Votre question

[RESOLU] Ordi lent

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
15 Juin 2008 13:30:13

Bonjour,

Après des mois de laissez-aller, j'ai décidé de prendre en main l'ordinateur de ma sœur qui fait tout simplement n'importe quoi avec.
Aujourd'hui, il est extrêmement lent, surtout sur Internet, et je ne sais plus quoi faire. Je le soupçonne d'être plein de fichiers inutiles et de programmes qui se sont greffés à l'ordi sans autorisation.

Je vous poste ici un HijackThis effectué il y a 5 minutes :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:24:09, on 15/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\Dit.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Program Files\Fichiers communs\InterVideo\FastTVSync\FastTVSync.exe
C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\FarStone\VirtualDrive\VDTask.exe
C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
C:\WINDOWS\DitExp.exe
C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\BELKIN USB Wireless Monitor\WLService.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (file missing)
O1 - Hosts: 64.233.167.104 www.sophos.com
O1 - Hosts: 64.233.167.104 www.mcafee.com
O1 - Hosts: 64.233.167.104 www.viruslist.com
O1 - Hosts: 64.233.167.104 www.f-secure.com
O1 - Hosts: 64.233.167.104 www.avp.com
O1 - Hosts: 64.233.167.104 www.kaspersky.com
O1 - Hosts: 64.233.167.104 www.networkassociates.com
O1 - Hosts: 64.233.167.104 www.ca.com
O1 - Hosts: 64.233.167.104 www.my-etrust.com
O1 - Hosts: 64.233.167.104 www.nai.com
O1 - Hosts: 64.233.167.104 www.trendmicro.com
O1 - Hosts: 64.233.167.104 www.grisoft.com
O1 - Hosts: 64.233.167.104 mcafee.com
O1 - Hosts: 64.233.167.104 viruslist.com
O1 - Hosts: 64.233.167.104 f-secure.com
O1 - Hosts: 64.233.167.104 kaspersky.com
O1 - Hosts: 64.233.167.104 kaspersky-labs.com
O1 - Hosts: 64.233.167.104 avp.com
O1 - Hosts: 64.233.167.104 networkassociates.com
O1 - Hosts: 64.233.167.104 ca.com
O1 - Hosts: 64.233.167.104 mast.mcafee.com
O1 - Hosts: 64.233.167.104 my-etrust.com
O1 - Hosts: 64.233.167.104 download.mcafee.com
O1 - Hosts: 64.233.167.104 dispatch.mcafee.com
O1 - Hosts: 64.233.167.104 secure.nai.com
O1 - Hosts: 64.233.167.104 nai.com
O1 - Hosts: 64.233.167.104 us.mcafee.com
O1 - Hosts: 64.233.167.104 rads.mcafee.com
O1 - Hosts: 64.233.167.104 trendmicro.com
O1 - Hosts: 64.233.167.104 grisoft.com
O1 - Hosts: 64.233.167.104 sandbox.norman.no
O1 - Hosts: 64.233.167.104 www.pandasoftware.com
O1 - Hosts: 64.233.167.104 uk.trendmicro-europe.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {0C6DCFAA-53FF-AC04-6A41-A845AD498CD6} - C:\PROGRA~1\SITEGR~1\ThirdFour.exe (file missing)
O2 - BHO: (no name) - {4A425451-241C-74E5-33AA-E58F1EBDD92D} - C:\PROGRA~1\SITEGR~1\ThirdFour.exe (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {911A1534-8E65-448E-92AE-E22D49F870C4} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: (no name) - {BB904F20-02A2-49CE-B948-86D31F7EEE90} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [FastTVSync] "C:\Program Files\Fichiers communs\InterVideo\FastTVSync\FastTVSync.exe"
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINCINEMAMGR] "C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe"
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [filemodedownloadping] C:\Documents and Settings\All Users\Application Data\32 Global File Mode\inside meow.exe
O4 - HKLM\..\Run: [AccessMedia P2P Loader] "C:\Program Files\p2pnetworks\amp2pl.exe" /H
O4 - HKLM\..\Run: [RuleProgramKindBall] C:\Documents and Settings\All Users\Application Data\polleachruleprogram\Soft Grid.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [MyAccessMedia] "C:\DOCUME~1\Emilie\LOCALS~1\Temp\tmp401E.exe" -Remove
O4 - HKLM\..\Run: [mediamotor.exe] C:\WINDOWS\mmups.exe
O4 - HKLM\..\Run: [Bzydy] C:\Program Files\Cesk\Fgkcbke.exe
O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone\VirtualDrive\VDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [serpe] C:\WINDOWS\system32\formatsys.exe
O4 - HKLM\..\Run: [Nsv] C:\WINDOWS\system32\nsvsvc\nsvsvc.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [n93js8tu] C:\WINDOWS\system32\n93js8tu.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKLM\..\Run: [inmmeo] C:\DOCUME~1\MARTIN~1\LOCALS~1\Temp\app18.tmp
O4 - HKLM\..\Run: [Nfo] C:\WINDOWS\system32\nfomon\nfomon.exe
O4 - HKLM\..\Run: [Getca] C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\RunServices: [serpe] C:\WINDOWS\system32\formatsys.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKLM\..\Policies\Explorer\Run: [serpe] C:\WINDOWS\system32\formatsys.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
O4 - Global Startup: NETGEAR WG311v3 Wireless Assistant.lnk = ?
O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {2F2C9F60-4504-4ed9-8672-58C88D769CD1} - (no file)
O9 - Extra 'Tools' menuitem: Launch MyAccessMedia - {2F2C9F60-4504-4ed9-8672-58C88D769CD1} - (no file)
O9 - Extra button: (no name) - {7D6BEC01-15E2-46F0-8ED3-D715DE09A8F9} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Homepage Protector - {7D6BEC01-15E2-46F0-8ED3-D715DE09A8F9} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://freebox.free.fr/
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {E85362EF-40D4-4E5D-BE07-D6B036CCA277} (GoPets Control) - https://secure.gopetslive.com/dev/gopets.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Belkin 54Mbps Wireless USB Network Service (Belkin 54Mbps Wireless USB) - Unknown owner - C:\Program Files\BELKIN USB Wireless Monitor\WLService.exe
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 14542 bytes

Autres pages sur : resolu ordi lent

15 Juin 2008 13:56:51

Bonjour,

Télécharge ComboFix (de sUBs) sur ton Bureau.

  • Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
  • Double clique sur ComboFix.exe.
  • Accepte la licence en cliquant sur Oui.
  • Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

    Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

    Aide : Comment utiliser ComboFix.
    15 Juin 2008 15:00:01

    Merci de m'aider XmichouX !
    Voici le rapport de ComboFix :


    ComboFix 08-06-12.2 - Papa 2008-06-15 14:43:09.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.550 [GMT 2:00]
    Endroit: C:\Documents and Settings\Papa\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\All Users\Application Data\nfo
    C:\Documents and Settings\All Users\Application Data\nfo\arch\298.dfn
    C:\Documents and Settings\All Users\Application Data\nfo\keys.dat
    C:\Documents and Settings\All Users\Application Data\nfo\mon0104.dbd
    C:\Documents and Settings\All Users\Application Data\nfo\mon0106.ddx
    C:\Documents and Settings\All Users\Application Data\nfo\mon0204.ddx
    C:\Documents and Settings\All Users\Application Data\nfo\mon0315.ddx
    C:\Documents and Settings\All Users\Application Data\nfo\mon0412.ddx
    C:\Documents and Settings\All Users\Application Data\nfo\mon0504.ddx
    C:\Documents and Settings\All Users\Application Data\nfo\mon0904.ddx
    C:\Documents and Settings\All Users\Application Data\nfo\mon1125.ddx
    C:\Documents and Settings\All Users\Application Data\nfo\mon1204.ddx
    C:\Documents and Settings\All Users\Application Data\nfo\mon1215.dbd
    C:\Documents and Settings\All Users\Application Data\nfo\mon1909.ddx
    C:\Documents and Settings\All Users\Application Data\nfo\mon1920.dbd
    C:\Documents and Settings\All Users\Application Data\nfo\mon2007.dbd
    C:\Documents and Settings\All Users\Application Data\vidmon
    C:\Documents and Settings\All Users\Application Data\vidmon\vidmon.inf
    C:\Documents and Settings\All Users\Application Data\vidmon\vidmonsh.inf
    C:\Documents and Settings\All Users\Application Data\vidmon\vmssh.inf
    C:\lswmv.ini
    C:\Program Files\Fichiers communs\uninstall information
    C:\Program Files\internet explorer\msimg32.dll
    C:\Program Files\MyWebSearch
    C:\Program Files\MyWebSearch\bar\2.bin\F3CJPEG.DLL
    C:\Program Files\MyWebSearch\bar\2.bin\F3SCRCTR.DLL
    C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
    C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
    C:\Program Files\MyWebSearch\bar\2.bin\MWSOESTB.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\F3BKGERR.JPG
    C:\Program Files\MyWebSearch\bar\3.bin\F3BROVLY.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\F3CJPEG.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\F3HISTSW.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\F3HTTPCT.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\F3IMSTUB.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\F3POPSWT.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\F3PSSAVR.SCR
    C:\Program Files\MyWebSearch\bar\3.bin\F3REPROX.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\F3RESTUB.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\F3SCHMON.EXE
    C:\Program Files\MyWebSearch\bar\3.bin\F3SCRCTR.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\F3SHLLVW.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\F3SPACER.WMV
    C:\Program Files\MyWebSearch\bar\3.bin\F3WALLPP.DAT
    C:\Program Files\MyWebSearch\bar\3.bin\F3WPHOOK.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\M3FFXTBR.JAR
    C:\Program Files\MyWebSearch\bar\3.bin\M3FFXTBR.MANIFEST
    C:\Program Files\MyWebSearch\bar\3.bin\M3HTML.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\M3IDLE.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\M3IMPIPE.EXE
    C:\Program Files\MyWebSearch\bar\3.bin\M3MSG.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\M3NTSTBR.JAR
    C:\Program Files\MyWebSearch\bar\3.bin\M3NTSTBR.MANIFEST
    C:\Program Files\MyWebSearch\bar\3.bin\M3OUTLCN.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\M3SKIN.DLL
    C:\Program Files\MyWebSearch\bar\3.bin\M3SKPLAY.EXE
    C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
    C:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL
    C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S
    C:\Program Files\MyWebSearch\bar\Cache\0002E9C9.bin
    C:\Program Files\MyWebSearch\bar\Cache\0005E49B
    C:\Program Files\MyWebSearch\bar\Cache\0006AAAA
    C:\Program Files\MyWebSearch\bar\Cache\001B299D
    C:\Program Files\MyWebSearch\bar\Cache\001BE377.bin
    C:\Program Files\MyWebSearch\bar\Cache\0063655F.bin
    C:\Program Files\MyWebSearch\bar\Cache\00905D36.bin
    C:\Program Files\MyWebSearch\bar\Cache\00905F59.bin
    C:\Program Files\MyWebSearch\bar\Cache\0090611E.bin
    C:\Program Files\MyWebSearch\bar\Cache\00908C84.bin
    C:\Program Files\MyWebSearch\bar\Cache\00908FD0.bin
    C:\Program Files\MyWebSearch\bar\Cache\00955A8E.bin
    C:\Program Files\MyWebSearch\bar\Cache\00955E09.bin
    C:\Program Files\MyWebSearch\bar\Cache\00955FBF.bin
    C:\Program Files\MyWebSearch\bar\Cache\014DBF54
    C:\Program Files\MyWebSearch\bar\Cache\01B4C26C
    C:\Program Files\MyWebSearch\bar\Cache\files.ini
    C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S
    C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S
    C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S
    C:\Program Files\MyWebSearch\bar\History\search
    C:\Program Files\MyWebSearch\bar\History\search2
    C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S
    C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S
    C:\Program Files\MyWebSearch\bar\Settings\prevcfg.htm
    C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm
    C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
    C:\Program Files\MyWebSearch\bar\Settings\setting2.htm
    C:\Program Files\MyWebSearch\bar\Settings\settings.dat
    C:\Program Files\MyWebSearch\bar\Settings\settings.dat.bak
    C:\Program Files\MyWebSearch\bar\Settings\settings.htm
    C:\Program Files\MyWebSearch\bar\Settings\settings.htm.bak
    C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
    C:\Program Files\pedevice
    C:\Program Files\pedevice\communication.xml
    C:\Program Files\pedevice\Domain.Watchlist.txt
    C:\Program Files\pedevice\fixit2.exe
    C:\Program Files\pedevice\pae-options.xml
    C:\Program Files\pedevice\pae_url.xml
    C:\Program Files\pedevice\PeDev.dll
    C:\Program Files\pedevice\pedevPS.dll
    C:\Program Files\pedevice\Preparation.dll
    C:\Program Files\pedevice\search.watchlist.txt
    C:\Program Files\pedevice\statistic.xml
    C:\Program Files\pedevice\watchlist.xml
    C:\WINDOWS\FLEOK
    C:\WINDOWS\system32\f3PSSavr.scr
    C:\WINDOWS\system32\nfomon
    C:\WINDOWS\system32\vidmon

    .
    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-15 to 2008-06-15 ))))))))))))))))))))))))))))))))))))
    .

    2063-09-19 07:50 . 2063-09-19 07:50 5,501 --a------ C:\WINDOWS\system32\rtclmg32.dll
    2008-06-15 13:23 . 2008-06-15 13:23 <REP> d-------- C:\Program Files\Trend Micro
    2008-06-15 12:07 . 2008-06-15 12:07 <REP> d-------- C:\WINDOWS\system32\CatRoot_bak
    2008-06-14 00:51 . 2008-06-14 00:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
    2008-06-05 19:01 . 2008-06-05 19:01 <REP> d-------- C:\Documents and Settings\Papa\Application Data\FarStone
    2008-05-24 12:26 . 2008-05-24 12:31 29,977,495 --a------ C:\Bleach_92part2.flv.MP4
    2008-05-24 12:14 . 2008-05-24 12:15 10,202,341 --a------ C:\[AMV]Battle of Stars ; Kan'onji & Kon.flv.MP4
    2008-05-24 11:08 . 2008-05-24 11:11 18,577,969 --a------ C:\Bleach_87part1.flv.MP4
    2008-05-24 09:41 . 2008-05-24 09:44 29,319,224 --a------ C:\Bleach_92part1.flv.MP4
    2008-05-24 09:37 . 2008-05-24 09:41 24,967,672 --a------ C:\Bleach_91part2.flv.MP4
    2008-05-24 09:35 . 2008-05-24 09:37 17,854,235 --a------ C:\Bleach_91part1.flv.MP4
    2008-05-24 09:31 . 2008-05-24 09:31 23,018,923 --a------ C:\Bleach_90part1.flv.MP4.bak
    2008-05-24 09:24 . 2008-05-24 09:24 29,790,385 --a------ C:\Bleach_89part1.flv.MP4.bak
    2008-05-24 09:15 . 2008-05-24 09:18 17,502,585 --a------ C:\Bleach_87part2.MP4
    2008-05-23 22:33 . 2008-05-23 22:34 12,626,385 --a------ C:\Humor- SNL - What Is Love (Jim Carrey, Martin Short, Will Ferrell) (parody of Wayne's World car scene).mpg.MP4
    2008-05-23 22:05 . 2008-05-23 22:08 17,875,571 --a------ C:\2008-05-23_22-05-41.MP4
    2008-05-23 21:52 . 2008-05-23 21:56 19,654,820 --a------ C:\Bleach_82part1.flv.MP4
    2008-05-23 21:47 . 2008-05-23 21:52 19,673,228 --a------ C:\Bleach_82part2.flv.MP4
    2008-05-23 21:39 . 2008-05-24 09:28 29,115,930 --a------ C:\Bleach_89part2.flv.MP4
    2008-05-23 21:39 . 2008-05-24 09:35 23,018,923 --a------ C:\Bleach_90part2.flv.MP4
    2008-05-23 21:39 . 2008-05-24 09:31 23,018,923 --a------ C:\Bleach_90part1.flv.MP4
    2008-05-23 21:38 . 2008-05-24 09:24 29,790,385 --------- C:\Bleach_89part1.flv.MP4
    2008-05-23 21:38 . 2008-05-24 09:21 18,577,969 --a------ C:\Bleach_88.flv.MP4
    2008-05-23 21:34 . 2008-05-23 21:37 21,838,608 --a------ C:\Bleach_86Part2.flv.MP4
    2008-05-23 21:31 . 2008-05-23 21:34 19,242,802 --a------ C:\Bleach_86Part1.flv.MP4
    2008-05-23 21:29 . 2008-05-23 21:31 12,680,482 --a------ C:\Bleach_84-85PartC.flv.MP4
    2008-05-23 21:24 . 2008-05-23 21:29 27,777,389 --a------ C:\Bleach_84-85PartB.flv.MP4
    2008-05-23 21:19 . 2008-05-23 21:24 36,635,598 --a------ C:\Bleach_84-85PartA.flv.MP4
    2008-05-23 21:10 . 2008-05-23 21:14 12,144,201 --a------ C:\Bleach_83part2.flv.MP4
    2008-05-23 21:05 . 2008-05-23 21:10 23,208,051 --a------ C:\Bleach_83part1.flv.MP4
    2008-05-23 19:32 . 2008-05-23 19:34 17,875,571 --a------ C:\Bleach_81part2.flv.MP4
    2008-05-23 19:28 . 2008-05-23 19:32 19,191,213 --a------ C:\Bleach_81_Part1.flv.MP4
    2008-05-23 16:56 . 2008-05-23 17:05 99,948,712 --a------ C:\Bleach_80.flv.MP4
    2008-05-23 16:51 . 2008-05-23 16:51 <REP> d-------- C:\Program Files\AviSynth 2.5
    2008-05-23 16:51 . 2004-02-22 10:11 719,872 --a------ C:\WINDOWS\system32\devil.dll
    2008-05-23 16:51 . 2006-10-07 17:43 502,784 --a------ C:\WINDOWS\x2.64.exe
    2008-05-23 16:51 . 2007-05-14 15:24 394,240 --a------ C:\WINDOWS\system32\Smab.dll
    2008-05-23 16:51 . 2007-05-17 17:30 318,976 --a------ C:\WINDOWS\system32\avisynth.dll
    2008-05-23 16:51 . 2005-02-28 13:16 240,128 --a------ C:\WINDOWS\system32\x.264.exe
    2008-05-23 16:51 . 2006-04-12 09:47 217,073 --a------ C:\WINDOWS\meta4.exe
    2008-05-23 16:51 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
    2008-05-23 16:51 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
    2008-05-23 16:51 . 2006-04-05 08:09 66,560 --a------ C:\WINDOWS\MOTA113.exe
    2008-05-23 16:51 . 2005-07-14 12:31 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
    2008-05-23 16:50 . 2008-05-23 16:50 <REP> d-------- C:\Program Files\eRightSoft
    2008-05-21 13:19 . 2008-05-21 13:19 <REP> d-------- C:\Program Files\LimeWire

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-15 08:29 --------- d-----w C:\Program Files\Windows Live
    2008-06-15 08:27 --------- d-----w C:\Program Files\Windows Live Toolbar
    2008-06-15 08:16 --------- d-----w C:\Program Files\Hewlett-Packard
    2008-06-14 13:39 --------- d-----w C:\Program Files\eMule
    2008-06-14 13:38 --------- d-----w C:\Program Files\Dofus
    2008-06-14 13:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-06-04 18:29 --------- d-----w C:\Program Files\Warcraft III
    2008-05-21 11:06 --------- d-----w C:\Program Files\eChanblard
    2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
    2005-04-20 19:28 8,192 -csha-w C:\WINDOWS\o2cLicStore.bin
    2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
    2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C6DCFAA-53FF-AC04-6A41-A845AD498CD6}]
    C:\PROGRA~1\SITEGR~1\ThirdFour.exe

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4A425451-241C-74E5-33AA-E58F1EBDD92D}]
    C:\PROGRA~1\SITEGR~1\ThirdFour.exe

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-25 21:40 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Dit"="Dit.exe" [2002-08-28 14:43 73728 C:\WINDOWS\Dit.exe]
    "Cmaudio"="cmicnfg.cpl" [2003-12-11 16:44 2453504 C:\WINDOWS\CMICNFG.CPL]
    "Realtime Monitor"="C:\PROGRA~1\CA\ETRUST~1\realmon.exe" [2003-03-21 23:33 487696]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 13:50 155648]
    "PinnacleDriverCheck"="C:\WINDOWS\System32\PSDrvCheck.exe" [2003-11-10 17:06 406016]
    "FastTVSync"="C:\Program Files\Fichiers communs\InterVideo\FastTVSync\FastTVSync.exe" [2004-02-02 23:31 245760]
    "Home Theater SchSvr"="C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe" [2004-02-07 06:13 155648]
    "WINCINEMAMGR"="C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe" [2004-02-08 00:43 200704]
    "CHotkey"="mHotkey.exe" [2004-02-05 14:45 510464 C:\WINDOWS\mHotkey.exe]
    "ledpointer"="CNYHKey.exe" [2004-02-03 18:15 5794816 C:\WINDOWS\CNYHKey.exe]
    "filemodedownloadping"="C:\Documents and Settings\All Users\Application Data\32 Global File Mode\inside meow.exe" [ ]
    "AccessMedia P2P Loader"="C:\Program Files\p2pnetworks\amp2pl.exe" [ ]
    "RuleProgramKindBall"="C:\Documents and Settings\All Users\Application Data\polleachruleprogram\Soft Grid.exe" [ ]
    "LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 10:45 135214]
    "MyAccessMedia"="C:\DOCUME~1\Emilie\LOCALS~1\Temp\tmp401E.exe" [ ]
    "mediamotor.exe"="C:\WINDOWS\mmups.exe" [ ]
    "Bzydy"="C:\Program Files\Cesk\Fgkcbke.exe" [ ]
    "VirtualDrive"="C:\Program Files\FarStone\VirtualDrive\VDTask.exe" [2003-09-26 10:34 98304]
    "serpe"="C:\WINDOWS\system32\formatsys.exe" [ ]
    "Nsv"="C:\WINDOWS\system32\nsvsvc\nsvsvc.exe" [ ]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2003-11-17 11:33 3022848]
    "nwiz"="nwiz.exe" [2003-11-17 11:33 753664 C:\WINDOWS\system32\nwiz.exe]
    "n93js8tu"="C:\WINDOWS\system32\n93js8tu.exe" [ ]
    "inmmeo"="C:\DOCUME~1\MARTIN~1\LOCALS~1\Temp\app18.tmp" [ ]
    "Nfo"="C:\WINDOWS\system32\nfomon\nfomon.exe" [ ]
    "Getca"="C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe" [2004-03-10 21:57 45056]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 11:56 286720]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 13:10 267048]
    "LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2007-01-13 03:48 275800]
    "VX1000"="C:\WINDOWS\vVX1000.exe" [2006-12-06 01:38 707360]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
    "serpe"="C:\WINDOWS\system32\formatsys.exe" [ ]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
    "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2004-08-24 12:22 263280]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
    "serpe"= C:\WINDOWS\system32\formatsys.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.I420"= i420vfw.dll
    "vidc.dvsd"= dvc.dll
    "vidc.yv12"= yv12vfw.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification Packages REG_MULTI_SZ scecli scecli

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "C:\\Program Files\\MSN\\MSNCoreFiles\\msn6.exe"=
    "C:\\Program Files\\directx\\dplaysvr.exe"=
    "C:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
    "C:\\WINDOWS\\system32\\rtcshare.exe"=
    "C:\\WINDOWS\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Internet Explorer\\iexplore.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "C:\\Program Files\\FarStone\\VirtualDrive\\MGR.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\NetMeeting\\conf.exe"=
    "C:\\Program Files\\AMSN\\bin\\wish.exe"=
    "C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "C:\\Program Files\\Dofus-Arena beta 2\\DofusArena.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\eChanblard\\emule.exe"=
    "C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
    "C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
    "C:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
    "C:\\Program Files\\Warcraft III\\war3.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    "6112:TCP"= 6112:TCP:Type 'WarCraft III Battle.net'

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
    R2 Belkin 54Mbps Wireless USB;Belkin 54Mbps Wireless USB Network Service;C:\Program Files\BELKIN USB Wireless Monitor\WLService.exe [2003-06-09 12:24]
    R2 LogWatch;Event Log Watch;C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 16:29]
    R2 MSCamSvc;MSCamSvc;"C:\Program Files\Microsoft LifeCam\MSCamS32.exe" [2007-01-05 00:13]
    R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 10:04]
    R3 FVDSCSI;FVDSCSI;C:\WINDOWS\system32\DRIVERS\fvdscsi.sys [2003-08-09 10:05]
    R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]
    S3 A4501A;802.11g Wireless USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\A4501A.sys [2005-06-20 07:38]
    S3 BEL6051(Belkin);Belkin 11Mbps Wireless USB Network Adapter Driver(Belkin);C:\WINDOWS\system32\DRIVERS\BEL6051.SYS []
    S3 CA_LIC_CLNT;Client de licence CA;C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2002-09-20 16:27]
    S3 CA_LIC_SRVR;Serveur de licence CA;C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2002-09-20 16:41]
    S3 camvid20;Philips ToUcam Camera; Video;C:\WINDOWS\system32\DRIVERS\camdrv21.sys []
    S3 fbxusb;FreeBox USB Network Adapter;C:\WINDOWS\system32\DRIVERS\fbxusb.sys [2003-12-31 12:35]
    S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 19:08]
    S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 19:11]
    S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 19:11]
    S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 19:13]
    S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 19:15]
    S3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 10:47]
    S3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2003-09-04 10:38]
    S3 UKBFLT;UKBFLT;C:\WINDOWS\system32\DRIVERS\UKBFLT.sys [2003-12-19 17:13]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 07:58]
    S3 VX1000;VX-1000;C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-06 01:39]
    S3 ZDNDIS5;ZDNDIS5 Protocol Driver;C:\WINDOWS\system32\ZDNDIS5.SYS []

    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2008-06-15 11:00:00 C:\WINDOWS\Tasks\A3AF3D459180B24D.job"
    - c:\progra~1\procda~1\Axisantiaxis.exe
    "2008-06-15 11:00:00 C:\WINDOWS\Tasks\A413B70C91842BCC.job"
    - c:\progra~1\procda~1\Axisantiaxis.exe
    "2008-06-13 21:16:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-12-30 17:24:44 C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job"
    - C:\Program Files\Microsoft LifeCam\LifeExp.exe
    "2007-12-30 17:24:44 C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_vVX1000_exe.job"
    - C:\WINDOWS\vVX1000.exe
    "2008-06-15 12:53:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
    - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-15 14:48:22
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cach‚s ...

    Balayage cach‚ autostart entries ...

    Balayage des fichiers cach‚s ...


    C:\WINDOWS\TEMP\teredo.txt 108 bytes

    Scan termin‚ avec succŠs
    Les fichiers cach‚s: 1

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\scardsvr.exe
    C:\WINDOWS\system32\netdde.exe
    C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
    C:\Program Files\CA\eTrust Antivirus\InoRT.exe
    C:\Program Files\CA\eTrust Antivirus\InoTask.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\PROGRA~1\CA\SHARED~1\SCANEN~1\Inodist.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\WINDOWS\DitExp.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\PROGRA~1\COMMON~1\X10\Common\X10nets.exe
    C:\Program Files\iPod\bin\iPodService.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-15 14:53:58 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-06-15 12:53:53

    Pre-Run: 50,816,036,864 octets libres
    Post-Run: 51,262,947,328 octets libres

    357 --- E O F --- 2008-06-11 21:26:45
    Contenus similaires
    15 Juin 2008 15:42:50

    Re,

    Télécharge Lop S&D.exe (d’ Eric 71 & Angeldark) sur ton bureau.

  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau
    15 Juin 2008 15:50:07

    Voici la suite :


    -----------------------[ Lop S&D 4.2.1-4 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Papa ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 15/06/2008 | 15:46:03,78 ] [ PC : ELODIE ]
    [ MAJ : 13-06-2008 | 02:10 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [04/09/2004|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\32 Global File Mode
    [18/08/2004|20:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [05/11/2007|10:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [05/11/2007|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [09/02/2004|23:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [25/10/2006|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [14/10/2006|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
    [28/04/2004|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
    [12/10/2005|14:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [17/01/2006|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [05/03/2007|03:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\mixtestlogomanager
    [28/04/2004|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [17/07/2006|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [07/01/2005|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media
    [25/10/2004|09:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\polleachruleprogram
    [29/10/2006|00:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [17/08/2004|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [09/02/2004|23:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [20/08/2005|00:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [14/06/2008|00:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [09/09/2006|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [26/10/2006|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [06/01/2008|01:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [29/04/2005|23:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\wsxs

    [10/02/2004|15:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [10/02/2004|15:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
    [10/02/2004|15:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Ahead
    [09/02/2004|23:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [10/02/2004|15:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
    [09/02/2004|23:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [10/02/2004|14:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterVideo
    [10/02/2004|15:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [15/03/2004|19:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [15/03/2004|19:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

    [10/02/2004|15:55] C:\DOCUME~1\INVIT~1\APPLIC~1\Adobe
    [10/02/2004|15:55] C:\DOCUME~1\INVIT~1\APPLIC~1\AdobeUM
    [10/02/2004|15:45] C:\DOCUME~1\INVIT~1\APPLIC~1\Ahead
    [09/02/2004|23:45] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
    [10/02/2004|15:56] C:\DOCUME~1\INVIT~1\APPLIC~1\Help
    [09/02/2004|23:49] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [10/02/2004|14:05] C:\DOCUME~1\INVIT~1\APPLIC~1\InterVideo
    [11/12/2005|12:53] C:\DOCUME~1\INVIT~1\APPLIC~1\Lavasoft
    [10/02/2004|15:31] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
    [11/12/2005|17:32] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [14/11/2004|23:29] C:\DOCUME~1\INVIT~1\APPLIC~1\MSN6
    [10/10/2004|22:10] C:\DOCUME~1\INVIT~1\APPLIC~1\PROC DATE CAST
    [15/03/2004|19:48] C:\DOCUME~1\INVIT~1\APPLIC~1\Real


    [24/05/2004|22:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
    [21/08/2004|14:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [15/06/2004|23:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander


    [09/02/2004|23:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [18/02/2008|12:04] C:\DOCUME~1\Papa\APPLIC~1\Adobe
    [10/02/2004|15:55] C:\DOCUME~1\Papa\APPLIC~1\AdobeUM
    [10/02/2004|15:45] C:\DOCUME~1\Papa\APPLIC~1\Ahead
    [09/02/2004|23:45] C:\DOCUME~1\Papa\APPLIC~1\desktop.ini
    [05/06/2008|19:01] C:\DOCUME~1\Papa\APPLIC~1\FarStone
    [08/10/2007|16:53] C:\DOCUME~1\Papa\APPLIC~1\Google
    [10/02/2004|15:56] C:\DOCUME~1\Papa\APPLIC~1\Help
    [09/02/2004|23:49] C:\DOCUME~1\Papa\APPLIC~1\Identities
    [10/02/2004|14:05] C:\DOCUME~1\Papa\APPLIC~1\InterVideo
    [10/02/2004|15:31] C:\DOCUME~1\Papa\APPLIC~1\Macromedia
    [11/05/2008|09:54] C:\DOCUME~1\Papa\APPLIC~1\Microsoft
    [06/05/2006|23:04] C:\DOCUME~1\Papa\APPLIC~1\Mozilla
    [15/03/2004|19:48] C:\DOCUME~1\Papa\APPLIC~1\Real
    [12/05/2008|10:25] C:\DOCUME~1\Papa\APPLIC~1\Sun

    [23/08/2004|01:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [30/12/2007 19:24][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_LifeExp_exe.job
    [30/12/2007 19:24][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_vVX1000_exe.job
    [13/06/2008 23:16][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [15/06/2008 15:00][--ah-----] C:\WINDOWS\tasks\A3AF3D459180B24D.job
    [15/06/2008 15:00][--ah-----] C:\WINDOWS\tasks\A413B70C91842BCC.job
    [15/06/2008 14:53][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
    [15/06/2008 15:33][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [30/08/2002 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    A3AF3D459180B24D.job <--> c:\progra~1\procda~1\Axisantiaxis.exe
    A413B70C91842BCC.job <--> c:\progra~1\procda~1\Axisantiaxis.exe

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [20/04/2005|21:26] C:\Program Files\Adobe
    [10/02/2004|13:42] C:\Program Files\Ahead
    [01/11/2005|17:42] C:\Program Files\Alwil Software
    [18/02/2008|17:24] C:\Program Files\AMSN
    [13/09/2007|16:30] C:\Program Files\Ankama Games
    [05/11/2007|11:00] C:\Program Files\Apple Software Update
    [23/05/2008|16:51] C:\Program Files\AviSynth 2.5
    [28/09/2007|17:16] C:\Program Files\Axialis
    [13/01/2008|19:49] C:\Program Files\Azureus
    [11/01/2005|18:08] C:\Program Files\Belkin Corporation
    [17/07/2006|19:35] C:\Program Files\BELKIN USB Wireless Monitor
    [10/02/2004|13:25] C:\Program Files\CA
    [05/04/2008|15:18] C:\Program Files\CamStudio
    [21/10/2005|21:16] C:\Program Files\Cesk
    [10/02/2004|13:15] C:\Program Files\C-Media 3D Audio
    [07/01/2005|20:17] C:\Program Files\Common Files
    [09/02/2004|23:47] C:\Program Files\ComPlus Applications
    [19/12/2004|23:42] C:\Program Files\Conjugaison
    [10/05/2004|10:33] C:\Program Files\Core Design
    [07/07/2006|14:16] C:\Program Files\CursorXP
    [17/07/2006|19:35] C:\Program Files\directx
    [30/01/2005|17:16] C:\Program Files\DivX
    [14/06/2008|15:38] C:\Program Files\Dofus
    [19/01/2008|19:07] C:\Program Files\Dofus-Arena beta 2
    [16/03/2008|21:19] C:\Program Files\DofusCalc
    [14/05/2005|16:23] C:\Program Files\EA GAMES
    [21/05/2008|13:06] C:\Program Files\eChanblard
    [26/08/2004|19:01] C:\Program Files\Eidos Interactive
    [14/06/2008|15:39] C:\Program Files\eMule
    [10/10/2004|19:15] C:\Program Files\Enigma Software Group
    [23/05/2008|16:50] C:\Program Files\eRightSoft
    [12/12/2004|21:15] C:\Program Files\FarStone
    [15/06/2008|14:43] C:\Program Files\Fichiers communs
    [27/10/2006|09:20] C:\Program Files\FlashGet
    [03/01/2008|01:46] C:\Program Files\Frets on Fire
    [15/02/2007|19:27] C:\Program Files\Google
    [15/06/2008|10:16] C:\Program Files\Hewlett-Packard
    [10/02/2004|15:20] C:\Program Files\HighMAT CD Writing Wizard
    [14/06/2008|15:34] C:\Program Files\InstallShield Installation Information
    [16/11/2006|23:23] C:\Program Files\InterActual
    [15/06/2008|14:43] C:\Program Files\Internet Explorer
    [29/01/2005|17:16] C:\Program Files\InterVideo
    [14/12/2007|18:24] C:\Program Files\iPod
    [18/08/2004|21:04] C:\Program Files\IrfanView
    [14/12/2007|18:24] C:\Program Files\iTunes
    [05/11/2004|21:01] C:\Program Files\Jasc Software Inc
    [07/03/2008|13:08] C:\Program Files\Java
    [24/12/2004|10:50] C:\Program Files\Java Web Start
    [30/09/2004|19:52] C:\Program Files\Labtec
    [08/04/2008|11:48] C:\Program Files\Lavalys
    [04/11/2005|18:50] C:\Program Files\Lavasoft
    [21/05/2008|13:19] C:\Program Files\LimeWire
    [20/12/2004|13:08] C:\Program Files\Maxis
    [11/02/2005|11:40] C:\Program Files\Messenger
    [05/04/2008|13:10] C:\Program Files\Messenger Plus! Live
    [29/01/2005|16:14] C:\Program Files\MGI
    [09/06/2007|10:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [18/11/2004|16:23] C:\Program Files\microsoft frontpage
    [30/12/2007|19:21] C:\Program Files\Microsoft LifeCam
    [18/11/2004|16:36] C:\Program Files\Microsoft Office
    [27/11/2007|19:43] C:\Program Files\Microsoft SQL Server Compact Edition
    [09/05/2004|16:35] C:\Program Files\Microsoft Visual Studio
    [27/10/2006|10:04] C:\Program Files\Microsoft Works
    [09/05/2004|16:34] C:\Program Files\Microsoft.NET
    [29/10/2004|18:19] C:\Program Files\Mindscape
    [01/09/2005|17:51] C:\Program Files\MobilZone
    [01/11/2005|18:46] C:\Program Files\monAlbumPhoto
    [24/12/2004|10:50] C:\Program Files\Movie Maker
    [15/06/2008|13:14] C:\Program Files\Mozilla Firefox
    [22/08/2004|22:09] C:\Program Files\MSN
    [09/02/2004|23:47] C:\Program Files\MSN Gaming Zone
    [01/12/2007|12:01] C:\Program Files\MSN Messenger
    [22/11/2006|00:37] C:\Program Files\MSXML 4.0
    [22/04/2006|16:41] C:\Program Files\NETGEAR
    [11/11/2004|21:17] C:\Program Files\NetMeeting
    [20/08/2005|00:04] C:\Program Files\Norton AntiVirus
    [15/03/2004|18:45] C:\Program Files\Nullsoft
    [28/01/2005|17:52] C:\Program Files\Oberon Media
    [09/05/2004|16:46] C:\Program Files\OfficeUpdate11
    [26/01/2008|18:25] C:\Program Files\OpenOffice.org 2.3
    [04/06/2007|21:59] C:\Program Files\Orange
    [14/06/2007|20:46] C:\Program Files\Outlook Express
    [20/12/2006|15:16] C:\Program Files\PhotoFiltre
    [08/09/2004|15:20] C:\Program Files\Plus!
    [14/12/2007|18:23] C:\Program Files\QuickTime
    [18/08/2004|20:24] C:\Program Files\QuickZip
    [15/03/2004|18:45] C:\Program Files\Real
    [12/01/2008|16:13] C:\Program Files\Red Kawa
    [04/09/2006|11:51] C:\Program Files\SAGEM
    [16/07/2004|11:37] C:\Program Files\SBone Bone
    [01/09/2006|15:35] C:\Program Files\Securitoo
    [09/02/2004|23:48] C:\Program Files\Services en ligne
    [02/05/2004|10:58] C:\Program Files\Sierra On-Line
    [20/11/2004|13:34] C:\Program Files\SigmaTel
    [27/03/2006|23:53] C:\Program Files\SimPE
    [26/01/2008|14:58] C:\Program Files\Slitherine
    [04/11/2005|19:12] C:\Program Files\Support Software
    [20/08/2005|00:05] C:\Program Files\Symantec
    [29/06/2005|16:15] C:\Program Files\TGTSoft
    [15/06/2008|13:23] C:\Program Files\Trend Micro
    [04/08/2006|17:55] C:\Program Files\Ubi Soft
    [26/12/2004|20:06] C:\Program Files\Ulead Systems
    [24/10/2004|16:46] C:\Program Files\Uninstall Information
    [15/03/2004|19:08] C:\Program Files\USB Wireless Keyboard Driver
    [02/06/2006|11:14] C:\Program Files\VideoLAN
    [15/03/2004|18:45] C:\Program Files\Viewpoint
    [24/05/2006|21:56] C:\Program Files\Virtools Web Player 3.5
    [04/06/2008|20:29] C:\Program Files\Warcraft III
    [10/02/2004|13:39] C:\Program Files\Windows Journal Viewer
    [15/06/2008|10:29] C:\Program Files\Windows Live
    [15/06/2008|10:27] C:\Program Files\Windows Live Toolbar
    [10/12/2006|15:01] C:\Program Files\Windows Media Connect 2
    [10/12/2006|20:41] C:\Program Files\Windows Media Player
    [25/10/2004|09:25] C:\Program Files\Windows NT
    [16/08/2004|10:29] C:\Program Files\WindowsUpdate
    [28/03/2005|13:11] C:\Program Files\WinTV
    [10/02/2004|14:01] C:\Program Files\X10 Hardware
    [09/02/2004|23:49] C:\Program Files\xerox
    [16/04/2006|20:32] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [20/04/2005|21:26] C:\Program Files\Fichiers communs\Adobe
    [10/02/2004|13:42] C:\Program Files\Fichiers communs\Ahead
    [15/03/2004|18:45] C:\Program Files\Fichiers communs\aolshare
    [09/05/2004|16:35] C:\Program Files\Fichiers communs\DESIGNER
    [02/09/2004|18:11] C:\Program Files\Fichiers communs\Hewlett-Packard
    [29/03/2006|12:50] C:\Program Files\Fichiers communs\InstallShield
    [10/02/2004|14:00] C:\Program Files\Fichiers communs\InterVideo
    [26/01/2008|18:24] C:\Program Files\Fichiers communs\Java
    [30/09/2004|19:54] C:\Program Files\Fichiers communs\Logitech
    [17/07/2006|19:46] C:\Program Files\Fichiers communs\MGI Shared
    [08/04/2008|10:50] C:\Program Files\Fichiers communs\Microsoft Shared
    [09/02/2004|23:47] C:\Program Files\Fichiers communs\MSSoap
    [09/02/2004|23:45] C:\Program Files\Fichiers communs\ODBC
    [01/06/2006|19:34] C:\Program Files\Fichiers communs\Real
    [09/02/2004|23:47] C:\Program Files\Fichiers communs\Services
    [09/02/2004|23:45] C:\Program Files\Fichiers communs\SpeechEngines
    [20/08/2005|11:15] C:\Program Files\Fichiers communs\Symantec Shared
    [14/06/2007|20:46] C:\Program Files\Fichiers communs\System
    [27/10/2007|16:18] C:\Program Files\Fichiers communs\Teleca Shared
    [27/11/2007|19:41] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [01/06/2006|19:34] C:\Program Files\Fichiers communs\xing shared

    ---------------------------[ Process ]--------------------------

    ... 53

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\WINDOWS\Tasks\A3AF3D459180B24D.job
    C:\WINDOWS\Tasks\A413B70C91842BCC.job

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-15 15:47:42
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    [F:2][D:4]-> C:\DOCUME~1\Papa\LOCALS~1\Temp
    [F:10][D:0]-> C:\DOCUME~1\Papa\Cookies
    [F:2][D:0]-> C:\DOCUME~1\Papa\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 15:48:26,32 ]----------------------
    15 Juin 2008 16:35:22

    Re,

    Sélectionne entièrement l'encadré ci-dessous , puis clique droit Copier

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\32 Global File Mode
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\mixtestlogomanager
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\polleachruleprogram
    C:\DOCUME~1\INVIT~1\APPLIC~1\PROC DATE CAST


    Relance Lop S&D

  • Choisis cette fois ci l'Option 4 (LopScript)
  • Une page blanche va s'ouvrir , clique droit dessus et choisis Coller
  • Ferme la page , il te sera demandé de l'enregistrer , clique sur [Enregistrer]
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)
    15 Juin 2008 16:52:15


    -----------------------[ Lop S&D 4.2.1-4 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Papa ] [ "C:\Lop SD" ] [ Selection : 4 ]
    [ 15/06/2008 | 16:47:35,89 ] [ PC : ELODIE ]
    [ MAJ : 13-06-2008 | 02:10 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ LopScript //////////////////////////////////

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\32 Global File Mode
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\mixtestlogomanager
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\polleachruleprogram
    C:\DOCUME~1\INVIT~1\APPLIC~1\PROC DATE CAST


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\WINDOWS\Tasks\A3AF3D459180B24D.job
    Supprimé! - C:\WINDOWS\Tasks\A413B70C91842BCC.job

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    Supprimé! - C:\Program Files\Viewpoint
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [04/09/2004|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\32 Global File Mode
    [18/08/2004|20:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [05/11/2007|10:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [05/11/2007|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [09/02/2004|23:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [25/10/2006|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [14/10/2006|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
    [28/04/2004|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
    [12/10/2005|14:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [17/01/2006|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [05/03/2007|03:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\mixtestlogomanager
    [28/04/2004|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [17/07/2006|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [07/01/2005|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media
    [25/10/2004|09:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\polleachruleprogram
    [29/10/2006|00:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [17/08/2004|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [09/02/2004|23:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [20/08/2005|00:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [09/09/2006|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [26/10/2006|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [06/01/2008|01:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [29/04/2005|23:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\wsxs

    [10/02/2004|15:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [10/02/2004|15:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
    [10/02/2004|15:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Ahead
    [09/02/2004|23:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [10/02/2004|15:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
    [09/02/2004|23:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [10/02/2004|14:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterVideo
    [10/02/2004|15:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [15/03/2004|19:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [15/03/2004|19:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

    [10/02/2004|15:55] C:\DOCUME~1\INVIT~1\APPLIC~1\Adobe
    [10/02/2004|15:55] C:\DOCUME~1\INVIT~1\APPLIC~1\AdobeUM
    [10/02/2004|15:45] C:\DOCUME~1\INVIT~1\APPLIC~1\Ahead
    [09/02/2004|23:45] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
    [10/02/2004|15:56] C:\DOCUME~1\INVIT~1\APPLIC~1\Help
    [09/02/2004|23:49] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [10/02/2004|14:05] C:\DOCUME~1\INVIT~1\APPLIC~1\InterVideo
    [11/12/2005|12:53] C:\DOCUME~1\INVIT~1\APPLIC~1\Lavasoft
    [10/02/2004|15:31] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
    [11/12/2005|17:32] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [14/11/2004|23:29] C:\DOCUME~1\INVIT~1\APPLIC~1\MSN6
    [10/10/2004|22:10] C:\DOCUME~1\INVIT~1\APPLIC~1\PROC DATE CAST
    [15/03/2004|19:48] C:\DOCUME~1\INVIT~1\APPLIC~1\Real


    [24/05/2004|22:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
    [21/08/2004|14:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [15/06/2004|23:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander


    [09/02/2004|23:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [18/02/2008|12:04] C:\DOCUME~1\Papa\APPLIC~1\Adobe
    [10/02/2004|15:55] C:\DOCUME~1\Papa\APPLIC~1\AdobeUM
    [10/02/2004|15:45] C:\DOCUME~1\Papa\APPLIC~1\Ahead
    [09/02/2004|23:45] C:\DOCUME~1\Papa\APPLIC~1\desktop.ini
    [05/06/2008|19:01] C:\DOCUME~1\Papa\APPLIC~1\FarStone
    [08/10/2007|16:53] C:\DOCUME~1\Papa\APPLIC~1\Google
    [10/02/2004|15:56] C:\DOCUME~1\Papa\APPLIC~1\Help
    [09/02/2004|23:49] C:\DOCUME~1\Papa\APPLIC~1\Identities
    [10/02/2004|14:05] C:\DOCUME~1\Papa\APPLIC~1\InterVideo
    [10/02/2004|15:31] C:\DOCUME~1\Papa\APPLIC~1\Macromedia
    [11/05/2008|09:54] C:\DOCUME~1\Papa\APPLIC~1\Microsoft
    [06/05/2006|23:04] C:\DOCUME~1\Papa\APPLIC~1\Mozilla
    [15/03/2004|19:48] C:\DOCUME~1\Papa\APPLIC~1\Real
    [12/05/2008|10:25] C:\DOCUME~1\Papa\APPLIC~1\Sun

    [23/08/2004|01:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [30/12/2007 19:24][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_LifeExp_exe.job
    [30/12/2007 19:24][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_vVX1000_exe.job
    [13/06/2008 23:16][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [15/06/2008 14:53][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
    [15/06/2008 16:43][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [30/08/2002 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [20/04/2005|21:26] C:\Program Files\Adobe
    [10/02/2004|13:42] C:\Program Files\Ahead
    [01/11/2005|17:42] C:\Program Files\Alwil Software
    [18/02/2008|17:24] C:\Program Files\AMSN
    [13/09/2007|16:30] C:\Program Files\Ankama Games
    [05/11/2007|11:00] C:\Program Files\Apple Software Update
    [23/05/2008|16:51] C:\Program Files\AviSynth 2.5
    [28/09/2007|17:16] C:\Program Files\Axialis
    [13/01/2008|19:49] C:\Program Files\Azureus
    [11/01/2005|18:08] C:\Program Files\Belkin Corporation
    [17/07/2006|19:35] C:\Program Files\BELKIN USB Wireless Monitor
    [10/02/2004|13:25] C:\Program Files\CA
    [05/04/2008|15:18] C:\Program Files\CamStudio
    [21/10/2005|21:16] C:\Program Files\Cesk
    [10/02/2004|13:15] C:\Program Files\C-Media 3D Audio
    [07/01/2005|20:17] C:\Program Files\Common Files
    [09/02/2004|23:47] C:\Program Files\ComPlus Applications
    [19/12/2004|23:42] C:\Program Files\Conjugaison
    [10/05/2004|10:33] C:\Program Files\Core Design
    [07/07/2006|14:16] C:\Program Files\CursorXP
    [17/07/2006|19:35] C:\Program Files\directx
    [30/01/2005|17:16] C:\Program Files\DivX
    [14/06/2008|15:38] C:\Program Files\Dofus
    [19/01/2008|19:07] C:\Program Files\Dofus-Arena beta 2
    [16/03/2008|21:19] C:\Program Files\DofusCalc
    [14/05/2005|16:23] C:\Program Files\EA GAMES
    [21/05/2008|13:06] C:\Program Files\eChanblard
    [26/08/2004|19:01] C:\Program Files\Eidos Interactive
    [14/06/2008|15:39] C:\Program Files\eMule
    [10/10/2004|19:15] C:\Program Files\Enigma Software Group
    [23/05/2008|16:50] C:\Program Files\eRightSoft
    [12/12/2004|21:15] C:\Program Files\FarStone
    [15/06/2008|14:43] C:\Program Files\Fichiers communs
    [27/10/2006|09:20] C:\Program Files\FlashGet
    [03/01/2008|01:46] C:\Program Files\Frets on Fire
    [15/02/2007|19:27] C:\Program Files\Google
    [15/06/2008|10:16] C:\Program Files\Hewlett-Packard
    [10/02/2004|15:20] C:\Program Files\HighMAT CD Writing Wizard
    [14/06/2008|15:34] C:\Program Files\InstallShield Installation Information
    [16/11/2006|23:23] C:\Program Files\InterActual
    [15/06/2008|14:43] C:\Program Files\Internet Explorer
    [29/01/2005|17:16] C:\Program Files\InterVideo
    [14/12/2007|18:24] C:\Program Files\iPod
    [18/08/2004|21:04] C:\Program Files\IrfanView
    [14/12/2007|18:24] C:\Program Files\iTunes
    [05/11/2004|21:01] C:\Program Files\Jasc Software Inc
    [07/03/2008|13:08] C:\Program Files\Java
    [24/12/2004|10:50] C:\Program Files\Java Web Start
    [30/09/2004|19:52] C:\Program Files\Labtec
    [08/04/2008|11:48] C:\Program Files\Lavalys
    [04/11/2005|18:50] C:\Program Files\Lavasoft
    [21/05/2008|13:19] C:\Program Files\LimeWire
    [20/12/2004|13:08] C:\Program Files\Maxis
    [11/02/2005|11:40] C:\Program Files\Messenger
    [05/04/2008|13:10] C:\Program Files\Messenger Plus! Live
    [29/01/2005|16:14] C:\Program Files\MGI
    [09/06/2007|10:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [18/11/2004|16:23] C:\Program Files\microsoft frontpage
    [30/12/2007|19:21] C:\Program Files\Microsoft LifeCam
    [18/11/2004|16:36] C:\Program Files\Microsoft Office
    [27/11/2007|19:43] C:\Program Files\Microsoft SQL Server Compact Edition
    [09/05/2004|16:35] C:\Program Files\Microsoft Visual Studio
    [27/10/2006|10:04] C:\Program Files\Microsoft Works
    [09/05/2004|16:34] C:\Program Files\Microsoft.NET
    [29/10/2004|18:19] C:\Program Files\Mindscape
    [01/09/2005|17:51] C:\Program Files\MobilZone
    [01/11/2005|18:46] C:\Program Files\monAlbumPhoto
    [24/12/2004|10:50] C:\Program Files\Movie Maker
    [15/06/2008|15:51] C:\Program Files\Mozilla Firefox
    [22/08/2004|22:09] C:\Program Files\MSN
    [09/02/2004|23:47] C:\Program Files\MSN Gaming Zone
    [01/12/2007|12:01] C:\Program Files\MSN Messenger
    [22/11/2006|00:37] C:\Program Files\MSXML 4.0
    [22/04/2006|16:41] C:\Program Files\NETGEAR
    [11/11/2004|21:17] C:\Program Files\NetMeeting
    [20/08/2005|00:04] C:\Program Files\Norton AntiVirus
    [15/03/2004|18:45] C:\Program Files\Nullsoft
    [28/01/2005|17:52] C:\Program Files\Oberon Media
    [09/05/2004|16:46] C:\Program Files\OfficeUpdate11
    [26/01/2008|18:25] C:\Program Files\OpenOffice.org 2.3
    [04/06/2007|21:59] C:\Program Files\Orange
    [14/06/2007|20:46] C:\Program Files\Outlook Express
    [20/12/2006|15:16] C:\Program Files\PhotoFiltre
    [08/09/2004|15:20] C:\Program Files\Plus!
    [14/12/2007|18:23] C:\Program Files\QuickTime
    [18/08/2004|20:24] C:\Program Files\QuickZip
    [15/03/2004|18:45] C:\Program Files\Real
    [12/01/2008|16:13] C:\Program Files\Red Kawa
    [04/09/2006|11:51] C:\Program Files\SAGEM
    [16/07/2004|11:37] C:\Program Files\SBone Bone
    [01/09/2006|15:35] C:\Program Files\Securitoo
    [09/02/2004|23:48] C:\Program Files\Services en ligne
    [02/05/2004|10:58] C:\Program Files\Sierra On-Line
    [20/11/2004|13:34] C:\Program Files\SigmaTel
    [27/03/2006|23:53] C:\Program Files\SimPE
    [26/01/2008|14:58] C:\Program Files\Slitherine
    [04/11/2005|19:12] C:\Program Files\Support Software
    [20/08/2005|00:05] C:\Program Files\Symantec
    [29/06/2005|16:15] C:\Program Files\TGTSoft
    [15/06/2008|13:23] C:\Program Files\Trend Micro
    [04/08/2006|17:55] C:\Program Files\Ubi Soft
    [26/12/2004|20:06] C:\Program Files\Ulead Systems
    [24/10/2004|16:46] C:\Program Files\Uninstall Information
    [15/03/2004|19:08] C:\Program Files\USB Wireless Keyboard Driver
    [02/06/2006|11:14] C:\Program Files\VideoLAN
    [24/05/2006|21:56] C:\Program Files\Virtools Web Player 3.5
    [04/06/2008|20:29] C:\Program Files\Warcraft III
    [10/02/2004|13:39] C:\Program Files\Windows Journal Viewer
    [15/06/2008|10:29] C:\Program Files\Windows Live
    [15/06/2008|10:27] C:\Program Files\Windows Live Toolbar
    [10/12/2006|15:01] C:\Program Files\Windows Media Connect 2
    [10/12/2006|20:41] C:\Program Files\Windows Media Player
    [25/10/2004|09:25] C:\Program Files\Windows NT
    [16/08/2004|10:29] C:\Program Files\WindowsUpdate
    [28/03/2005|13:11] C:\Program Files\WinTV
    [10/02/2004|14:01] C:\Program Files\X10 Hardware
    [09/02/2004|23:49] C:\Program Files\xerox
    [16/04/2006|20:32] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [20/04/2005|21:26] C:\Program Files\Fichiers communs\Adobe
    [10/02/2004|13:42] C:\Program Files\Fichiers communs\Ahead
    [15/03/2004|18:45] C:\Program Files\Fichiers communs\aolshare
    [09/05/2004|16:35] C:\Program Files\Fichiers communs\DESIGNER
    [02/09/2004|18:11] C:\Program Files\Fichiers communs\Hewlett-Packard
    [29/03/2006|12:50] C:\Program Files\Fichiers communs\InstallShield
    [10/02/2004|14:00] C:\Program Files\Fichiers communs\InterVideo
    [26/01/2008|18:24] C:\Program Files\Fichiers communs\Java
    [30/09/2004|19:54] C:\Program Files\Fichiers communs\Logitech
    [17/07/2006|19:46] C:\Program Files\Fichiers communs\MGI Shared
    [08/04/2008|10:50] C:\Program Files\Fichiers communs\Microsoft Shared
    [09/02/2004|23:47] C:\Program Files\Fichiers communs\MSSoap
    [09/02/2004|23:45] C:\Program Files\Fichiers communs\ODBC
    [01/06/2006|19:34] C:\Program Files\Fichiers communs\Real
    [09/02/2004|23:47] C:\Program Files\Fichiers communs\Services
    [09/02/2004|23:45] C:\Program Files\Fichiers communs\SpeechEngines
    [20/08/2005|11:15] C:\Program Files\Fichiers communs\Symantec Shared
    [14/06/2007|20:46] C:\Program Files\Fichiers communs\System
    [27/10/2007|16:18] C:\Program Files\Fichiers communs\Teleca Shared
    [27/11/2007|19:41] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [01/06/2006|19:34] C:\Program Files\Fichiers communs\xing shared

    ---------------------------[ Process ]--------------------------

    ... 53

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-15 16:49:19
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    [F:2][D:4]-> C:\DOCUME~1\Papa\LOCALS~1\Temp
    [F:10][D:0]-> C:\DOCUME~1\Papa\Cookies
    [F:2][D:0]-> C:\DOCUME~1\Papa\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 16:50:03,53 ]----------------------
    15 Juin 2008 17:41:18

    Re,

    Repasse ComboFix, poste son rapport.
    15 Juin 2008 17:54:24

    Voici les résultats de OTMoveIt2 :

    File/Folder <C:\DOCUME~1\ALLUSE~1\APPLIC~1\32 Global File Mode not found.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\mixtestlogomanager moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\polleachruleprogram moved successfully.
    C:\DOCUME~1\INVIT~1\APPLIC~1\PROC DATE CAST moved successfully.

    OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06152008_174824

    _____________________________
    EDIT :
    Pardon, je n'avais pas vu que tu avais édité ton message, je fais un scan tout de suite et je poste le rapport.

    EDIT 2 : le voici

    ComboFix 08-06-12.2 - Papa 2008-06-15 17:55:30.2 - NTFSx86
    Endroit: C:\Documents and Settings\Papa\Bureau\ComboFix.exe

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-15 to 2008-06-15 ))))))))))))))))))))))))))))))))))))
    .

    2063-09-19 07:50 . 2063-09-19 07:50 5,501 --a------ C:\WINDOWS\system32\rtclmg32.dll
    2008-06-15 17:48 . 2008-06-15 17:48 <REP> d-------- C:\_OTMoveIt
    2008-06-15 15:45 . 2008-06-15 16:50 <REP> d-------- C:\Lop SD
    2008-06-15 14:54 . 2008-06-15 14:54 <REP> d-------- C:\Documents and Settings\Invité
    2008-06-15 14:54 . <REP> C:\Documents and Settings\InvitÚ\Local Settings
    2008-06-15 14:54 . <REP> C:\Documents and Settings\InvitÚ\Local Settings
    2008-06-15 13:23 . 2008-06-15 13:23 <REP> d-------- C:\Program Files\Trend Micro
    2008-06-15 12:07 . 2008-06-15 12:07 <REP> d-------- C:\WINDOWS\system32\CatRoot_bak
    2008-06-05 19:01 . 2008-06-05 19:01 <REP> d-------- C:\Documents and Settings\Papa\Application Data\FarStone
    2008-05-24 12:26 . 2008-05-24 12:31 29,977,495 --a------ C:\Bleach_92part2.flv.MP4
    2008-05-24 12:14 . 2008-05-24 12:15 10,202,341 --a------ C:\[AMV]Battle of Stars ; Kan'onji & Kon.flv.MP4
    2008-05-24 11:08 . 2008-05-24 11:11 18,577,969 --a------ C:\Bleach_87part1.flv.MP4
    2008-05-24 09:41 . 2008-05-24 09:44 29,319,224 --a------ C:\Bleach_92part1.flv.MP4
    2008-05-24 09:37 . 2008-05-24 09:41 24,967,672 --a------ C:\Bleach_91part2.flv.MP4
    2008-05-24 09:35 . 2008-05-24 09:37 17,854,235 --a------ C:\Bleach_91part1.flv.MP4
    2008-05-24 09:31 . 2008-05-24 09:31 23,018,923 --a------ C:\Bleach_90part1.flv.MP4.bak
    2008-05-24 09:24 . 2008-05-24 09:24 29,790,385 --a------ C:\Bleach_89part1.flv.MP4.bak
    2008-05-24 09:15 . 2008-05-24 09:18 17,502,585 --a------ C:\Bleach_87part2.MP4
    2008-05-23 22:33 . 2008-05-23 22:34 12,626,385 --a------ C:\Humor- SNL - What Is Love (Jim Carrey, Martin Short, Will Ferrell) (parody of Wayne's World car scene).mpg.MP4
    2008-05-23 22:05 . 2008-05-23 22:08 17,875,571 --a------ C:\2008-05-23_22-05-41.MP4
    2008-05-23 21:52 . 2008-05-23 21:56 19,654,820 --a------ C:\Bleach_82part1.flv.MP4
    2008-05-23 21:47 . 2008-05-23 21:52 19,673,228 --a------ C:\Bleach_82part2.flv.MP4
    2008-05-23 21:39 . 2008-05-24 09:28 29,115,930 --a------ C:\Bleach_89part2.flv.MP4
    2008-05-23 21:39 . 2008-05-24 09:35 23,018,923 --a------ C:\Bleach_90part2.flv.MP4
    2008-05-23 21:39 . 2008-05-24 09:31 23,018,923 --a------ C:\Bleach_90part1.flv.MP4
    2008-05-23 21:38 . 2008-05-24 09:24 29,790,385 --------- C:\Bleach_89part1.flv.MP4
    2008-05-23 21:38 . 2008-05-24 09:21 18,577,969 --a------ C:\Bleach_88.flv.MP4
    2008-05-23 21:34 . 2008-05-23 21:37 21,838,608 --a------ C:\Bleach_86Part2.flv.MP4
    2008-05-23 21:31 . 2008-05-23 21:34 19,242,802 --a------ C:\Bleach_86Part1.flv.MP4
    2008-05-23 21:29 . 2008-05-23 21:31 12,680,482 --a------ C:\Bleach_84-85PartC.flv.MP4
    2008-05-23 21:24 . 2008-05-23 21:29 27,777,389 --a------ C:\Bleach_84-85PartB.flv.MP4
    2008-05-23 21:19 . 2008-05-23 21:24 36,635,598 --a------ C:\Bleach_84-85PartA.flv.MP4
    2008-05-23 21:10 . 2008-05-23 21:14 12,144,201 --a------ C:\Bleach_83part2.flv.MP4
    2008-05-23 21:05 . 2008-05-23 21:10 23,208,051 --a------ C:\Bleach_83part1.flv.MP4
    2008-05-23 19:32 . 2008-05-23 19:34 17,875,571 --a------ C:\Bleach_81part2.flv.MP4
    2008-05-23 19:28 . 2008-05-23 19:32 19,191,213 --a------ C:\Bleach_81_Part1.flv.MP4
    2008-05-23 16:56 . 2008-05-23 17:05 99,948,712 --a------ C:\Bleach_80.flv.MP4
    2008-05-23 16:51 . 2008-05-23 16:51 <REP> d-------- C:\Program Files\AviSynth 2.5
    2008-05-23 16:51 . 2004-02-22 10:11 719,872 --a------ C:\WINDOWS\system32\devil.dll
    2008-05-23 16:51 . 2006-10-07 17:43 502,784 --a------ C:\WINDOWS\x2.64.exe
    2008-05-23 16:51 . 2007-05-14 15:24 394,240 --a------ C:\WINDOWS\system32\Smab.dll
    2008-05-23 16:51 . 2007-05-17 17:30 318,976 --a------ C:\WINDOWS\system32\avisynth.dll
    2008-05-23 16:51 . 2005-02-28 13:16 240,128 --a------ C:\WINDOWS\system32\x.264.exe
    2008-05-23 16:51 . 2006-04-12 09:47 217,073 --a------ C:\WINDOWS\meta4.exe
    2008-05-23 16:51 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
    2008-05-23 16:51 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
    2008-05-23 16:51 . 2006-04-05 08:09 66,560 --a------ C:\WINDOWS\MOTA113.exe
    2008-05-23 16:51 . 2005-07-14 12:31 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
    2008-05-23 16:50 . 2008-05-23 16:50 <REP> d-------- C:\Program Files\eRightSoft
    2008-05-21 13:19 . 2008-05-21 13:19 <REP> d-------- C:\Program Files\LimeWire

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-15 08:29 --------- d-----w C:\Program Files\Windows Live
    2008-06-15 08:27 --------- d-----w C:\Program Files\Windows Live Toolbar
    2008-06-15 08:16 --------- d-----w C:\Program Files\Hewlett-Packard
    2008-06-14 13:39 --------- d-----w C:\Program Files\eMule
    2008-06-14 13:38 --------- d-----w C:\Program Files\Dofus
    2008-06-14 13:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-06-04 18:29 --------- d-----w C:\Program Files\Warcraft III
    2008-05-21 11:06 --------- d-----w C:\Program Files\eChanblard
    2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
    2005-04-20 19:28 8,192 -csha-w C:\WINDOWS\o2cLicStore.bin
    2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
    2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2008-06-15_14.53.34.10 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-06-15 12:47:36 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-06-15 16:03:07 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-06-15 16:03:12 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_700.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C6DCFAA-53FF-AC04-6A41-A845AD498CD6}]
    C:\PROGRA~1\SITEGR~1\ThirdFour.exe

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4A425451-241C-74E5-33AA-E58F1EBDD92D}]
    C:\PROGRA~1\SITEGR~1\ThirdFour.exe

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-25 21:40 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Dit"="Dit.exe" [2002-08-28 14:43 73728 C:\WINDOWS\Dit.exe]
    "Cmaudio"="cmicnfg.cpl" [2003-12-11 16:44 2453504 C:\WINDOWS\CMICNFG.CPL]
    "Realtime Monitor"="C:\PROGRA~1\CA\ETRUST~1\realmon.exe" [2003-03-21 23:33 487696]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 13:50 155648]
    "PinnacleDriverCheck"="C:\WINDOWS\System32\PSDrvCheck.exe" [2003-11-10 17:06 406016]
    "FastTVSync"="C:\Program Files\Fichiers communs\InterVideo\FastTVSync\FastTVSync.exe" [2004-02-02 23:31 245760]
    "Home Theater SchSvr"="C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe" [2004-02-07 06:13 155648]
    "WINCINEMAMGR"="C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe" [2004-02-08 00:43 200704]
    "CHotkey"="mHotkey.exe" [2004-02-05 14:45 510464 C:\WINDOWS\mHotkey.exe]
    "ledpointer"="CNYHKey.exe" [2004-02-03 18:15 5794816 C:\WINDOWS\CNYHKey.exe]
    "filemodedownloadping"="C:\Documents and Settings\All Users\Application Data\32 Global File Mode\inside meow.exe" [ ]
    "AccessMedia P2P Loader"="C:\Program Files\p2pnetworks\amp2pl.exe" [ ]
    "RuleProgramKindBall"="C:\Documents and Settings\All Users\Application Data\polleachruleprogram\Soft Grid.exe" [ ]
    "LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 10:45 135214]
    "MyAccessMedia"="C:\DOCUME~1\Emilie\LOCALS~1\Temp\tmp401E.exe" [ ]
    "mediamotor.exe"="C:\WINDOWS\mmups.exe" [ ]
    "Bzydy"="C:\Program Files\Cesk\Fgkcbke.exe" [ ]
    "VirtualDrive"="C:\Program Files\FarStone\VirtualDrive\VDTask.exe" [2003-09-26 10:34 98304]
    "serpe"="C:\WINDOWS\system32\formatsys.exe" [ ]
    "Nsv"="C:\WINDOWS\system32\nsvsvc\nsvsvc.exe" [ ]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2003-11-17 11:33 3022848]
    "nwiz"="nwiz.exe" [2003-11-17 11:33 753664 C:\WINDOWS\system32\nwiz.exe]
    "n93js8tu"="C:\WINDOWS\system32\n93js8tu.exe" [ ]
    "inmmeo"="C:\DOCUME~1\MARTIN~1\LOCALS~1\Temp\app18.tmp" [ ]
    "Nfo"="C:\WINDOWS\system32\nfomon\nfomon.exe" [ ]
    "Getca"="C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe" [2004-03-10 21:57 45056]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 11:56 286720]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 13:10 267048]
    "LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2007-01-13 03:48 275800]
    "VX1000"="C:\WINDOWS\vVX1000.exe" [2006-12-06 01:38 707360]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
    "serpe"="C:\WINDOWS\system32\formatsys.exe" [ ]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
    "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2004-08-24 12:22 263280]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
    "serpe"= C:\WINDOWS\system32\formatsys.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.I420"= i420vfw.dll
    "vidc.dvsd"= dvc.dll
    "vidc.yv12"= yv12vfw.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification Packages REG_MULTI_SZ scecli scecli

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "C:\\Program Files\\MSN\\MSNCoreFiles\\msn6.exe"=
    "C:\\Program Files\\directx\\dplaysvr.exe"=
    "C:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
    "C:\\WINDOWS\\system32\\rtcshare.exe"=
    "C:\\WINDOWS\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Internet Explorer\\iexplore.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "C:\\Program Files\\FarStone\\VirtualDrive\\MGR.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\NetMeeting\\conf.exe"=
    "C:\\Program Files\\AMSN\\bin\\wish.exe"=
    "C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "C:\\Program Files\\Dofus-Arena beta 2\\DofusArena.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\eChanblard\\emule.exe"=
    "C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
    "C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
    "C:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
    "C:\\Program Files\\Warcraft III\\war3.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    "6112:TCP"= 6112:TCP:Type 'WarCraft III Battle.net'

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
    R2 Belkin 54Mbps Wireless USB;Belkin 54Mbps Wireless USB Network Service;C:\Program Files\BELKIN USB Wireless Monitor\WLService.exe [2003-06-09 12:24]
    R2 LogWatch;Event Log Watch;C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 16:29]
    R2 MSCamSvc;MSCamSvc;"C:\Program Files\Microsoft LifeCam\MSCamS32.exe" [2007-01-05 00:13]
    R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 10:04]
    R3 FVDSCSI;FVDSCSI;C:\WINDOWS\system32\DRIVERS\fvdscsi.sys [2003-08-09 10:05]
    R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]
    S3 A4501A;802.11g Wireless USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\A4501A.sys [2005-06-20 07:38]
    S3 BEL6051(Belkin);Belkin 11Mbps Wireless USB Network Adapter Driver(Belkin);C:\WINDOWS\system32\DRIVERS\BEL6051.SYS []
    S3 CA_LIC_CLNT;Client de licence CA;C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2002-09-20 16:27]
    S3 CA_LIC_SRVR;Serveur de licence CA;C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2002-09-20 16:41]
    S3 camvid20;Philips ToUcam Camera; Video;C:\WINDOWS\system32\DRIVERS\camdrv21.sys []
    S3 fbxusb;FreeBox USB Network Adapter;C:\WINDOWS\system32\DRIVERS\fbxusb.sys [2003-12-31 12:35]
    S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 19:08]
    S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 19:11]
    S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 19:11]
    S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 19:13]
    S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 19:15]
    S3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 10:47]
    S3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2003-09-04 10:38]
    S3 UKBFLT;UKBFLT;C:\WINDOWS\system32\DRIVERS\UKBFLT.sys [2003-12-19 17:13]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 07:58]
    S3 VX1000;VX-1000;C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-06 01:39]
    S3 ZDNDIS5;ZDNDIS5 Protocol Driver;C:\WINDOWS\system32\ZDNDIS5.SYS []

    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2008-06-13 21:16:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-12-30 17:24:44 C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job"
    - C:\Program Files\Microsoft LifeCam\LifeExp.exe
    "2007-12-30 17:24:44 C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_vVX1000_exe.job"
    - C:\WINDOWS\vVX1000.exe
    "2008-06-15 12:53:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
    - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-15 18:04:12
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cach‚s ...

    Balayage cach‚ autostart entries ...

    Balayage des fichiers cach‚s ...

    Scan termin‚ avec succŠs
    Les fichiers cach‚s: 0

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\scardsvr.exe
    C:\WINDOWS\system32\netdde.exe
    C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
    C:\Program Files\CA\eTrust Antivirus\InoRT.exe
    C:\Program Files\CA\eTrust Antivirus\InoTask.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\DitExp.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\PROGRA~1\COMMON~1\X10\Common\X10nets.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-15 18:09:24 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-06-15 16:09:19
    ComboFix2.txt 2008-06-15 12:53:59

    Pre-Run: 51,270,713,344 octets libres
    Post-Run: 51,255,734,272 octets libres

    238 --- E O F --- 2008-06-11 21:26:45
    15 Juin 2008 20:14:11

    Re,

    - Poste de travail/outils/option des dossiers/affichage/afficher les fichiers et dossiers cachés/Appliquer - - > OK
    - Poste de travail/outils/option des dossiers/affichage/décocher masquer les fichiers protégés du système d’exploitation/Appliquer - - > OK

    Tu recoches ces options après !

    Fais analyser ce(s) fichier(s) sur ce site >> Virustotal <<

  • Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier : C:\WINDOWS\system32\rtclmg32.dll
  • Clique maintenant sur Envoyer le fichier.
  • Poste le rapport (De Fichier *** reçu le *** jusqu’à SHA1 : ***)
    15 Juin 2008 20:43:17

    Voici le résultat :

    Fichier rtclmg32.dll reçu le 2008.06.15 20:29:32 (CET)
    Situation actuelle: terminé
    Résultat: 0/32 (0%)

    Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 : 2008.6.13.1 2008.06.15 -
    AntiVir : 7.8.0.55 2008.06.14 -
    Authentium : 5.1.0.4 2008.06.15 -
    Avast : 4.8.1195.0 2008.06.15 -
    AVG : 7.5.0.516 2008.06.14 -
    BitDefender : 7.2 2008.06.15 -
    CAT-QuickHeal : 9.50 2008.06.14 -
    ClamAV : 0.92.1 2008.06.15 -
    DrWeb : 4.44.0.09170 2008.06.15 -
    eSafe : 7.0.15.0 2008.06.15 -
    eTrust-Vet : 31.6.5873 2008.06.14 -
    Ewido : 4.0 2008.06.15 -
    F-Prot : 4.4.4.56 2008.06.12 -
    F-Secure : 6.70.13260.0 2008.06.15 -
    Fortinet : 3.14.0.0 2008.06.15 -
    GData : 2.0.7306.1023 2008.06.15 -
    Ikarus : T3.1.1.26.0 2008.06.15 -
    Kaspersky : 7.0.0.125 2008.06.15 -
    McAfee : 5317 2008.06.13 -
    Microsoft : 1.3604 2008.06.15 -
    NOD32v2 : 3187 2008.06.15 -
    Norman : 5.80.02 2008.06.13 -
    Panda : 9.0.0.4 2008.06.15 -
    Prevx1 : V2 2008.06.15 -
    Rising : 20.48.62.00 2008.06.15 -
    Sophos : 4.30.0 2008.06.15 -
    Sunbelt : 3.0.1153.1 2008.06.15 -
    Symantec : 10 2008.06.15 -
    TheHacker : 6.2.92.350 2008.06.14 -
    VBA32 : 3.12.6.7 2008.06.14 -
    VirusBuster : 4.3.26:9 2008.06.12 -
    Webwasher-Gateway : 6.6.2 2008.06.15 -

    Information additionnelle
    File size: 5501 bytes
    MD5...: 1210b67d246da49e8ea22c1f8f14cbea
    SHA1..: 5ea0df0e901e6710a1382c66c99837efc2de49e1
    16 Juin 2008 21:25:51

    Juste pour ne pas être oubliée ^^
    N'hésite pas à me le dire si tu coinces, je ne t'en voudrai pas ! :lol: 
    17 Juin 2008 10:25:20

    Re,

    Désolé pour le retard.

    Peux-tu zipper ce fichier, et l'envoyer ici : http://secubox.gateweb.org/mad.php
    => C:\WINDOWS\system32\rtclmg32.dll

    Question : Aurais-tu cracké un logiciel pour ne plus avoir à payer de mises à jour ?

    ******************

    Télécharge Flash Disinfector (de sUBs) sur ton Bureau.

  • Connecte tous les périphériques externes ( DD , USB , ..... )
  • Double clique sur Flash Disinfector et laisse toi guider.

    ******************

    Sélectionne l'intégralité du cadre ci-dessous :

    Collect::
    C:\WINDOWS\system32\rtclmg32.dll

    Driver::
    ZDNDIS5
    camvid20
    BEL6051

    Folder::
    C:\WINDOWS\system32\nfomon
    C:\WINDOWS\system32\nsvsvc
    C:\Program Files\p2pnetworks
    C:\PROGRA~1\SITEGR~1

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C6DCFAA-53FF-AC04-6A41-A845AD498CD6}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4A425451-241C-74E5-33AA-E58F1EBDD92D}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Dit"=-
    "NeroFilterCheck"=-
    "FastTVSync"=-
    "Home Theater SchSvr"=-
    "WINCINEMAMGR"=-
    "filemodedownloadping"=-
    "AccessMedia P2P Loader"=-
    "RuleProgramKindBall"=-
    "LVCOMS"=-
    "MyAccessMedia"=-
    "mediamotor.exe"=-
    "Bzydy"=-
    "serpe"=-
    "Nsv"=-
    "n93js8tu"=-
    "inmmeo"=-
    "Nfo"=-
    "QuickTime Task"=-
    "iTunesHelper"=-
    "LifeCam"=-
    "VX1000"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
    "serpe"=-
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
    "serpe"=-


    Cela va relancer Combofix. Après redémarrage, poste le contenu du rapport ComboFix.txt.
    S'il n'y a pas de rédémarrage, poste quand même le rapport.

  • Copie/colle le dans le Bloc Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
  • Enregistre le sous sur ton bureau sous le nom de CFScript.txt
  • Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :

  • Cela va relancer Combofix. Poste le contenu du rapport ComboFix.txt après redémarrage s'il y en a un.
    17 Juin 2008 13:27:32

    Bonjour,

    J'ai essayé d'envoyer le fichier sur secubox mais après l'envoi, on m'a demandée de m'identifier et comme les inscriptions sont fermées ..
    Donc je ne sais pas si ça a marché.

    Concernant le ou les logiciels potentiellement hackés, je n'en ai aucune idée. Je dirais que c'est tout à fait possible, mais comme je ne surveille pas ce PC, je ne pourrais pas répondre précisément.

    ________________________________

    Flash Disinfector fait.

    ________________________________

    Voici le rapport de ComboFix :

    ComboFix 08-06-12.2 - Papa 2008-06-17 12:18:40.3 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.628 [GMT 2:00]
    Endroit: C:\Documents and Settings\Papa\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Papa\Bureau\CFScript.txt

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\rtclmg32.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_ZDNDIS5
    -------\Service_camvid20
    -------\Service_ZDNDIS5


    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-17 to 2008-06-17 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-15 17:48 . 2008-06-15 17:48 <REP> d-------- C:\_OTMoveIt
    2008-06-15 15:45 . 2008-06-15 16:50 <REP> d-------- C:\Lop SD
    2008-06-15 14:54 . 2008-06-15 14:54 <REP> d-------- C:\Documents and Settings\Invité
    2008-06-15 14:54 . <REP> C:\Documents and Settings\InvitÚ\Local Settings
    2008-06-15 14:54 . <REP> C:\Documents and Settings\InvitÚ\Local Settings
    2008-06-15 13:23 . 2008-06-15 13:23 <REP> d-------- C:\Program Files\Trend Micro
    2008-06-15 12:07 . 2008-06-15 12:07 <REP> d-------- C:\WINDOWS\system32\CatRoot_bak
    2008-06-05 19:01 . 2008-06-05 19:01 <REP> d-------- C:\Documents and Settings\Papa\Application Data\FarStone
    2008-05-24 12:26 . 2008-05-24 12:31 29,977,495 --a------ C:\Bleach_92part2.flv.MP4
    2008-05-24 12:14 . 2008-05-24 12:15 10,202,341 --a------ C:\[AMV]Battle of Stars ; Kan'onji & Kon.flv.MP4
    2008-05-24 11:08 . 2008-05-24 11:11 18,577,969 --a------ C:\Bleach_87part1.flv.MP4
    2008-05-24 09:41 . 2008-05-24 09:44 29,319,224 --a------ C:\Bleach_92part1.flv.MP4
    2008-05-24 09:37 . 2008-05-24 09:41 24,967,672 --a------ C:\Bleach_91part2.flv.MP4
    2008-05-24 09:35 . 2008-05-24 09:37 17,854,235 --a------ C:\Bleach_91part1.flv.MP4
    2008-05-24 09:31 . 2008-05-24 09:31 23,018,923 --a------ C:\Bleach_90part1.flv.MP4.bak
    2008-05-24 09:24 . 2008-05-24 09:24 29,790,385 --a------ C:\Bleach_89part1.flv.MP4.bak
    2008-05-24 09:15 . 2008-05-24 09:18 17,502,585 --a------ C:\Bleach_87part2.MP4
    2008-05-23 22:33 . 2008-05-23 22:34 12,626,385 --a------ C:\Humor- SNL - What Is Love (Jim Carrey, Martin Short, Will Ferrell) (parody of Wayne's World car scene).mpg.MP4
    2008-05-23 22:05 . 2008-05-23 22:08 17,875,571 --a------ C:\2008-05-23_22-05-41.MP4
    2008-05-23 21:52 . 2008-05-23 21:56 19,654,820 --a------ C:\Bleach_82part1.flv.MP4
    2008-05-23 21:47 . 2008-05-23 21:52 19,673,228 --a------ C:\Bleach_82part2.flv.MP4
    2008-05-23 21:39 . 2008-05-24 09:28 29,115,930 --a------ C:\Bleach_89part2.flv.MP4
    2008-05-23 21:39 . 2008-05-24 09:35 23,018,923 --a------ C:\Bleach_90part2.flv.MP4
    2008-05-23 21:39 . 2008-05-24 09:31 23,018,923 --a------ C:\Bleach_90part1.flv.MP4
    2008-05-23 21:38 . 2008-05-24 09:24 29,790,385 --------- C:\Bleach_89part1.flv.MP4
    2008-05-23 21:38 . 2008-05-24 09:21 18,577,969 --a------ C:\Bleach_88.flv.MP4
    2008-05-23 21:34 . 2008-05-23 21:37 21,838,608 --a------ C:\Bleach_86Part2.flv.MP4
    2008-05-23 21:31 . 2008-05-23 21:34 19,242,802 --a------ C:\Bleach_86Part1.flv.MP4
    2008-05-23 21:29 . 2008-05-23 21:31 12,680,482 --a------ C:\Bleach_84-85PartC.flv.MP4
    2008-05-23 21:24 . 2008-05-23 21:29 27,777,389 --a------ C:\Bleach_84-85PartB.flv.MP4
    2008-05-23 21:19 . 2008-05-23 21:24 36,635,598 --a------ C:\Bleach_84-85PartA.flv.MP4
    2008-05-23 21:10 . 2008-05-23 21:14 12,144,201 --a------ C:\Bleach_83part2.flv.MP4
    2008-05-23 21:05 . 2008-05-23 21:10 23,208,051 --a------ C:\Bleach_83part1.flv.MP4
    2008-05-23 19:32 . 2008-05-23 19:34 17,875,571 --a------ C:\Bleach_81part2.flv.MP4
    2008-05-23 19:28 . 2008-05-23 19:32 19,191,213 --a------ C:\Bleach_81_Part1.flv.MP4
    2008-05-23 16:56 . 2008-05-23 17:05 99,948,712 --a------ C:\Bleach_80.flv.MP4
    2008-05-23 16:51 . 2008-05-23 16:51 <REP> d-------- C:\Program Files\AviSynth 2.5
    2008-05-23 16:51 . 2004-02-22 10:11 719,872 --a------ C:\WINDOWS\system32\devil.dll
    2008-05-23 16:51 . 2006-10-07 17:43 502,784 --a------ C:\WINDOWS\x2.64.exe
    2008-05-23 16:51 . 2007-05-14 15:24 394,240 --a------ C:\WINDOWS\system32\Smab.dll
    2008-05-23 16:51 . 2007-05-17 17:30 318,976 --a------ C:\WINDOWS\system32\avisynth.dll
    2008-05-23 16:51 . 2005-02-28 13:16 240,128 --a------ C:\WINDOWS\system32\x.264.exe
    2008-05-23 16:51 . 2006-04-12 09:47 217,073 --a------ C:\WINDOWS\meta4.exe
    2008-05-23 16:51 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
    2008-05-23 16:51 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
    2008-05-23 16:51 . 2006-04-05 08:09 66,560 --a------ C:\WINDOWS\MOTA113.exe
    2008-05-23 16:51 . 2005-07-14 12:31 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
    2008-05-23 16:50 . 2008-05-23 16:50 <REP> d-------- C:\Program Files\eRightSoft
    2008-05-21 13:19 . 2008-05-21 13:19 <REP> d-------- C:\Program Files\LimeWire

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-15 08:29 --------- d-----w C:\Program Files\Windows Live
    2008-06-15 08:27 --------- d-----w C:\Program Files\Windows Live Toolbar
    2008-06-15 08:16 --------- d-----w C:\Program Files\Hewlett-Packard
    2008-06-14 13:39 --------- d-----w C:\Program Files\eMule
    2008-06-14 13:38 --------- d-----w C:\Program Files\Dofus
    2008-06-14 13:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-06-04 18:29 --------- d-----w C:\Program Files\Warcraft III
    2008-05-21 11:06 --------- d-----w C:\Program Files\eChanblard
    2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
    2005-04-20 19:28 8,192 -csha-w C:\WINDOWS\o2cLicStore.bin
    2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
    2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2008-06-15_14.53.34.10 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-06-15 12:47:36 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-06-17 10:23:03 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    - 2007-11-28 11:48:59 29,926 -c--a-r C:\WINDOWS\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
    + 2008-06-16 17:18:28 29,926 ----a-r C:\WINDOWS\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
    - 2008-01-17 15:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
    + 2008-01-17 16:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
    + 2008-06-17 10:23:08 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_6f0.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Cmaudio"="cmicnfg.cpl" [2003-12-11 16:44 2453504 C:\WINDOWS\CMICNFG.CPL]
    "Realtime Monitor"="C:\PROGRA~1\CA\ETRUST~1\realmon.exe" [2003-03-21 23:33 487696]
    "PinnacleDriverCheck"="C:\WINDOWS\System32\PSDrvCheck.exe" [2003-11-10 17:06 406016]
    "CHotkey"="mHotkey.exe" [2004-02-05 14:45 510464 C:\WINDOWS\mHotkey.exe]
    "ledpointer"="CNYHKey.exe" [2004-02-03 18:15 5794816 C:\WINDOWS\CNYHKey.exe]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2003-11-17 11:33 3022848]
    "Getca"="C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe" [2004-03-10 21:57 45056]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
    "VirtualDrive"="C:\Program Files\FarStone\VirtualDrive\VDTask.exe" [2003-09-26 10:34 98304]
    "nwiz"="nwiz.exe" [2003-11-17 11:33 753664 C:\WINDOWS\system32\nwiz.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
    "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2004-08-24 12:22 263280]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.I420"= i420vfw.dll
    "vidc.dvsd"= dvc.dll
    "vidc.yv12"= yv12vfw.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification Packages REG_MULTI_SZ scecli scecli

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MyWebSearch Email Plugin.lnk
    backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^Martine Sawruk^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk]
    path=C:\Documents and Settings\Martine Sawruk\Menu Démarrer\Programmes\Démarrage\MyWebSearch Email Plugin.lnk
    backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    --a------ 2007-12-11 13:10 267048 C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    --a------ 2007-07-25 21:40 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "iPod Service"=3 (0x3)

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "C:\\Program Files\\MSN\\MSNCoreFiles\\msn6.exe"=
    "C:\\Program Files\\directx\\dplaysvr.exe"=
    "C:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
    "C:\\WINDOWS\\system32\\rtcshare.exe"=
    "C:\\WINDOWS\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Internet Explorer\\iexplore.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "C:\\Program Files\\FarStone\\VirtualDrive\\MGR.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\NetMeeting\\conf.exe"=
    "C:\\Program Files\\AMSN\\bin\\wish.exe"=
    "C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "C:\\Program Files\\Dofus-Arena beta 2\\DofusArena.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\eChanblard\\emule.exe"=
    "C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
    "C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
    "C:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
    "C:\\Program Files\\Warcraft III\\war3.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    "6112:TCP"= 6112:TCP:Type 'WarCraft III Battle.net'

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
    R2 Belkin 54Mbps Wireless USB;Belkin 54Mbps Wireless USB Network Service;C:\Program Files\BELKIN USB Wireless Monitor\WLService.exe [2003-06-09 12:24]
    R2 LogWatch;Event Log Watch;C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 16:29]
    R2 MSCamSvc;MSCamSvc;"C:\Program Files\Microsoft LifeCam\MSCamS32.exe" [2007-01-05 00:13]
    R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 10:04]
    R3 FVDSCSI;FVDSCSI;C:\WINDOWS\system32\DRIVERS\fvdscsi.sys [2003-08-09 10:05]
    R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]
    S3 A4501A;802.11g Wireless USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\A4501A.sys [2005-06-20 07:38]
    S3 BEL6051(Belkin);Belkin 11Mbps Wireless USB Network Adapter Driver(Belkin);C:\WINDOWS\system32\DRIVERS\BEL6051.SYS []
    S3 CA_LIC_CLNT;Client de licence CA;C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2002-09-20 16:27]
    S3 CA_LIC_SRVR;Serveur de licence CA;C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2002-09-20 16:41]
    S3 fbxusb;FreeBox USB Network Adapter;C:\WINDOWS\system32\DRIVERS\fbxusb.sys [2003-12-31 12:35]
    S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 19:08]
    S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 19:11]
    S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 19:11]
    S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 19:13]
    S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 19:15]
    S3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 10:47]
    S3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2003-09-04 10:38]
    S3 UKBFLT;UKBFLT;C:\WINDOWS\system32\DRIVERS\UKBFLT.sys [2003-12-19 17:13]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 07:58]
    S3 VX1000;VX-1000;C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-06 01:39]

    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2008-06-13 21:16:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-12-30 17:24:44 C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job"
    - C:\Program Files\Microsoft LifeCam\LifeExp.exe
    "2007-12-30 17:24:44 C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_vVX1000_exe.job"
    - C:\WINDOWS\vVX1000.exe
    "2008-06-15 16:53:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
    - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-17 12:26:56
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cach‚s ...

    Balayage cach‚ autostart entries ...

    Balayage des fichiers cach‚s ...

    Scan termin‚ avec succŠs
    Les fichiers cach‚s: 0

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\scardsvr.exe
    C:\WINDOWS\system32\netdde.exe
    C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
    C:\Program Files\BELKIN USB Wireless Monitor\WLanCfgG.exe
    C:\Program Files\CA\eTrust Antivirus\InoRT.exe
    C:\Program Files\CA\eTrust Antivirus\InoTask.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    C:\PROGRA~1\COMMON~1\X10\Common\X10nets.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-17 12:32:24 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-06-17 10:32:18
    ComboFix2.txt 2008-06-15 16:09:26
    ComboFix3.txt 2008-06-15 12:53:59

    Pre-Run: 51,177,988,096 octets libres
    Post-Run: 51,162,296,320 octets libres

    233 --- E O F --- 2008-06-11 21:26:45


    En même temps que le rapport, ComboFix m'a affichée une fenêtre et m'a demander d'envoyer le fichier rtclmg32.dll sur BleepingComputer (ce que j'ai fait) et il a ensuite mis ce fichier en quarantaine (je l'ai vu en faisant une recherche, il est dans : C:\Qoobox\Quarantine\C\WINDOWS\system32 )
    17 Juin 2008 13:34:45

    Ouaip c'est normal :) 

    Poste un nouveau rapport Hijackthis.
    17 Juin 2008 13:55:58

    Voici le nouveau rapport HijackThis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:48:15, on 17/06/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\setup\avast.setup
    C:\WINDOWS\system32\netdde.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\BELKIN USB Wireless Monitor\WLService.exe
    C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
    C:\Program Files\CA\eTrust Antivirus\InoRT.exe
    C:\Program Files\CA\eTrust Antivirus\InoTask.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\PROGRA~1\CA\SHARED~1\SCANEN~1\InoDist.exe
    C:\PROGRA~1\CA\ETRUST~1\realmon.exe
    C:\WINDOWS\mHotkey.exe
    C:\WINDOWS\CNYHKey.exe
    C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\System32\wbem\wmiapsrv.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: (no name) - {BB904F20-02A2-49CE-B948-86D31F7EEE90} - (no file)
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
    O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Getca] C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: NETGEAR WG311v3 Wireless Assistant.lnk = ?
    O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {2F2C9F60-4504-4ed9-8672-58C88D769CD1} - (no file)
    O9 - Extra 'Tools' menuitem: Launch MyAccessMedia - {2F2C9F60-4504-4ed9-8672-58C88D769CD1} - (no file)
    O9 - Extra button: (no name) - {7D6BEC01-15E2-46F0-8ED3-D715DE09A8F9} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Homepage Protector - {7D6BEC01-15E2-46F0-8ED3-D715DE09A8F9} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://freebox.free.fr/
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {E85362EF-40D4-4E5D-BE07-D6B036CCA277} (GoPets Control) - https://secure.gopetslive.com/dev/gopets.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Belkin 54Mbps Wireless USB Network Service (Belkin 54Mbps Wireless USB) - Unknown owner - C:\Program Files\BELKIN USB Wireless Monitor\WLService.exe
    O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
    O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
    O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 9796 bytes
    17 Juin 2008 14:17:16

    Re,

    Télécharge Clean (de Malekal) sur ton Bureau.

  • Dézippe le sur ton Bureau. Double-clic sur le dossier Clean qui vient d'apparaître.
  • Double-clic sur Clean.cmd. (L’extension cmd peut ne pas apparaître) Cela va ouvrir une fenêtre noire.
  • Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé.
  • Poste le rapport qui se trouve ici : C:\rapport_clean.txt

    Si tu obtiens un fichier C:\upload_moi.zip, merci de faire ceci.

    Aide : Comment utiliser Clean.

    ********

    Désinstalle via Ajout/Suppression de Programmes (si présents) :
  • Avast!

    Télécharge et exécute : http://www.avast.com/eng/avast-uninstall-utility.html

    Télécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :
    - Ajouter un raccourci sur le Bureau
    - Contrôler automatiquement les mises à jour de CCleaner
  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

    Aide : Comment utiliser CCleaner.

    ***************

    Télécharge AntiVir sur ton Bureau.

  • Double clique sur l'exécutable téléchargé pour lancer l'installation.
  • A la fin de l'installation, clique sur Finish.
  • Ouvre Antivir, assure-toi qu’il soit bien à jour !
  • Dans l'onglet Local Protection, choisis Scanner.
  • Active la recherche de rootkits via le + de rootkit search, puis dans manual selection, coche tout (tes partitions de disque dur).
  • Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
  • Poste moi le rapport généré : Pour cela, clique sur l'onglet Overview, puis choisis Reports, tu trouveras son rapport..

    Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.

    Pourquoi changer ? Avast vs Antivir.

    Aide : Comment installer et utiliser AntiVir.
    17 Juin 2008 19:34:55

    Clean passé.
    Rapport :

    17/06/2008 a 15:38:34,25

    *** Recherche des fichiers dans C:
    C:\autorun.inf FOUND

    *** Recherche des fichiers dans C:\WINDOWS\
    "C:\WINDOWS\Matrix Code.exe" FOUND

    *** Recherche des fichiers dans C:\WINDOWS\system32

    *** Recherche des fichiers dans C:\Program Files
    "C:\Program Files\msn messenger\riched20.dll" FOUND
    *** Fin du rapport !

    ____________________________

    Avast désinstallé
    CCleaner passé.

    ____________________________

    * AntiVir installé.
    * Quand j'ai essayé de passer un coup de scan avec les inscrtuctions données, le scan n'a duré que 3 secondes et a donné ce rapport :

    Avira AntiVir Personal
    Report file date: mardi 17 juin 2008 16:28

    Scanning for 1339860 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Save mode
    Username: Papa
    Computer name: ELODIE

    Version information:
    BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
    LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
    LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
    ANTIVIR2.VDF : 7.0.4.195 2546176 Bytes 14/06/2008 14:19:07
    ANTIVIR3.VDF : 7.0.4.209 110080 Bytes 17/06/2008 14:19:08
    Engineversion : 8.1.0.55
    AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
    AESCRIPT.DLL : 8.1.0.40 266618 Bytes 17/06/2008 14:19:14
    AESCN.DLL : 8.1.0.21 119156 Bytes 17/06/2008 14:19:14
    AERDL.DLL : 8.1.0.20 418165 Bytes 17/06/2008 14:19:13
    AEPACK.DLL : 8.1.1.5 364918 Bytes 17/06/2008 14:19:13
    AEOFFICE.DLL : 8.1.0.18 192890 Bytes 17/06/2008 14:19:12
    AEHEUR.DLL : 8.1.0.30 1253750 Bytes 17/06/2008 14:19:12
    AEHELP.DLL : 8.1.0.15 115063 Bytes 17/06/2008 14:19:10
    AEGEN.DLL : 8.1.0.28 307572 Bytes 17/06/2008 14:19:10
    AEEMU.DLL : 8.1.0.6 430451 Bytes 17/06/2008 14:19:09
    AECORE.DLL : 8.1.0.31 168310 Bytes 17/06/2008 14:19:09
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
    AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
    AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

    Configuration settings for the scan:
    Jobname..........................: Rootkit search
    Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp
    Logging..........................: high
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Scan memory......................: off
    Process scan.....................: off
    Scan registry....................: off
    Search for rootkits..............: on
    Scan all files...................: All files
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: high
    Expanded search settings.........: 0x00300922

    Start of the scan: mardi 17 juin 2008 16:28

    Starting search for hidden objects.
    The driver could not be initialized.


    End of the scan: mardi 17 juin 2008 16:28
    Used time: 00:03 min

    The scan has been done completely.

    0 Scanning directories
    0 Files were scanned
    0 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    0 Files cannot be scanned
    0 Files not concerned
    0 Archives were scanned
    0 Warnings
    0 Notes

    ___________

    Du coup j'ai refait un autre 'vrai' scan.
    J'ai juste cliqué sur 'Complete System Scan', donc je ne sais pas si ça prend en compte la manip pour lutter contre les rootkits.
    Néanmoins, voici le rapport :

    Avira AntiVir Personal
    Report file date: mardi 17 juin 2008 16:30

    Scanning for 1339860 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Save mode
    Username: Papa
    Computer name: ELODIE

    Version information:
    BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
    LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
    LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
    ANTIVIR2.VDF : 7.0.4.195 2546176 Bytes 14/06/2008 14:19:07
    ANTIVIR3.VDF : 7.0.4.209 110080 Bytes 17/06/2008 14:19:08
    Engineversion : 8.1.0.55
    AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
    AESCRIPT.DLL : 8.1.0.40 266618 Bytes 17/06/2008 14:19:14
    AESCN.DLL : 8.1.0.21 119156 Bytes 17/06/2008 14:19:14
    AERDL.DLL : 8.1.0.20 418165 Bytes 17/06/2008 14:19:13
    AEPACK.DLL : 8.1.1.5 364918 Bytes 17/06/2008 14:19:13
    AEOFFICE.DLL : 8.1.0.18 192890 Bytes 17/06/2008 14:19:12
    AEHEUR.DLL : 8.1.0.30 1253750 Bytes 17/06/2008 14:19:12
    AEHELP.DLL : 8.1.0.15 115063 Bytes 17/06/2008 14:19:10
    AEGEN.DLL : 8.1.0.28 307572 Bytes 17/06/2008 14:19:10
    AEEMU.DLL : 8.1.0.6 430451 Bytes 17/06/2008 14:19:09
    AECORE.DLL : 8.1.0.31 168310 Bytes 17/06/2008 14:19:09
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
    AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
    AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:, D:, E:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: mardi 17 juin 2008 16:30

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    11 processes with 11 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!
    Master boot sector HD1
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.
    Master boot sector HD2
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.
    Master boot sector HD3
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.
    Master boot sector HD4
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!
    Boot sector 'D:\'
    [INFO] No virus was found!
    Boot sector 'E:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    C:\WINDOWS\system32\nwiz.exe
    [WARNING] The file could not be opened!
    The registry was scanned ( '34' files ).


    Starting the file scan:

    Begin scan in 'C:\' <BOOT>
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\amstream.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\bdasup.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\ccdecode.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\d3d8.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\d3d8thk.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\d3d9.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\d3dim.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\d3dim700.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\d3dpmesh.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\d3dramp.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\d3drm.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\d3dxof.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\ddhelp.exe
    [WARNING] The file could not be opened!
    C:\Program Files\directx\ddraw.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\ddraw16.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\ddrawex.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\devenum.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\diactfrm.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dimap.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dinput.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dinput8.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dmband.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dmcompos.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dmime.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dmloader.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dmscript.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dmstyle.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dmsynth.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dmusic.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dmusic16.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dmusic32.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dplaysvr.exe
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dplayx.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dpmodemx.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dpnaddr.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dpnet.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dpnhpast.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dpnhupnp.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dpnlobby.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dpnsvr.exe
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dpvacm.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dpvoice.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dpvsetup.exe
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dpvvox.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dpwsockx.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dsdmo.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dsdmoprp.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dsound.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dsound3d.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dswave.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dx7vb.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dx8vb.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dxapi.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dxdiag.exe
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dxdiagn.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dxdllreg.exe
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dxmigr.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dxtmsft.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\dxtrans.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\encapi.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\gameenum.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\gcdef.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\gchand.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\hidgame.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\ks.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\ks98.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\ksse.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\ksuser.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\mciqtz32.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\migrate.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\mpe.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\msdmo.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\msdv.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\msdv98se.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\mskssrv.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\mspclock.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\mspqm.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\mstee.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\MSVidCtl.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\mswebdvd.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\msyuv.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\nabtsfec.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\ndisip.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\pid.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\psisdecd.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\qasf.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\qcap.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\qdv.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\qdvd.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\qedit.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\qedwipes.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\quartz.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\slip.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\stream.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\stream98.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\streamip.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\swenum.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\swenum98.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\swenumse.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\vidx16.dll
    [WARNING] The file could not be opened!
    C:\Program Files\directx\wstcodec.sys
    [WARNING] The file could not be opened!
    C:\Program Files\directx\wstdecod.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB824141$\user32.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB824141$\win32k.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\accwiz.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\crypt32.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\cryptsvc.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\hh.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\hhsetup.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\itss.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\locator.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\magnify.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\migwiz.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\mrxsmb.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\msconv97.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\narrator.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\newdev.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\ntdll.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\ntkrnlpa.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\ntoskrnl.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\osk.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\pchshell.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\raspptp.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\shell32.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\shmedia.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\srrstr.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\srv.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\user32.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\win32k.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\winsrv.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826939$\zipfldr.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826942$\dhcpcsvc.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826942$\ndis.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826942$\ndisuio.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826942$\netshell.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826942$\wzcdlg.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826942$\wzcsapi.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826942$\wzcsvc.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB826942$\xpsp2res.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\colbact.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\comuid.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\es.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\ole32.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\txflog.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\dao360.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\expsrv.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\msexch40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\msexcl40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\msjet40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\msjetol1.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\msjetoledb40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\msjint40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\msjter40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\msjtes40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\msltus40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\mspbde40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\msrd2x40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\msrd3x40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\msrepl40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\mstext40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\mswdat10.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\mswstr10.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\msxbde40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB829558$\vbajet32.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\callcont.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\msgina.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\mst120.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\schannel.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\xpsp2res.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB837001$\dao360.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB837001$\msjet40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB837001$\msjetol1.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB839645$\fldrclnr.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB839645$\shell32.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB839645$\shlwapi.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB839645$\sxs.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB839645$\xpsp2res.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallQ828026$\wmp.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvappbar.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nview.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nviewimg.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvrsda.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvrsde.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvrses.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvrsfr.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvrsit.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvrsnl.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvrspt.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvshell.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvwrsda.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvwrsde.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvwrses.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvwrsfr.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvwrsit.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvwrsnl.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nvwrspt.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\nwiz.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\drivers\etc\hosts.msn
    [DETECTION] Is the Trojan horse TR/AntiHosts.Gen
    [NOTE] The file was moved to '48cae70d.qua'!
    Begin scan in 'D:\' <BACKUP>
    D:\Emilie\Mes docs\Program Files\Medal Script 4.9\mIRC system\ALIAS1.INI
    [DETECTION] Is the Trojan horse TR/IRC.Flood.I.1
    [NOTE] The file was moved to '48a0ea7a.qua'!
    D:\Emilie\Mes docs\Program Files\Norton AntiVirus\Quarantine\08474962
    [0] Archive type: HIDDEN
    --> FIL\\\?\D:\Emilie\Mes docs\Program Files\Norton AntiVirus\Quarantine\08474962
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.AC.2 Backdoor server programs
    [NOTE] The file was moved to '488bee21.qua'!
    D:\Emilie\Mes docs\Program Files\Norton AntiVirus\Quarantine\2F592B08.class
    [DETECTION] Contains detection pattern of the Java virus JAVA/ClassLoader.C
    [NOTE] The file was moved to '488cee76.qua'!
    D:\Emilie\Mes docs\Program Files\Norton AntiVirus\Quarantine\2F592B08.zip
    [DETECTION] Contains detection pattern of the Java virus JAVA/ClassLoader.C
    [NOTE] The file was moved to '488cee7a.qua'!
    D:\Emilie\Mes docs\Program Files\Norton AntiVirus\Quarantine\543543C5.$$A
    [0] Archive type: HIDDEN
    --> FIL\\\?\D:\Emilie\Mes docs\Program Files\Norton AntiVirus\Quarantine\543543C5.$$A
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Bouffe.A.1 Backdoor server programs
    [NOTE] The file was moved to '488aee6e.qua'!
    D:\Emilie\Mes docs\Program Files\Norton AntiVirus\Quarantine\6B022136.class
    [DETECTION] Contains detection pattern of the Java virus JAVA/Binny.A
    [NOTE] The file was moved to '4887ee80.qua'!
    Begin scan in 'E:\' <RECOVER>


    End of the scan: mardi 17 juin 2008 19:09
    Used time: 2:39:11 min

    The scan has been done completely.

    9078 Scanning directories
    519997 Files were scanned
    7 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    7 files were moved to quarantine
    0 files were renamed
    230 Files cannot be scanned
    519990 Files not concerned
    8113 Archives were scanned
    234 Warnings
    7 Notes
    17 Juin 2008 19:53:54

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées :
    Redémarre en mode sans échec
    /!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    [#FF0000]Aide
    : Comment utiliser MBAM.

    **********

    Toujours en mode sans échec :

  • Relance Clean
  • Fais l’option 2 cette fois-ci et poste le rapport.
  • Le rapport se trouve ici : C:\rapport_clean.txt

    Aide : Comment utiliser Clean.
    17 Juin 2008 22:49:53

    Voici le rapport de MalwareByte's Anti-Malware :

    Malwarebytes' Anti-Malware 1.17
    Version de la base de données: 864

    22:24:36 17/06/2008
    mbam-log-6-17-2008 (22-24-31).txt

    Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|G:\|I:\|J:\|K:\|L:\|)
    Eléments examinés: 198679
    Temps écoulé: 1 hour(s), 54 minute(s), 58 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 116
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 54

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{d778513b-1c40-4819-b0c5-49e40b39afd0} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{38a7c9da-8db7-4d0f-a7b1-c4b1a305bddb} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{8d292ec0-6792-4a38-82ed-73a087e41ba6} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{98635087-3f5d-418f-990c-b1efe0797a3b} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{aa4939c3-deca-4a48-a454-97cd587c0ef5} (Adware.NetOptimizer) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{eee4a2e5-9f56-432f-a6ed-f6f625b551e0} (Adware.NetOptimizer) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\180ax (Adware.180Solutions) -> No action taken.
    HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
    HKEY_CURRENT_USER\Software\MyWebSearch (Adware.MyWebSearch) -> No action taken.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> No action taken.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Program Files\eChanblard\EvID4226Patch.exe (Adware.Agent) -> No action taken.
    C:\Program Files\MSN Messenger\riched20.dll (Adware.MyWeb.FunWeb) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\Internet Explorer\msimg32.dll.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\F3BROVLY.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\F3CJPEG.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\F3HISTSW.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\F3HTTPCT.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\F3IMSTUB.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\F3POPSWT.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\F3PSSAVR.SCR.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\F3REPROX.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\F3RESTUB.DLL.vir (Adware.MyWeb.FunWeb) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\F3SCHMON.EXE.vir (Adware.MyWeb.FunWeb) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\F3SCRCTR.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\F3SHLLVW.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\F3WPHOOK.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\M3HTML.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\M3IDLE.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\M3IMPIPE.EXE.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\M3OUTLCN.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\M3SKIN.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\M3SKPLAY.EXE.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL.vir (Adware.MyWebSearch) -> No action taken.
    C:\QooBox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP767\A0706173.exe (Adware.Agent) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715475.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715476.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715477.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715478.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715479.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715480.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715481.SCR (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715482.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715483.DLL (Adware.MyWeb.FunWeb) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715484.EXE (Adware.MyWeb.FunWeb) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715485.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715486.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715487.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715489.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715490.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715491.EXE (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715494.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715495.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715496.EXE (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715497.EXE (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715498.DLL (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715505.dll (Adware.MyWebSearch) -> No action taken.
    C:\System Volume Information\_restore{3B696C8C-B88F-4C0D-B2F9-16B897691B81}\RP791\A0715506.scr (Adware.MyWebSearch) -> No action taken.
    C:\WINDOWS\Fonts\cheri.zip (Trojan.Downloader) -> No action taken.
    C:\WINDOWS\Fonts\eighttrack.zip (Trojan.Downloader) -> No action taken.
    C:\WINDOWS\Fonts\graffititreat.zip (Trojan.Downloader) -> No action taken.
    C:\WINDOWS\Fonts\juniorpopstar.zip (Trojan.Downloader) -> No action taken.
    C:\WINDOWS\Fonts\moonstar.zip (Trojan.Downloader) -> No action taken.

    _______________________________________

    Et le rapport de Clean :


    Script execute en mode sans echec
    Rapport clean par Malekal_morte - http://www.malekal.com
    Script execute en mode sans echec 17/06/2008 a 22:25:48,81

    Microsoft Windows XP [version 5.1.2600]

    *** Suppression des fichiers dans C:
    tentative de suppression de C:\autorun.inf
    Impossible de supprimer C:\autorun.inf

    *** Suppression des fichiers dans C:\WINDOWS\
    tentative de suppression de "C:\WINDOWS\Matrix Code.exe"

    *** Suppression des fichiers dans C:\WINDOWS\system32

    *** Suppression des fichiers dans C:\Program Files

    *** Suppression des clefs du registre effectuee..
    *** Fin du rapport !
    18 Juin 2008 11:15:30

    Re,

    Tu as appliqué les actions avec MBAM ?
    18 Juin 2008 11:42:40

    Oui oui, j'ai tout fait comme dans les instructions.
    J'ai redémarré en mode sans échec, et j'ai lancé le scan complet.
    Une fois terminé, j'ai supprimé toute la sélection.
    Ensuite le rapport s'est ouvert et je l'ai enregistré.

    (Au fait, je préviens juste pour que tu ne penses pas que j'abandonne : je pars pour qques jours dès cet après-midi donc je ne pourrai pas continuer les manipulations sur l'ordinateur de ma soeur avant ce week-end, voire le début de la semaine prochaine.)
    18 Juin 2008 12:30:24

    Okay,

    Où en sont les problèmes ?
    Poste un nouveau rapport HijackThis.
    22 Juin 2008 12:20:03

    Bonjour,

    L'ordi en lui lui-même est débarrassé de sa lenteur (merci !)
    Le seul problème, c'est qu'Internet est plutôt lent à venir, il faut attendre un bon petit moment pour que la page s'affiche.

    _______________________________________

    Une question, dans l'ajout/suppression des programmes, il y a un programme appelé Select CashBack que je n'arrive pas à supprimer (je ne sais pas ce que c'est et sur Google, ça avait pas l'air d'être très gentil). Peux-tu m'aider à m'en débarasser ?

    _______________________________________

    En attendant, voici le rapport HijackThis :


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:16:08, on 22/06/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\system32\netdde.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\BELKIN USB Wireless Monitor\WLService.exe
    C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
    C:\Program Files\CA\eTrust Antivirus\InoRT.exe
    C:\Program Files\CA\eTrust Antivirus\InoTask.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\System32\wbem\wmiapsrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\CA\ETRUST~1\realmon.exe
    C:\WINDOWS\mHotkey.exe
    C:\WINDOWS\CNYHKey.exe
    C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: (no name) - {BB904F20-02A2-49CE-B948-86D31F7EEE90} - (no file)
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
    O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Getca] C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: NETGEAR WG311v3 Wireless Assistant.lnk = ?
    O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {2F2C9F60-4504-4ed9-8672-58C88D769CD1} - (no file)
    O9 - Extra 'Tools' menuitem: Launch MyAccessMedia - {2F2C9F60-4504-4ed9-8672-58C88D769CD1} - (no file)
    O9 - Extra button: (no name) - {7D6BEC01-15E2-46F0-8ED3-D715DE09A8F9} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Homepage Protector - {7D6BEC01-15E2-46F0-8ED3-D715DE09A8F9} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://freebox.free.fr/
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {E85362EF-40D4-4E5D-BE07-D6B036CCA277} (GoPets Control) - https://secure.gopetslive.com/dev/gopets.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Belkin 54Mbps Wireless USB Network Service (Belkin 54Mbps Wireless USB) - Unknown owner - C:\Program Files\BELKIN USB Wireless Monitor\WLService.exe
    O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
    O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
    O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 9673 bytes
    22 Juin 2008 14:36:43

    Re,

    As-tu tenté de le désinstaller ne mode sans échec ?
    22 Juin 2008 16:51:46

    Re,

    Oui, j'ai essayé, mais impossible de retrouver le fichier une fois en mode sans échec :
    1) il n'y a plus de tableau ajouter/supprimer un programme.
    2) je l'ai recherché, mais l'ordi ne m'a rien trouvée, alors qu'une fois en mode normal, je le trouve.
    _____________________

    Mais ce "Select CashBack" n'est pas ma priorité, je veux surtout qu'Internet ne rame plus pour le moment :/ 
    Internet marche parfaitement sur tous les autres ordis de la maisonnée, d'où mon incompréhension.
    22 Juin 2008 21:24:36

    Bizarre, ça semble clean pourtant... :S

    En mode sans échec, tu n'as pas accès au panneau de config ?
    Ce n'est pas normal ....

    Fais une recherche en mode normal du programme et donne moi les résultats ;) 
    Puis poste un nouveau rapport HijackThis.
    23 Juin 2008 11:39:22

    Bonjour,

    J'ai été bête, quand j'ai cherché l'ajout/suppression des programmes en mode sans échec, j'ai cherché à partir du poste de travail, comme en mode normal. Pas étonnant que je le trouvais pas !

    Donc là, j'ai voulu supprimer et une fenêtre m'a indiquée que le programme avait du être désinstallé auparavant car il ne le trouvait pas. Donc je l'ai juste supprimé de la liste des programmes.

    Un rapport HijackThis est-il toujours nécessaire ?
    23 Juin 2008 13:34:45

    Bien, oui, poste en un dernier ;) 
    23 Juin 2008 18:41:21

    Voici le dernier rapport HijackThis :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:26:24, on 23/06/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\CA\ETRUST~1\realmon.exe
    C:\WINDOWS\mHotkey.exe
    C:\WINDOWS\CNYHKey.exe
    C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\netdde.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\BELKIN USB Wireless Monitor\WLService.exe
    C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
    C:\Program Files\CA\eTrust Antivirus\InoRT.exe
    C:\Program Files\CA\eTrust Antivirus\InoTask.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\System32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: (no name) - {BB904F20-02A2-49CE-B948-86D31F7EEE90} - (no file)
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
    O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Getca] C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe
    O4 - Global Startup: NETGEAR WG311v3 Wireless Assistant.lnk = ?
    O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {2F2C9F60-4504-4ed9-8672-58C88D769CD1} - (no file)
    O9 - Extra 'Tools' menuitem: Launch MyAccessMedia - {2F2C9F60-4504-4ed9-8672-58C88D769CD1} - (no file)
    O9 - Extra button: (no name) - {7D6BEC01-15E2-46F0-8ED3-D715DE09A8F9} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Homepage Protector - {7D6BEC01-15E2-46F0-8ED3-D715DE09A8F9} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://freebox.free.fr/
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {E85362EF-40D4-4E5D-BE07-D6B036CCA277} (GoPets Control) - https://secure.gopetslive.com/dev/gopets.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Belkin 54Mbps Wireless USB Network Service (Belkin 54Mbps Wireless USB) - Unknown owner - C:\Program Files\BELKIN USB Wireless Monitor\WLService.exe
    O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
    O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
    O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 9366 bytes
    23 Juin 2008 20:01:02

    Re,

    Relance HijackThis (clique droit -> lancer en tant qu'adminstrateur sous Vista), do a system scan only, coche ces lignes (si toujours présentes) :
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    O3 - Toolbar: (no name) - {BB904F20-02A2-49CE-B948-86D31F7EEE90} - (no file)
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe
    O9 - Extra button: (no name) - {2F2C9F60-4504-4ed9-8672-58C88D769CD1} - (no file)
    O9 - Extra 'Tools' menuitem: Launch MyAccessMedia - {2F2C9F60-4504-4ed9-8672-58C88D769CD1} - (no file)

    Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
    Puis Fix Checked !

    **********

    Télécharge ToolsCleaner2 (de A.Rothstein)

  • Installe le sur ton Bureau.
  • Clique sur Recherche pour lancer le scan.
  • Clique sur Supprimer pour nettoyer les outils utilisés.
  • Clique sur Quitter.
  • Poste ce rapport ~>C:\TCleaner.txt<~

  • Garde Ccleaner, Avg (ou MBAM) et AntiVir si nous les avons installés..
  • Désactive-réactive la restauration système.
  • Rapporte ton infection sur Malware Complaints >Tuto<
  • Ton(tes) infection(s) : Lop, Toolbars, adware...
  • Si tu ne la trouves pas dans la liste, poste dans Autres infections,

  • Mets ton ordi correctement à jour >ici<
  • Si ce n'est pas fait, assure-toi que les Mises à jour Automatiques Windows soient activées !

    Puis regarde ces dossiers :

    - Sécurité/Prévention
    - Conséquences de la multi-protection
    - Toolbars : Inutilité et ralentissements

    Bonne journée/soirée :) 
    23 Juin 2008 23:48:44

    Bonsoir,

    Tout est fait !
    Merci pour les liens vers les dossiers, c'est très enrichissant !

    ________________________

    Voici en prime le rapport de ToolsCleaner2 :

    -->- Recherche:

    C:\Combofix: trouvé !
    C:\Lop SD: trouvé !
    C:\Qoobox: trouvé !
    C:\_OtMoveIt: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
    C:\Documents and Settings\Papa\Bureau\HijackThis.lnk: trouvé !
    C:\Documents and Settings\Papa\Bureau\Lop S&D.lnk: trouvé !
    C:\Documents and Settings\Papa\Bureau\LopSD.exe: trouvé !
    C:\Documents and Settings\Papa\Bureau\Clean.zip: trouvé !
    C:\Documents and Settings\Papa\Bureau\OtMoveIt2.exe: trouvé !
    C:\Documents and Settings\Papa\Bureau\ComboFix.exe: trouvé !
    C:\Documents and Settings\Papa\Menu Démarrer\Programmes\Lop S&D: trouvé !
    C:\Lop SD\Lop S&D.lnk: trouvé !
    C:\Program Files\Trend Micro\HijackThis: trouvé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !

    ---------------------------------
    -->- Suppression:

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
    C:\Documents and Settings\Papa\Bureau\HijackThis.lnk: supprimé !
    C:\Documents and Settings\Papa\Bureau\Lop S&D.lnk: supprimé !
    C:\Documents and Settings\Papa\Bureau\LopSD.exe: supprimé !
    C:\Documents and Settings\Papa\Bureau\Clean.zip: supprimé !
    C:\Documents and Settings\Papa\Bureau\OtMoveIt2.exe: supprimé !
    C:\Documents and Settings\Papa\Bureau\ComboFix.exe: supprimé !
    C:\Lop SD\Lop S&D.lnk: supprimé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
    C:\Combofix: supprimé !
    C:\Lop SD: supprimé !
    C:\Qoobox: supprimé !
    C:\_OtMoveIt: supprimé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
    C:\Documents and Settings\Papa\Menu Démarrer\Programmes\Lop S&D: supprimé !
    C:\Program Files\Trend Micro\HijackThis: supprimé !
    23 Juin 2008 23:59:44

    C'est clean :)  ++
    24 Juin 2008 00:24:25

    Merci infiniment pour ta patience ! :lol: 
    Je te suis très reconnaissante.

    Je ferai lire les dossiers aux membres de ma famille pour éviter tout nouveau débordement (pour cet ordi comme pour les autres).

    A jamais j'espère ! ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS