-07-13 17:11 503808 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-13680281-n\msvcp71.dll 2010-07-13 17:11 . 2010-07-13 17:11 499712 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-13680281-n\jmc.dll 2010-07-13 17:11 . 2010-07-13 17:11 348160 ----a-w- c:\documents and settings\Tilou\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-13680281-n\msvcr71.dll 2010-07-13 09:44 . 2010-07-13 09:44 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure 2010-07-13 09:25 . 2010-07-13 09:25 503808 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4184f128-n\msvcp71.dll 2010-07-13 09:25 . 2010-07-13 09:25 499712 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4184f128-n\jmc.dll 2010-07-13 09:25 . 2010-07-13 09:25 348160 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4184f128-n\msvcr71.dll 2010-07-13 09:25 . 2010-07-13 09:25 61440 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5653cfa5-n\decora-sse.dll 2010-07-13 09:25 . 2010-07-13 09:25 12800 ----a-w- c:\documents and settings\Papa\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5653cfa5-n\decora-d3d.dll 2010-07-13 09:25 . 2010-06-22 02:36 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-07-13 00:19 . 2010-07-13 00:19 -------- d-----r- c:\documents and settings\NetworkService\Favoris 2010-07-11 09:02 . 2010-07-23 10:03 -------- d-----r- c:\documents and settings\LocalService\Favoris . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-20 18:03 . 2010-03-03 23:19 -------- d-----w- c:\documents and settings\Papa\Application Data\vlc 2010-07-20 12:59 . 2009-08-24 12:38 -------- d-----w- c:\documents and settings\Papa\Application Data\uTorrent 2010-07-18 11:30 . 2009-10-31 03:18 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-07-18 11:04 . 2009-10-23 23:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2010-07-18 10:08 . 2010-04-23 15:46 -------- d-----w- c:\program files\CCleaner 2010-07-17 15:16 . 2009-08-23 23:43 -------- d-----w- c:\program files\Java 2010-07-16 12:16 . 2010-01-10 14:48 -------- d-----w- c:\documents and settings\Juju\Application Data\vlc 2010-07-15 12:48 . 2009-11-27 23:35 -------- d-----w- c:\documents and settings\Papa\Application Data\dvdcss 2010-07-14 12:11 . 2009-08-24 12:39 -------- d-----w- c:\program files\uTorrent 2010-07-06 20:26 . 2010-03-04 14:36 -------- d-----w- c:\documents and settings\Tilou\Application Data\vlc 2010-06-18 21:10 . 2009-08-24 14:59 -------- d-----w- c:\program files\Messenger Plus! Live 2010-06-16 20:37 . 2009-09-06 10:11 -------- d-----w- c:\program files\Freeplayer 2010-06-15 23:20 . 2010-05-14 18:15 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-06-15 23:20 . 2010-05-09 15:03 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX 2010-06-15 23:19 . 2010-06-15 23:19 56765 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe 2010-06-15 23:19 . 2009-08-23 23:56 -------- d-----w- c:\program files\Fichiers communs\DivX Shared 2010-06-15 23:19 . 2009-08-23 23:56 -------- d-----w- c:\program files\DivX 2010-06-15 23:19 . 2010-06-15 23:19 56997 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe 2010-06-15 23:19 . 2010-06-15 23:19 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe 2010-06-15 23:19 . 2010-06-15 23:19 57715 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe 2010-06-15 23:19 . 2010-06-15 23:19 84062 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe 2010-06-15 23:18 . 2010-06-15 23:18 54153 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe 2010-06-15 23:18 . 2010-06-15 23:18 54128 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe 2010-06-15 23:18 . 2010-06-15 23:18 54644 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe 2010-06-15 23:18 . 2010-06-15 23:18 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe 2010-06-15 23:16 . 2010-05-14 18:15 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll 2010-06-15 23:16 . 2010-05-14 18:15 895256 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe 2010-06-15 19:14 . 2009-08-23 23:49 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2010-06-15 19:14 . 2010-06-15 19:14 -------- d-----w- c:\program files\common files 2010-06-15 19:14 . 2010-06-15 19:14 -------- d-----w- c:\program files\Fichiers communs\McAfee 2010-06-15 19:14 . 2009-08-23 23:48 -------- d-----w- c:\program files\McAfee 2010-06-03 08:05 . 2010-06-18 23:27 343552 ----a-w- c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll 2010-05-14 18:15 . 2010-05-14 18:15 57054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 54166 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 57532 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 56458 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 54174 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe 2010-05-14 18:15 . 2010-05-14 18:15 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe 2010-05-14 18:14 . 2010-05-14 18:14 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe 2010-05-09 13:20 . 2008-04-14 12:00 72126 ----a-w- c:\windows\system32\perfc00C.dat 2010-05-09 13:20 . 2008-04-14 12:00 460986 ----a-w- c:\windows\system32\perfh00C.dat 2010-04-29 13:39 . 2009-10-24 10:25 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-29 13:39 . 2009-10-24 10:25 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-27 18:40 . 2009-08-23 23:56 126448 ------w- c:\windows\system32\pxinsi64.exe 2010-04-27 18:40 . 2009-08-23 23:56 123888 ------w- c:\windows\system32\pxcpyi64.exe 2010-04-27 18:40 . 2009-08-23 23:39 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys 2010-04-27 18:40 . 2009-08-23 23:39 133616 ------w- c:\windows\system32\pxafs.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2006-11-17 136768] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-01-23 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-01-23 126976] "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2009-06-08 111952] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Hyperappel du Petit Larousse 2010.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Hyperappel du Petit Larousse 2010.lnk backup=c:\windows\pss\Hyperappel du Petit Larousse 2010.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] 2008-10-14 19:38 623992 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamserviceHD] 2008-02-06 13:21 79144 ----a-w- c:\program files\Hercules\Hercules DualPix HD Webcam\CamService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] 2009-05-28 16:43 1468296 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)] 2010-04-29 13:39 1090952 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] 2004-10-14 12:42 1404928 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2009-03-05 14:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 09:44 248552 ----a-w- c:\program files\Fichiers communs\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2010-07-14 01:16 322352 ----a-w- c:\program files\uTorrent\uTorrent.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\HomePlayer\\HomePlayer.exe"= "c:\\Program Files\\HomePlayer\\VLC\\vlc.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [17/07/2010 20:57 41256] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [18/07/2010 13:31 64288] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12/07/2010 10:55 1352832] S3 APL531;Hercules Dualpix HD Webcam;c:\windows\system32\drivers\HDvidv.sys [31/01/2010 20:07 285952] S3 atidgllk;atidgllk;c:\dell\drivers\R105090\atidgllk.sys [24/08/2009 02:34 5120] S3 camfilt2;camfilt2;c:\windows\system32\drivers\camfilt2.sys [31/01/2010 20:07 103720] S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [21/02/2010 18:56 23456] S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;\??\c:\documents and settings\Papa\Local Settings\Temp\{97579417-DE09-4743-B59B-611E72D87A72}\fsgk.sys --> c:\documents and settings\Papa\Local Settings\Temp\{97579417-DE09-4743-B59B-611E72D87A72}\fsgk.sys [?] S3 fbxusb;Carte réseau virtuelle FreeBox USB (32 bits);c:\windows\system32\drivers\fbxusb32.sys [20/10/2004 14:23 31128] S4 Pcmcvc;Pcmcvc; [x] S4 SysGuard;SysGuard;c:\windows\system32\drivers\Sysguard.sys [24/08/2009 01:50 42496] . Contenu du dossier 'Tâches planifiées' 2010-07-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-07-12 08:55] . . ------- Examen supplémentaire ------- . FF - ProfilePath - c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\ FF - prefs.js: browser.startup.homepage - www.google.fr FF - component: c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll FF - plugin: c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll FF - plugin: c:\documents and settings\Papa\Application Data\Mozilla\Firefox\Profiles\kjf9dznv.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHELINS SUPPRIMES - - - - ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file) MSConfigStartUp-Device Detection - c:\program files\Auchan\Photogenie\dd.exe MSConfigStartUp-qplsec - c:\windows\system32\qwmmmse.exe MSConfigStartUp-UIUCU - c:\docume~1\Papa\LOCALS~1\Temp\UIUCU.EXE ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-07-23 12:23 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\vsdatant] "ImagePath"="" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,6b,47,75,66,68,fa,46,a4,06,48,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,6b,47,75,66,68,fa,46,a4,06,48,\ . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(3448) c:\windows\system32\webcheck.dll c:\windows\system32\IEFRAME.dll c:\windows\system32\eappprxy.dll c:\program files\Symantec\SPA\SnacNp.dll . Heure de fin: 2010-07-23 12:25:48 ComboFix-quarantined-files.txt 2010-07-23 10:25 Avant-CF: 15 708 676 096 octets libres Après-CF: 15 824 404 480 octets libres - - End Of File - - 4632705EFAF094A6D9DE8EB65D49CECC ------------------------------------------------------------------------------------------------------------------ MBRCheck, version 1.1.1 © 2010, AD \\.\C: --> \\.\PhysicalDrive0 \\.\D: --> \\.\PhysicalDrive0 Size Device Name MBR Status -------------------------------------------- 74 GB \\.\PhysicalDrive0 Known-bad MBR code detected (Whistler / Black Internet)! Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: Done! Press ENTER to exit... Voilà. Si par bonheur, l'une ou l'un d'entre vous serait assez aimable de se pencher sur mon cas, je lui en serais bien reconnaissant. Si vous avez besoin d'autres éléments, rapport, etc, je reste à votre disposition bien sûr D'avance merci.