Se connecter / S'enregistrer
Votre question

Rapport Hijackthis [Résolu]

Tags :
  • Hijackthis
  • Sécurité
Dernière réponse : dans Sécurité et virus
25 Octobre 2008 02:40:41

Bonjour

Et oui si j envoie ce message c'est que mon PC rame... à mort!!!
Donc j'ai laissé un Scan Hijackthis et je l'ai copié ci-dessous

Merci pour votre aide

Kenavo

Taz... exilé aux USA


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:33:34, on 25/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
c:\program files\mcafee.com\agent\mcdetect.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\tbmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\utility.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Emmanuel & Elodie\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer Provided by Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 53.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [OEM Tools 32] tres32.exe
O4 - HKLM\..\Run: [Microsoft media services] winmplayer.exe
O4 - HKLM\..\Run: [wvsvc] wvsvc.exe
O4 - HKLM\..\Run: [Windows Registry Scan] timeupdate.exe
O4 - HKLM\..\Run: [gujmkdqarzrn] C:\WINDOWS\System32\xubbzk.exe
O4 - HKLM\..\Run: [conscorr] C:\WINDOWS\conscorr.exe
O4 - HKLM\..\Run: [Windows SYSTEM32] Realplayer.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [Win32 System Spool] spoolsvc.exe
O4 - HKLM\..\Run: [Printer] C:\WINDOWS\private.exe
O4 - HKLM\..\Run: [Microsoft Service Manager] scvhost.exe
O4 - HKLM\..\Run: [netservices] recall.exe
O4 - HKLM\..\Run: [F62BE501] C:\WINDOWS\System32\kggfcikjca.exe
O4 - HKLM\..\Run: [Win32 USB2 Driver] wind32.exe
O4 - HKLM\..\Run: [Realplayer One] realplay.exe
O4 - HKLM\..\Run: [Sys29] C:\windows\system32\wincxz32.exe
O4 - HKLM\..\Run: [2Xldw8.exe] C:\documents and settings\elodie a mas\local settings\temp\2Xldw8.exe
O4 - HKLM\..\Run: [2Xldw8] C:\documents and settings\elodie a mas\local settings\temp\2Xldw8.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\tbmon.exe"
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE /P30 "EPSON Stylus Photo R220 Series" /O6 "USB001" /M "Stylus Photo R220"
O4 - HKLM\..\Run: [TopSearch] C:\Program Files\TopSearch\TopSearch.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [toprm] "C:\Program Files\Web__Rebates\webrebatesv.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\system32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\McAfee.com\Agent\McRegWiz.exe /autorun
O4 - HKLM\..\RunServices: [OEM Tools 32] tres32.exe
O4 - HKLM\..\RunServices: [Microsoft media services] winmplayer.exe
O4 - HKLM\..\RunServices: [wvsvc] wvsvc.exe
O4 - HKLM\..\RunServices: [Windows Registry Scan] timeupdate.exe
O4 - HKLM\..\RunServices: [Windows SYSTEM32] Realplayer.exe
O4 - HKLM\..\RunServices: [Win32 System Spool] spoolsvc.exe
O4 - HKLM\..\RunServices: [Microsoft Service Manager] scvhost.exe
O4 - HKLM\..\RunServices: [netservices] recall.exe
O4 - HKLM\..\RunServices: [8575BD17] C:\WINDOWS\System32\kggfcikjca.exe
O4 - HKLM\..\RunServices: [Win32 USB2 Driver] wind32.exe
O4 - HKLM\..\RunServices: [Realplayer One] realplay.exe
O4 - HKCU\..\Run: [Win32 System Spool] spoolsvc.exe
O4 - HKCU\..\Run: [Win32 USB2 Driver] wind32.exe
O4 - HKCU\..\Run: [netservices] recall.exe
O4 - HKCU\..\Run: [Win Updator Services] ctfnom.exe
O4 - HKCU\..\Run: [wvsvc] wvsvc.exe
O4 - HKCU\..\Run: [OEM Tools 32] tres32.exe
O4 - HKCU\..\Run: [MSN] msnmesengers.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunServices: [MSN] msnmesengers.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Win32 System Spool] spoolsvc.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [netservices] recall.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Win32 USB2 Driver] wind32.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Win32 System Spool] spoolsvc.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [Win32 System Spool] spoolsvc.exe (User 'Default user')
O4 - Startup: 2WireSetup.lnk = C:\Program Files\2Wire\WebWorks.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Belkin 802.11g Wireless Card Utility.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {DC187740-46A9-11D5-A815-00B0D0428C0C} - http://www.wella.de/consumer/salon_products/kp/farbbera...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\PROGRAM FILES\NORMAN\Nvc\BIN\NJEEVES.EXE
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Win32 System Spool - Unknown owner - C:\WINDOWS\System32\spoolsvc.exe (file missing)

--
End of file - 15344 bytes

Autres pages sur : rapport hijackthis resolu

a b 8 Sécurité
25 Octobre 2008 12:05:47

Bonjour,

Bien infecté :o 

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    25 Octobre 2008 19:16:23

    Salut Angeldark

    Merci pour ta réponse, j'ai suivie à la lettre tes recommandation et tu trouveras ci-dessous la copie du rapport MalwareByte...

    Kenavo

    Taz



    Malwarebytes' Anti-Malware 1.30
    Version de la base de données: 1319
    Windows 5.1.2600 Service Pack 3

    25/10/2008 19:03:09
    mbam-log-2008-10-25 (19-03-09).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 133562
    Temps écoulé: 2 hour(s), 16 minute(s), 19 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 5
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 14
    Fichier(s) infecté(s): 48

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{28caeff3-0f18-4036-b504-51d73bd81abc} (Adware.MediaAccess) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{825cf5bd-8862-4430-b771-0c15c5ca8def} (Adware.MediaAccess) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{28caeff3-0f18-4036-b504-51d73bd81abc} (Adware.MediaAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28caeff3-0f18-4036-b504-51d73bd81abc} (Adware.MediaAccess) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\untopr5 (Adware.WebRebates) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSN (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Printer (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\Documents and Settings\All Users\Application Data\Web__Rebates (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Web__Rebates\toprd (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\images (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\topra (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprh (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprs (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\categories (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\images (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Emmanuel & Elodie\Application Data\Web__Rebates (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Emmanuel & Elodie\Application Data\Web__Rebates\toprd (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Emmanuel & Elodie\Application Data\Web__Rebates\toprt (Adware.WebRebates) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Documents and Settings\All Users\Application Data\Web__Rebates\toprd\v468a12681c49.dat (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Web__Rebates\toprd\y468a12857871.dat (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Web__Rebates\toprd\z46a5b41766e5.dat (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\README.txt (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\images\topr_blnk.gif (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\images\topr_c_envelope.gif (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\images\topr_c_footer.gif (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\images\topr_c_hdr_autotrack_remove.gif (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\images\topr_c_hdr_settings.gif (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\images\topr_c_hdr_settings_toprebates.gif (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\images\topr_c_pop_circles.gif (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\images\topr_c_pop_circles_bg2.gif (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\images\topr_c_warning.gif (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\topra\to1155.dat (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\topra\topr5.dat (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprh\toprC5.htm (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprh\toprP5.htm (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprh\toprR5.htm (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprh\toprRPMF5.htm (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprh\toprRPMP5.htm (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprh\toprRPMS5.htm (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprh\toprUPMF5.htm (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprh\toprUPMP5.htm (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprh\toprUPMS5.htm (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprh\toprXPMP5.htm (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprh\toprXPMS5.htm (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprs\toprl.dat (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprs\toprp.dat (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Program Files\Web__Rebates\toprs\toprs.dat (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\adult.tbr (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\default.tbr (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\search.mnu (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\categories\drugs.mnu (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\categories\fav.mnu (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\images\casino-ico.bmp (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\images\casino.bmp (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\images\dating-ico.bmp (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\images\dating.bmp (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\images\drugs-ico.bmp (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\images\drugs.bmp (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\images\fav-ico.bmp (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\images\fav.bmp (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\WINDOWS\EliteToolBar\xml\images\virus.bmp (Adware.EliteToolBar) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Emmanuel & Elodie\Application Data\Web__Rebates\toprd\e47fd1e223b62.dat (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Emmanuel & Elodie\Application Data\Web__Rebates\toprd\m46a5b479655.dat (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Emmanuel & Elodie\Application Data\Web__Rebates\toprt\toprC5.htm (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Emmanuel & Elodie\Application Data\Web__Rebates\toprt\toprRPMF5.htm (Adware.WebRebates) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Emmanuel & Elodie\Application Data\Web__Rebates\toprt\toprUPMF5.htm (Adware.WebRebates) -> Quarantined and deleted successfully.
    Contenus similaires
    a b 8 Sécurité
    25 Octobre 2008 20:59:29

    Reposte un rapport Hijackthis.
    26 Octobre 2008 02:04:22

    Salut

    Ci-dessous le rapport Hijackthis que je viens de lancer

    Kenavo et Merci :) 

    Taz



    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 02:03:18, on 26/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
    C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
    C:\Program Files\Fichiers communs\Network Associates\TalkBack\tbmon.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE
    C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\utility.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Network Associates\VirusScan\mcshield.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Emmanuel & Elodie\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer Provided by Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [OEM Tools 32] tres32.exe
    O4 - HKLM\..\Run: [Microsoft media services] winmplayer.exe
    O4 - HKLM\..\Run: [wvsvc] wvsvc.exe
    O4 - HKLM\..\Run: [Windows Registry Scan] timeupdate.exe
    O4 - HKLM\..\Run: [gujmkdqarzrn] C:\WINDOWS\System32\xubbzk.exe
    O4 - HKLM\..\Run: [conscorr] C:\WINDOWS\conscorr.exe
    O4 - HKLM\..\Run: [Windows SYSTEM32] Realplayer.exe
    O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
    O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
    O4 - HKLM\..\Run: [Win32 System Spool] spoolsvc.exe
    O4 - HKLM\..\Run: [Microsoft Service Manager] scvhost.exe
    O4 - HKLM\..\Run: [netservices] recall.exe
    O4 - HKLM\..\Run: [F62BE501] C:\WINDOWS\System32\kggfcikjca.exe
    O4 - HKLM\..\Run: [Win32 USB2 Driver] wind32.exe
    O4 - HKLM\..\Run: [Realplayer One] realplay.exe
    O4 - HKLM\..\Run: [Sys29] C:\windows\system32\wincxz32.exe
    O4 - HKLM\..\Run: [2Xldw8.exe] C:\documents and settings\elodie a mas\local settings\temp\2Xldw8.exe
    O4 - HKLM\..\Run: [2Xldw8] C:\documents and settings\elodie a mas\local settings\temp\2Xldw8.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\tbmon.exe"
    O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
    O4 - HKLM\..\Run: [EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE /P30 "EPSON Stylus Photo R220 Series" /O6 "USB001" /M "Stylus Photo R220"
    O4 - HKLM\..\Run: [TopSearch] C:\Program Files\TopSearch\TopSearch.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [toprm] "C:\Program Files\Web__Rebates\webrebatesv.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\system32\PRISMSVR.EXE" /APPLY
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\McAfee.com\Agent\McRegWiz.exe /autorun
    O4 - HKLM\..\RunServices: [OEM Tools 32] tres32.exe
    O4 - HKLM\..\RunServices: [Microsoft media services] winmplayer.exe
    O4 - HKLM\..\RunServices: [wvsvc] wvsvc.exe
    O4 - HKLM\..\RunServices: [Windows Registry Scan] timeupdate.exe
    O4 - HKLM\..\RunServices: [Windows SYSTEM32] Realplayer.exe
    O4 - HKLM\..\RunServices: [Win32 System Spool] spoolsvc.exe
    O4 - HKLM\..\RunServices: [Microsoft Service Manager] scvhost.exe
    O4 - HKLM\..\RunServices: [netservices] recall.exe
    O4 - HKLM\..\RunServices: [8575BD17] C:\WINDOWS\System32\kggfcikjca.exe
    O4 - HKLM\..\RunServices: [Win32 USB2 Driver] wind32.exe
    O4 - HKLM\..\RunServices: [Realplayer One] realplay.exe
    O4 - HKCU\..\Run: [Win32 System Spool] spoolsvc.exe
    O4 - HKCU\..\Run: [Win32 USB2 Driver] wind32.exe
    O4 - HKCU\..\Run: [netservices] recall.exe
    O4 - HKCU\..\Run: [Win Updator Services] ctfnom.exe
    O4 - HKCU\..\Run: [wvsvc] wvsvc.exe
    O4 - HKCU\..\Run: [OEM Tools 32] tres32.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\RunServices: [MSN] msnmesengers.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Win32 System Spool] spoolsvc.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [netservices] recall.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Win32 USB2 Driver] wind32.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [Win32 System Spool] spoolsvc.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [Win32 System Spool] spoolsvc.exe (User 'Default user')
    O4 - Startup: 2WireSetup.lnk = C:\Program Files\2Wire\WebWorks.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = ?
    O4 - Global Startup: Belkin 802.11g Wireless Card Utility.lnk = ?
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
    O16 - DPF: {DC187740-46A9-11D5-A815-00B0D0428C0C} - http://www.wella.de/consumer/salon_products/kp/farbbera...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
    O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: Norman NJeeves - Unknown owner - C:\PROGRAM FILES\NORMAN\Nvc\BIN\NJEEVES.EXE
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Win32 System Spool - Unknown owner - C:\WINDOWS\System32\spoolsvc.exe (file missing)

    --
    End of file - 14440 bytes
    a b 8 Sécurité
    27 Octobre 2008 12:37:58

    Re,

    Tu as combien d'antivirus ?

    [#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    28 Octobre 2008 00:26:25

    Salut

    J'ai lancé le prog...
    Par contre je n'ai pas installé la console de récupération car mon PC n'était pas connecté au Net

    Merci @+

    Taz


    ComboFix 08-10-27.01 - Emmanuel & Elodie 2008-10-28 0:01:01.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.123 [GMT 1:00]
    * Un nouveau point de restauration a été créé
    * Resident AV is active


    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .
    Error: Cfolders.dat

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\Downloaded Program Files\setup.inf

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_NDIS_TCP_LAYER_TRANSPORT_DEVICE
    -------\Legacy_WIN32_SYSTEM_SPOOL
    -------\Legacy_WIN32_USB2_DRIVER
    -------\Service_Win32 System Spool


    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-27 au 2008-10-27 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-26 01:16 . 2008-10-26 01:17 <REP> d-------- C:\Documents and Settings\Emmanuel & Elodie\Application Data\vlc
    2008-10-26 01:16 . 2008-10-27 03:04 <REP> d-------- C:\Documents and Settings\Emmanuel & Elodie\Application Data\dvdcss
    2008-10-26 01:14 . 2008-10-26 01:14 <REP> d-------- C:\Program Files\VideoLAN
    2008-10-25 15:37 . 2008-10-25 15:37 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-25 15:37 . 2008-10-25 15:37 <REP> d-------- C:\Documents and Settings\Emmanuel & Elodie\Application Data\Malwarebytes
    2008-10-25 15:37 . 2008-10-25 15:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-25 15:37 . 2008-10-22 15:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-25 15:37 . 2008-10-22 15:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-25 04:34 . 2008-10-25 04:34 <REP> d-------- C:\Program Files\7-Zip
    2008-10-25 02:05 . 2008-10-25 02:13 1,393 --a------ C:\WINDOWS\imsins.BAK
    2008-10-25 02:04 . 2008-10-25 02:04 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-10-25 01:30 . 2008-09-08 11:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
    2008-10-25 01:29 . 2008-08-14 14:23 2,147,328 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
    2008-10-25 01:29 . 2008-08-14 14:23 2,068,096 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
    2008-10-25 01:29 . 2008-09-15 16:26 1,846,528 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
    2008-10-25 01:28 . 2008-08-14 14:23 2,191,232 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
    2008-10-25 01:28 . 2008-08-14 14:23 2,025,984 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
    2008-10-25 01:28 . 2008-10-15 17:35 337,408 -----c--- C:\WINDOWS\system32\dllcache\netapi32.dll
    2008-10-24 23:38 . 2008-10-24 23:38 <REP> d-------- C:\WINDOWS\system32\fr
    2008-10-24 23:38 . 2008-10-24 23:38 <REP> d-------- C:\WINDOWS\l2schemas
    2008-10-24 19:07 . 2008-04-14 03:33 276,992 --------- C:\WINDOWS\system32\wmphoto.dll
    2008-10-24 19:06 . 2008-04-14 03:33 712,704 --------- C:\WINDOWS\system32\windowscodecs.dll
    2008-10-24 19:06 . 2008-04-14 03:33 346,112 --------- C:\WINDOWS\system32\windowscodecsext.dll
    2008-10-24 19:06 . 2008-04-14 03:33 69,120 --------- C:\WINDOWS\system32\wlanapi.dll
    2008-10-24 19:06 . 2008-04-14 03:33 53,248 --------- C:\WINDOWS\system32\tsgqec.dll
    2008-10-24 19:06 . 2008-04-14 03:33 50,688 --------- C:\WINDOWS\system32\tspkg.dll
    2008-10-24 19:05 . 2008-04-14 03:33 412,160 --------- C:\WINDOWS\system32\photometadatahandler.dll
    2008-10-24 19:05 . 2008-04-14 03:33 293,376 --------- C:\WINDOWS\system32\qagentrt.dll
    2008-10-24 19:05 . 2008-04-14 03:33 290,304 --------- C:\WINDOWS\system32\rhttpaa.dll
    2008-10-24 19:05 . 2008-04-14 03:33 151,040 --------- C:\WINDOWS\system32\qagent.dll
    2008-10-24 19:05 . 2008-04-14 03:33 144,896 --------- C:\WINDOWS\system32\onex.dll
    2008-10-24 19:05 . 2008-04-14 03:33 76,800 --------- C:\WINDOWS\system32\qutil.dll
    2008-10-24 19:05 . 2008-04-14 03:33 62,464 --------- C:\WINDOWS\system32\qcliprov.dll
    2008-10-24 19:05 . 2008-04-14 03:33 61,952 --------- C:\WINDOWS\system32\rasqec.dll
    2008-10-24 19:05 . 2008-04-14 03:34 32,768 --------- C:\WINDOWS\system32\setupn.exe
    2008-10-24 19:05 . 2008-04-13 19:40 10,240 --------- C:\WINDOWS\system32\drivers\sffp_mmc.sys
    2008-10-24 19:03 . 2008-04-14 03:33 61,440 --------- C:\WINDOWS\system32\kmsvc.dll
    2008-10-24 19:03 . 2008-04-14 03:33 37,376 --------- C:\WINDOWS\system32\l2gpstore.dll
    2008-10-24 19:03 . 2008-04-14 03:31 6,144 --------- C:\WINDOWS\system32\kbdpash.dll
    2008-10-24 19:03 . 2008-04-14 03:31 6,144 --------- C:\WINDOWS\system32\kbdnepr.dll
    2008-10-24 19:03 . 2008-04-14 03:31 6,144 --------- C:\WINDOWS\system32\kbdiultn.dll
    2008-10-24 19:03 . 2008-04-14 03:31 6,144 --------- C:\WINDOWS\system32\kbdbhc.dll
    2008-10-24 19:03 . 2008-04-14 03:10 2,524 --------- C:\WINDOWS\system32\pid.inf
    2008-10-24 19:01 . 2008-04-14 03:33 233,472 --------- C:\WINDOWS\system32\azroles.dll
    2008-10-24 19:01 . 2008-04-14 03:33 136,192 --------- C:\WINDOWS\system32\aaclient.dll
    2008-10-24 19:01 . 2008-04-14 03:33 7,168 --------- C:\WINDOWS\system32\bitsprx4.dll
    2008-10-24 17:00 . 2007-07-19 01:39 490,776 -ra------ C:\WINDOWS\system32\drivers\LV561AV.SYS
    2008-10-24 17:00 . 2007-07-19 01:43 490,008 -ra------ C:\WINDOWS\system32\LVUI2.dll
    2008-10-24 17:00 . 2007-07-19 01:44 465,432 -ra------ C:\WINDOWS\system32\LVUI2RC.dll
    2008-10-24 17:00 . 2007-07-19 01:40 416,280 -ra------ C:\WINDOWS\system32\lvcodec2.dll
    2008-10-24 17:00 . 2007-07-19 01:40 195,096 -ra------ C:\WINDOWS\system32\lvci1110.dll
    2008-10-24 17:00 . 2007-07-19 00:54 58,163 -ra------ C:\WINDOWS\system32\lvcoinst.ini
    2008-10-24 17:00 . 2007-07-19 01:44 41,752 -ra------ C:\WINDOWS\system32\drivers\LVUSBSta.sys
    2008-10-24 17:00 . 2007-07-19 00:55 19,344 -ra------ C:\WINDOWS\system32\Repository.reg
    2008-10-24 16:54 . 2008-10-25 02:15 <REP> d-------- C:\Program Files\Logitech
    2008-10-24 16:54 . 2008-10-24 17:00 <REP> d-------- C:\Program Files\Fichiers communs\LogiShrd
    2008-10-24 16:54 . 2008-10-24 16:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Logitech
    2008-10-24 16:53 . 2008-10-24 16:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd
    2008-10-21 19:33 . 2008-10-24 16:23 <REP> d-------- C:\Program Files\ATT
    2008-10-21 17:39 . 2008-10-21 17:39 <REP> d-------- C:\Program Files\Yahoo!
    2008-10-21 17:39 . 2004-04-13 18:20 929,792 -ra------ C:\WINDOWS\system32\PRISME5.dll
    2008-10-21 17:37 . 2008-10-21 23:27 <REP> d-------- C:\Program Files\2Wire
    2008-10-19 18:52 . 2004-08-19 23:09 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
    2008-10-19 18:52 . 2008-04-13 19:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
    2008-10-19 18:52 . 2001-08-23 16:47 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-27 22:37 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-10-27 22:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-10-27 22:33 --------- d-----w C:\Documents and Settings\Emmanuel & Elodie\Application Data\Skype
    2008-10-27 22:32 --------- d-----w C:\Program Files\eMule
    2008-10-27 17:12 --------- d-----w C:\Documents and Settings\Emmanuel & Elodie\Application Data\skypePM
    2008-10-26 10:52 44,912 ----a-w C:\Documents and Settings\Emmanuel & Elodie\Application Data\wklnhst.dat
    2008-10-26 01:49 --------- d-----w C:\Documents and Settings\Emmanuel & Elodie\Application Data\Winamp
    2008-10-25 01:08 --------- d-----w C:\Program Files\Free Audio Pack
    2008-10-25 01:08 --------- d-----w C:\Documents and Settings\Emmanuel & Elodie\Application Data\Audacity
    2008-10-25 01:07 --------- d-----w C:\Program Files\Dvd-to-avi
    2008-10-25 01:05 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-10-24 23:15 --------- d-----w C:\Program Files\LIVEUPDATE
    2008-10-24 15:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Motive
    2008-09-15 15:26 1,846,528 ----a-w C:\WINDOWS\system32\win32k.sys
    2008-09-11 19:37 --------- d-----w C:\Program Files\RamCal
    2008-09-11 19:18 --------- d-----w C:\Program Files\Skype
    2008-09-11 19:18 --------- d-----w C:\Program Files\Fichiers communs\Skype
    2008-09-11 19:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
    2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
    2008-08-26 08:11 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-08-14 13:23 2,191,232 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
    2008-08-14 13:23 2,068,096 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
    2008-08-03 10:29 127,176 ----a-w C:\Documents and Settings\Emmanuel & Elodie\Application Data\GDIPFONTCACHEV1.DAT
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-21 68856]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-06-25 335872]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
    "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2003-11-25 1232946]
    "MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 303104]
    "MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 212992]
    "MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2003-10-31 1074176]
    "ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" [2004-08-18 94208]
    "McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [2004-08-06 139320]
    "Network Associates Error Reporting Service"="C:\Program Files\Fichiers communs\Network Associates\TalkBack\tbmon.exe" [2003-10-07 147514]
    "Openwares LiveUpdate"="C:\Program Files\LiveUpdate\LiveUpdate.exe" [2003-12-13 61440]
    "EPSON Stylus Photo R220 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE" [2005-03-09 98304]
    "TopSearch"="C:\Program Files\TopSearch\TopSearch.exe" [2005-12-19 307200]
    "Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-10 50688]
    "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984]
    "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792]
    "ATIModeChange"="Ati2mdxx.exe" [2001-09-04 C:\WINDOWS\system32\Ati2mdxx.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 15360]
    "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 1294336]

    C:\Documents and Settings\Emmanuel & Elodie\Menu D‚marrer\Programmes\D‚marrage\
    2WireSetup.lnk - C:\Program Files\2Wire\WebWorks.exe [2008-10-21 626688]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "SENTINEL"= snti386.dll

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "4473:TCP"= 4473:TCP:e
    "7344:UDP"= 7344:UDP:f

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
    R2 McciCMService;McciCMService;C:\Program Files\Common Files\Motive\McciCMService.exe [2008-09-19 303104]
    S3 camvid20;Philips ToUcam Camera; Video;C:\WINDOWS\system32\DRIVERS\camdrv21.sys [ ]
    S3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [ ]
    S3 CnxEtU;ZTE ZXDSL852 Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [ ]
    S3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgNW.sys [ ]
    S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;C:\PROGRA~1\Belkin\BELKIN~1.11G\DNINDIS5.SYS [2003-07-24 17149]
    S3 MREMP50;MREMP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-09-19 21248]
    S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [ ]
    S3 MRESP50;MRESP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-09-19 20096]
    S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [ ]
    S3 pohci13F;pohci13F;C:\DOCUME~1\EMMANU~2\LOCALS~1\Temp\pohci13F.sys [ ]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5a097835-1176-11d9-8454-00030d0ab8fa}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72cb5810-5a44-11dd-87f7-0011508fabbc}]
    \Shell\AutoRun\command - F:\wdsync.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db2fd1d2-773f-11dd-882e-d3b109e51dc5}]
    \Shell\AutoRun\command - WDSetup.exe
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Run-WOOKIT - C:\PROGRA~1\Wanadoo\GestMaj.exe
    HKCU-Run-Win32 System Spool - spoolsvc.exe
    HKCU-Run-Win32 USB2 Driver - wind32.exe
    HKCU-Run-netservices - recall.exe
    HKCU-Run-Win Updator Services - ctfnom.exe
    HKCU-Run-wvsvc - wvsvc.exe
    HKCU-Run-OEM Tools 32 - tres32.exe
    HKCU-RunServices-MSN - msnmesengers.exe
    HKLM-Run-gujmkdqarzrn - C:\WINDOWS\System32\xubbzk.exe
    HKLM-Run-conscorr - C:\WINDOWS\conscorr.exe
    HKLM-Run-DSLSTATEXE - C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
    HKLM-Run-DSLAGENTEXE - C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
    HKLM-Run-F62BE501 - C:\WINDOWS\System32\kggfcikjca.exe
    HKLM-Run-Sys29 - C:\windows\system32\wincxz32.exe
    HKLM-Run-2Xldw8.exe - C:\documents and settings\elodie a mas\local settings\temp\2Xldw8.exe
    HKLM-Run-2Xldw8 - C:\documents and settings\elodie a mas\local settings\temp\2Xldw8.exe
    HKLM-Run-MPFTray - C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    HKLM-Run-toprm - C:\Program Files\Web__Rebates\webrebatesv.exe
    HKLM-Run-WinampAgent - C:\Program Files\Winamp\winampa.exe
    HKLM-Run-TkBellExe - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    HKLM-Run-PRISMSVR.EXE - C:\WINDOWS\system32\PRISMSVR.EXE
    HKLM-Run-OEM Tools 32 - tres32.exe
    HKLM-Run-Microsoft media services - winmplayer.exe
    HKLM-Run-wvsvc - wvsvc.exe
    HKLM-Run-Windows Registry Scan - timeupdate.exe
    HKLM-Run-Win32 System Spool - spoolsvc.exe
    HKLM-Run-netservices - recall.exe
    HKLM-Run-Win32 USB2 Driver - wind32.exe
    HKLM-Run-Realplayer One - realplay.exe
    HKLM-Run-MISAggregator - (no file)
    HKLM-Run-pdfSaver3 - (no file)
    HKLM-RunServices-8575BD17 - C:\WINDOWS\System32\kggfcikjca.exe
    HKLM-RunServices-OEM Tools 32 - tres32.exe
    HKLM-RunServices-Microsoft media services - winmplayer.exe
    HKLM-RunServices-wvsvc - wvsvc.exe
    HKLM-RunServices-Windows Registry Scan - timeupdate.exe
    HKLM-RunServices-Win32 System Spool - spoolsvc.exe
    HKLM-RunServices-Microsoft Service Manager - scvhost.exe
    HKLM-RunServices-netservices - recall.exe
    HKLM-RunServices-Win32 USB2 Driver - wind32.exe
    HKLM-RunServices-Realplayer One - realplay.exe
    HKU-Default-Run-OEM Tools 32 - tres32.exe
    HKU-Default-Run-wvsvc - wvsvc.exe
    HKU-Default-Run-Win32 System Spool - spoolsvc.exe
    HKU-Default-Run-netservices - recall.exe
    HKU-Default-Run-Win32 USB2 Driver - wind32.exe
    HKU-Default-RunOnce-Win32 System Spool - spoolsvc.exe
    HKU-Default-RunOnce-netservices - recall.exe
    HKU-Default-RunOnce-Win32 USB2 Driver - wind32.exe


    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - C:\Documents and Settings\Emmanuel & Elodie\Application Data\Mozilla\Firefox\Profiles\bx8ix450.default\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.yahoo.com/search?fr=ffsp1&p=
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:o fficial
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-28 00:08:57
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    ------------------------ Autres processus actifs ------------------------
    .
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\ati2evxx.exe
    C:\Program Files\Ahead\InCD\incdsrv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    C:\Program Files\McAfee.com\Agent\Mcdetect.exe
    C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
    C:\Program Files\Network Associates\VirusScan\mcshield.exe
    C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
    C:\PROGRA~1\McAfee.com\Agent\McTskshd.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\Program Files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\imapi.exe
    .
    **************************************************************************
    .
    Heure de fin: 2008-10-28 0:21:43 - La machine a redémarré
    ComboFix-quarantined-files.txt 2008-10-27 23:21:20

    Avant-CF: 10,419,757,056 octets libres
    Après-CF: 10,379,530,240 octets libres

    272 --- E O F --- 2008-10-25 18:38:03
    a b 8 Sécurité
    28 Octobre 2008 12:29:20

    Reposte un rapport Hijackthis.
    28 Octobre 2008 12:50:40

    Salut

    Rapport Hijackthis


    Tcho

    Taz



    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:51:30, on 28/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Network Associates\VirusScan\mcshield.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
    C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
    C:\Program Files\Fichiers communs\Network Associates\TalkBack\tbmon.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Emmanuel & Elodie\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\tbmon.exe"
    O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
    O4 - HKLM\..\Run: [EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE /P30 "EPSON Stylus Photo R220 Series" /O6 "USB001" /M "Stylus Photo R220"
    O4 - HKLM\..\Run: [TopSearch] C:\Program Files\TopSearch\TopSearch.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: 2WireSetup.lnk = C:\Program Files\2Wire\WebWorks.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
    O16 - DPF: {DC187740-46A9-11D5-A815-00B0D0428C0C} - http://www.wella.de/consumer/salon_products/kp/farbbera...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
    O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: Norman NJeeves - Unknown owner - C:\PROGRAM FILES\NORMAN\Nvc\BIN\NJEEVES.EXE
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

    --
    End of file - 9714 bytes
    a b 8 Sécurité
    28 Octobre 2008 13:09:44

    Tu as combien d'antivirus ?
    28 Octobre 2008 19:34:19

    Bonjour

    En ce qui concerne les antivirus...
    J'ai Avast, qui ne se lance plus au démarrage depuis que j'ai utilisé ComboFix. Sinon il y a McAfee...
    Les 2 programmes tournent ensemble et n'ont jamais été en conflit.

    J'ai désinstallé Spyboot Search and Destroy. Oui désolé j'aurais du le préciser peut-être...

    Kenavo

    Taz
    a b 8 Sécurité
    28 Octobre 2008 19:37:00

    Vire les deux et mets AntiVir :) 
    28 Octobre 2008 19:51:13

    ok merci

    Je m'occupe de ça des que je rentre du taf, et je lance un scan...
    Est-ce qu'il te faut un quelconque rapport??

    Merci

    Taz
    a b 8 Sécurité
    28 Octobre 2008 20:39:08

    Tu peux faire un scan complet oui.
    29 Octobre 2008 02:49:52

    Bonjour

    J'ai lancé le scan AntiVir, il m'a trouvé quelques "fichiers indésirables".
    Ci-dessous le compte-rendu.

    Mon PC rame beaucoup moins et maintenant le démarrage se fait tout de même beaucoup plus rapidement.

    Merci

    Kenavo

    Taz



    Avira AntiVir Personal
    Report file date: mercredi 29 octobre 2008 01:25

    Scanning for 996425 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 3) [5.1.2600]
    Boot mode: Normally booted
    Username: SYSTEM
    Computer name: EMMANUELODIE

    Version information:
    BUILD.DAT : 8.2.0.334 16933 Bytes 16/10/2008 14:55:00
    AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53
    AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
    LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
    LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 00:23:43
    ANTIVIR1.VDF : 7.1.0.1 2048 Bytes 27/10/2008 00:23:44
    ANTIVIR2.VDF : 7.1.0.2 2048 Bytes 27/10/2008 00:23:44
    ANTIVIR3.VDF : 7.1.0.8 60928 Bytes 28/10/2008 00:23:46
    Engineversion : 8.2.0.10
    AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 11:05:56
    AESCRIPT.DLL : 8.1.1.9 319867 Bytes 29/10/2008 00:24:15
    AESCN.DLL : 8.1.1.3 123252 Bytes 14/10/2008 11:05:56
    AERDL.DLL : 8.1.1.2 438644 Bytes 12/09/2008 07:06:02
    AEPACK.DLL : 8.1.2.4 369014 Bytes 14/10/2008 11:05:56
    AEOFFICE.DLL : 8.1.0.29 196988 Bytes 29/10/2008 00:24:12
    AEHEUR.DLL : 8.1.0.63 1479032 Bytes 29/10/2008 00:24:09
    AEHELP.DLL : 8.1.1.2 115062 Bytes 14/10/2008 11:05:56
    AEGEN.DLL : 8.1.0.42 319861 Bytes 29/10/2008 00:23:58
    AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 11:05:56
    AECORE.DLL : 8.1.2.9 172407 Bytes 29/10/2008 00:23:54
    AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 11:05:56
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05
    AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
    AVREP.DLL : 8.0.0.2 98344 Bytes 29/10/2008 00:23:47
    AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
    RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: mercredi 29 octobre 2008 01:25

    The scan of running processes will be started
    Scan process 'avwsc.exe' - '0' Module(s) have been scanned
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'COCIManager.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
    Scan process 'Quickcam.exe' - '1' Module(s) have been scanned
    Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
    Scan process 'WkUFind.exe' - '1' Module(s) have been scanned
    Scan process 'E_FATIAIE.EXE' - '1' Module(s) have been scanned
    Scan process 'InCD.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'slserv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'mdm.exe' - '1' Module(s) have been scanned
    Scan process 'McTskshd.exe' - '1' Module(s) have been scanned
    Scan process 'Mcdetect.exe' - '1' Module(s) have been scanned
    Scan process 'McciCMService.exe' - '1' Module(s) have been scanned
    Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
    Scan process 'incdsrv.exe' - '1' Module(s) have been scanned
    Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    41 processes with 41 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '87' files ).


    Starting the file scan:

    Begin scan in 'C:\' <SYSTEM>
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy1.zip
    [DETECTION] Contains suspicious code GEN/PwdZIP
    [NOTE] The detection was classified as suspicious.
    [NOTE] The file was moved to '4968aea0.qua'!
    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy2.zip
    [DETECTION] Contains suspicious code GEN/PwdZIP
    [NOTE] The detection was classified as suspicious.
    [NOTE] The file was moved to '4968aea4.qua'!
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4HML0NE7\silent_install[1].exe
    [DETECTION] Is the TR/Dldr.SilentDB Trojan
    [NOTE] The file was moved to '4973bd4f.qua'!
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4HML0NE7\silent_install[2].exe
    [DETECTION] Is the TR/Dldr.SilentDB Trojan
    [NOTE] The file was moved to '4973bd55.qua'!
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4HML0NE7\silent_install[3].exe
    [DETECTION] Is the TR/Dldr.SilentDB Trojan
    [NOTE] The file was moved to '4973bd58.qua'!
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\85A7UDEF\silent_install[1].exe
    [DETECTION] Is the TR/Dldr.SilentDB Trojan
    [NOTE] The file was moved to '4973bd5b.qua'!
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\SJ874HA9\silent_install[1].exe
    [DETECTION] Is the TR/Dldr.SilentDB Trojan
    [NOTE] The file was moved to '4973bd5d.qua'!


    End of the scan: mercredi 29 octobre 2008 02:33
    Used time: 1:07:28 Hour(s)

    The scan has been done completely.

    6849 Scanning directories
    376434 Files were scanned
    5 viruses and/or unwanted programs were found
    2 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    7 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    376425 Files not concerned
    1425 Archives were scanned
    2 Warnings
    7 Notes

    a b 8 Sécurité
    29 Octobre 2008 11:46:01

    Reposte un rapport Hijackthis.
    29 Octobre 2008 12:26:58

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:26:03, on 29/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Emmanuel & Elodie\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
    O4 - HKLM\..\Run: [EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE /P30 "EPSON Stylus Photo R220 Series" /O6 "USB001" /M "Stylus Photo R220"
    O4 - HKLM\..\Run: [TopSearch] C:\Program Files\TopSearch\TopSearch.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: 2WireSetup.lnk = C:\Program Files\2Wire\WebWorks.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
    O16 - DPF: {DC187740-46A9-11D5-A815-00B0D0428C0C} - http://www.wella.de/consumer/salon_products/kp/farbbera...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: Norman NJeeves - Unknown owner - C:\PROGRAM FILES\NORMAN\Nvc\BIN\NJEEVES.EXE
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

    --
    End of file - 8617 bytes
    a b 8 Sécurité
    29 Octobre 2008 13:00:27

    D'autres soucis ?
    29 Octobre 2008 21:55:08

    Bonjour

    Le PC s'allume beaucoup plus vite...et rame bcp moins
    donc d'un point de vue Virus...plus de soucis

    Merci bcp
    Je clos le topic

    Kenavo

    Taz
    a b 8 Sécurité
    30 Octobre 2008 13:06:56

    Bon surf.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS