Pc infecté

le pb est que j'ai une erreure systeme apres avoir cliqué sur mon compte
en mode sans echec,
puis il redemarre en mode normal

je n'ai pas le temps de voir
oui c'est ce que j'ai commencé à faire

voila le rapport du fichier rapport.txt mais je n'ai pas trouvé l'autre rapport :

SmitFraudFix v2.424

Rapport fait ‡ 13:24:01,62, 25/11/2009
ExecutÈ ‡ partir de C:\Documents and Settings\moi\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du systËme de fichiers est NTFS
Fix executÈ en mode normal

ªªªªªªªªªªªªªªªªªªªªªªªª SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clÈs qui suivent ne sont pas forcÈment infectÈes!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

ªªªªªªªªªªªªªªªªªªªªªªªª Arret des processus


ªªªªªªªªªªªªªªªªªªªªªªªª hosts


127.0.0.1 localhost

ªªªªªªªªªªªªªªªªªªªªªªªª VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


ªªªªªªªªªªªªªªªªªªªªªªªª Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


ªªªªªªªªªªªªªªªªªªªªªªªª Generic Renos Fix

GenericRenosFix by S!Ri


ªªªªªªªªªªªªªªªªªªªªªªªª Suppression des fichiers infectÈs


ªªªªªªªªªªªªªªªªªªªªªªªª IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



ªªªªªªªªªªªªªªªªªªªªªªªª Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


ªªªªªªªªªªªªªªªªªªªªªªªª 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


ªªªªªªªªªªªªªªªªªªªªªªªª RK


ªªªªªªªªªªªªªªªªªªªªªªªª DNS

HKLM\SYSTEM\CS2\Services\Tcpip\..\{0A1DD561-607B-4466-9E4D-162196F063B0}: DhcpNameServer=172.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=172.168.1.1


ªªªªªªªªªªªªªªªªªªªªªªªª Suppression Fichiers Temporaires


ªªªªªªªªªªªªªªªªªªªªªªªª Winlogon.System
!!!Attention, les clÈs qui suivent ne sont pas forcÈment infectÈes!!!

"System"=""


ªªªªªªªªªªªªªªªªªªªªªªªª RK.2



ªªªªªªªªªªªªªªªªªªªªªªªª Nettoyage du registre

Nettoyage terminÈ.

ªªªªªªªªªªªªªªªªªªªªªªªª SharedTaskScheduler AprËs SmitFraudFix
!!!Attention, les clÈs qui suivent ne sont pas forcÈment infectÈes!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


ªªªªªªªªªªªªªªªªªªªªªªªª Fin

je n'arrive pas a poster l'autre

http://www.cijoint.fr/cjlink.php?file=cj200911/cijCn9cGix.txt

ça tourne toujours apres 4h et il n'a rien trouvé
par contre j'ai relancé spyware doctor et il n'y a plus psguard :)
et il y en a pleins d'autres qui ont disparu
sauf encore ClientMan
j'attend la fin de la recherche de mbm pour t'envoyer son rapport

il vient juste de s'arreter et n'a trouvé aucun elements nuisibles ???
alors que spyware doctor trouve :
- ClientMan
- Zapspot
- trojan-downloader bagle
- xlocator
- trackingcookies

qu'en penses tu ?

merci en tout cas

voila


Malwarebytes' Anti-Malware 1.41
Version de la base de donnÈes: 3228
Windows 5.1.2600 Service Pack 3

25/11/2009 19:24:08
mbam-log-2009-11-25 (19-24-08).txt

Type de recherche: Examen complet (C:\|)
ElÈments examinÈs: 435064
Temps ÈcoulÈ: 3 hour(s), 59 minute(s), 9 second(s)

Processus mÈmoire infectÈ(s): 0
Module(s) mÈmoire infectÈ(s): 0
ClÈ(s) du Registre infectÈe(s): 0
Valeur(s) du Registre infectÈe(s): 0
ElÈment(s) de donnÈes du Registre infectÈ(s): 0
Dossier(s) infectÈ(s): 0
Fichier(s) infectÈ(s): 0

Processus mÈmoire infectÈ(s):
(Aucun ÈlÈment nuisible dÈtectÈ)

Module(s) mÈmoire infectÈ(s):
(Aucun ÈlÈment nuisible dÈtectÈ)

ClÈ(s) du Registre infectÈe(s):
(Aucun ÈlÈment nuisible dÈtectÈ)

Valeur(s) du Registre infectÈe(s):
(Aucun ÈlÈment nuisible dÈtectÈ)

ElÈment(s) de donnÈes du Registre infectÈ(s):
(Aucun ÈlÈment nuisible dÈtectÈ)

Dossier(s) infectÈ(s):
(Aucun ÈlÈment nuisible dÈtectÈ)

Fichier(s) infectÈ(s):
(Aucun ÈlÈment nuisible dÈtectÈ)

SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 11/26/2009 at 02:38 PM

Application Version : 4.31.1000

Core Rules Database Version : 4313
Trace Rules Database Version: 2177

Scan type : Quick Scan
Total Scan Time : 01:22:30

Memory items scanned : 633
Memory threats detected : 0
Registry items scanned : 641
Registry threats detected : 0
File items scanned : 10619
File threats detected : 50

Adware.Tracking Cookie
C:\Documents and Settings\moi\Cookies\moi@questionmarket[2].txt
C:\Documents and Settings\moi\Cookies\moi@t.bbtrack[3].txt
C:\Documents and Settings\moi\Cookies\moi@www.googleadservices[3].txt
C:\Documents and Settings\moi\Cookies\moi@smartadserver[3].txt
C:\Documents and Settings\moi\Cookies\moi@content.yieldmanager[3].txt
C:\Documents and Settings\moi\Cookies\moi@wysistat[2].txt
C:\Documents and Settings\moi\Cookies\moi@adtech[2].txt
C:\Documents and Settings\moi\Cookies\moi@microsoftinternetexplorer.112.2o7[1].txt
C:\Documents and Settings\moi\Cookies\moi@xiti[2].txt
C:\Documents and Settings\moi\Cookies\moi@myroitracking[1].txt
C:\Documents and Settings\moi\Cookies\moi@opodo.122.2o7[1].txt
C:\Documents and Settings\moi\Cookies\moi@bs.serving-sys[3].txt
C:\Documents and Settings\moi\Cookies\moi@adserver.aol[1].txt
C:\Documents and Settings\moi\Cookies\moi@stopzilla[1].txt
C:\Documents and Settings\moi\Cookies\moi@www.googleadservices[2].txt
C:\Documents and Settings\moi\Cookies\moi@advertising[2].txt
C:\Documents and Settings\moi\Cookies\moi@www.stopzilla[2].txt
C:\Documents and Settings\moi\Cookies\moi@msnportal.112.2o7[2].txt
C:\Documents and Settings\moi\Cookies\moi@hearstdigital.122.2o7[1].txt
C:\Documents and Settings\moi\Cookies\moi@cetelem.solution.weborama[1].txt
C:\Documents and Settings\moi\Cookies\moi@atdmt[5].txt
C:\Documents and Settings\moi\Cookies\moi@ad.zanox[2].txt
C:\Documents and Settings\moi\Cookies\moi@ad.yieldmanager[1].txt
C:\Documents and Settings\moi\Cookies\moi@bluestreak[1].txt
C:\Documents and Settings\moi\Cookies\moi@seloger.122.2o7[1].txt
C:\Documents and Settings\moi\Cookies\moi@atdmt[3].txt
C:\Documents and Settings\moi\Cookies\moi@www.googleadservices[1].txt
C:\Documents and Settings\moi\Cookies\moi@weborama[3].txt
C:\Documents and Settings\moi\Cookies\moi@ehg-theactivenetwork.hitbox[2].txt
C:\Documents and Settings\moi\Cookies\moi@windowslivemessenger.solution.weborama[1].txt
C:\Documents and Settings\moi\Cookies\moi@serving-sys[2].txt
C:\Documents and Settings\moi\Cookies\moi@doubleclick[4].txt
C:\Documents and Settings\moi\Cookies\moi@tradedoubler[3].txt
C:\Documents and Settings\moi\Cookies\moi@eurostar.122.2o7[1].txt
C:\Documents and Settings\moi\Cookies\moi@247realmedia[1].txt
C:\Documents and Settings\moi\Cookies\moi@estat[1].txt
C:\Documents and Settings\moi\Cookies\moi@ads.active[1].txt
C:\Documents and Settings\moi\Cookies\moi@statse.webtrendslive[1].txt
C:\Documents and Settings\moi\Cookies\moi@yourmedia[1].txt
C:\Documents and Settings\moi\Cookies\moi@fr.at.atwola[1].txt
C:\Documents and Settings\moi\Cookies\moi@overture[2].txt
C:\Documents and Settings\moi\Cookies\moi@hitbox[2].txt
C:\Documents and Settings\moi\Cookies\moi@boursoramabanque.solution.weborama[3].txt
C:\Documents and Settings\Arielle\Cookies\arielle@weborama[1].txt
C:\Documents and Settings\Arielle\Cookies\arielle@doubleclick[2].txt
C:\Documents and Settings\Arielle\Cookies\arielle@bluestreak[2].txt
C:\Documents and Settings\Arielle\Cookies\arielle@www.smartadserver[2].txt
C:\Documents and Settings\Arielle\Cookies\arielle@yourmedia[1].txt
C:\Documents and Settings\Arielle\Cookies\arielle@xiti[1].txt

Trojan.Unclassified/Packed-Win
D:\VIDEO\UTORENT\FINI\MAGIC ISO MAKER 5.5 BUILD 0272 (MULTILINGUAL) [RH]\MIM_5.5.BUILD_0272_[RH]\MAGIC ISO MAKER 5.5 BUILD 0272 (MULTILINGUAL)\PATCH\MIM- PATCH.EXE

oui j'ai supprimé ce qui a ete detecté



Logfile of random's system information tool 1.06 (written by random/random)
Run by moi at 2009-11-26 16:23:39
Microsoft Windows XP …dition familiale Service Pack 3
System drive C: has 3 GB (9%) free of 29 GB
Total RAM: 1014 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:24:13, on 26/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
C:\Program Files\Freenet\bin\wrapper-windows-x86-32.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\java.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\moi\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\moi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.net.sy:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\Stopzilla!\Toolbar\SZSG.dll
O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\Stopzilla!\Toolbar\SZSG.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE R…SEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: CrÈer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O15 - Trusted Zone: http://www.camiondesmots.com
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - https://www.3ds.com/products-services/3dvia/
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://tiragesphoto.fnac.com/
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Freenet 0.7 darknet-8888 (freenet-darknet-8888) - Unknown owner - C:\Program Files\Freenet\bin\wrapper-windows-x86-32.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: License Management Service ESD - Unknown owner - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Service CANALPLAY - Canal+ Distribution - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

non ce n'est pas voulu !!! je vais l'enlever..

voici le rapport:


############################## | UsbFix V6.057 |

User : moi (Administrateurs) # FJ
Update on 25/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 16:51:06 | 26/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Celeron(R) M processor 1.50GHz
Microsoft Windows XP …dition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : avast! antivirus 4.8.1351 [VPS 091125-1] 4.8.1351 [ Enabled | Updated ]
FW : ZoneAlarm Firewall[ Enabled ]7.0.483.000

C:\ -> Disque fixe local # 27,95 Go (2,48 Go free) [VAIO] # NTFS
D:\ -> Disque fixe local # 20,95 Go (505,72 Mo free) [VAIO] # NTFS
E:\ -> Disque amovible
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM # 3,89 Go (0 Mo free) [3DS MAX 9] # UDF
H:\ -> Disque CD-ROM # 696,9 Mo (0 Mo free) [MOCAP] # CDFS
I:\ -> Disque CD-ROM
J:\ -> Disque amovible # 124,72 Mo (59,78 Mo free) # FAT
K:\ -> Disque amovible # 7,51 Go (1,31 Go free) # FAT32
L:\ -> Disque fixe local # 465,76 Go (423,5 Go free) [LaCie] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 908
C:\WINDOWS\system32\csrss.exe 984
C:\WINDOWS\system32\winlogon.exe 1008
C:\WINDOWS\system32\services.exe 1064
C:\WINDOWS\system32\lsass.exe 1076
C:\WINDOWS\system32\svchost.exe 1228
C:\WINDOWS\system32\svchost.exe 1308
C:\WINDOWS\System32\svchost.exe 1348
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 1388
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe 1456
C:\WINDOWS\system32\svchost.exe 1636
C:\WINDOWS\system32\svchost.exe 1672
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1828
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1880
C:\WINDOWS\system32\spoolsv.exe 648
C:\WINDOWS\system32\svchost.exe 728
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe 760
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 772
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe 792
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe 820
C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe 920
C:\Program Files\Freenet\bin\wrapper-windows-x86-32.exe 964
C:\WINDOWS\System32\FTRTSVC.exe 1244
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe 1380
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe 1536
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 1632
C:\Program Files\Spyware Doctor\pctsAuxs.exe 1756
C:\Program Files\Spyware Doctor\pctsSvc.exe 1792
C:\WINDOWS\system32\java.exe 1952
C:\WINDOWS\System32\snmp.exe 2744
C:\WINDOWS\system32\svchost.exe 2768
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe 2860
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe 3008
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe 3172
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe 3440
C:\WINDOWS\system32\igfxext.exe 3728
C:\WINDOWS\Explorer.EXE 2084
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe 2356
C:\Program Files\Spyware Doctor\pctsTray.exe 1468
C:\Program Files\Microsoft ActiveSync\wcescomm.exe 2688
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe 2848
C:\PROGRA~1\MI3AA1~1\rapimgr.exe 2980
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 3712
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2372
C:\WINDOWS\System32\svchost.exe 2816
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe 2284
C:\WINDOWS\System32\alg.exe 2152
C:\WINDOWS\system32\wbem\wmiprvse.exe 3520

################## | Fichiers # Dossiers infectieux |

C:\WINDOWS\IDB.zip
C:\WINDOWS\UDB.zip
G:\autorun.inf
J:\log.txt
L:\autorun.inf
L:\._autorun.inf

################## | Registre # ClÈs infectieuses |


################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{5bfcd623-94bb-11de-9e91-0012f04cbeb5}
Shell\Shell00\Command =J:\Start.exe

################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.057 ! |

C'est normal qu'apres avoir redemarrer l'ordi à lancé un netoyage de disque en meme temps que usbfix ?

oui

je n'ai pas encore de rapport il n'a pas fini

############################## | UsbFix V6.057 |

User : moi (Administrateurs) # FJ
Update on 25/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 09:47:48 | 27/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Celeron(R) M processor 1.50GHz
Microsoft Windows XP …dition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1351 [VPS 091125-1] 4.8.1351 [ Enabled | Updated ]
FW : ZoneAlarm Firewall[ Enabled ]7.0.483.000

C:\ -> Disque fixe local # 27,95 Go (2,48 Go free) [VAIO] # NTFS
D:\ -> Disque fixe local # 20,95 Go (505,72 Mo free) [VAIO] # NTFS
E:\ -> Disque amovible
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM # 3,89 Go (0 Mo free) [3DS MAX 9] # UDF
H:\ -> Disque CD-ROM # 696,9 Mo (0 Mo free) [MOCAP] # CDFS
I:\ -> Disque CD-ROM
J:\ -> Disque amovible # 124,72 Mo (59,77 Mo free) # FAT
K:\ -> Disque amovible # 7,51 Go (1,31 Go free) # FAT32
L:\ -> Disque fixe local # 465,76 Go (423,5 Go free) [LaCie] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 972
C:\WINDOWS\system32\csrss.exe 1032
C:\WINDOWS\system32\winlogon.exe 1056
C:\WINDOWS\system32\services.exe 1100
C:\WINDOWS\system32\lsass.exe 1112
C:\WINDOWS\system32\svchost.exe 1268
C:\WINDOWS\system32\svchost.exe 1348
C:\WINDOWS\System32\svchost.exe 1388
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 1420
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe 1548
C:\WINDOWS\system32\svchost.exe 1632
C:\WINDOWS\system32\svchost.exe 1720
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1876
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1932
C:\WINDOWS\Explorer.EXE 640
C:\WINDOWS\system32\spoolsv.exe 544
C:\WINDOWS\system32\svchost.exe 1284
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe 1408
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1428
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe 1520
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe 1576
C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe 1688
C:\Program Files\Freenet\bin\wrapper-windows-x86-32.exe 1860
C:\WINDOWS\System32\FTRTSVC.exe 1964
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 1984
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe 288
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe 336
C:\WINDOWS\system32\java.exe 444
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 612
C:\Program Files\Spyware Doctor\pctsAuxs.exe 820
C:\WINDOWS\System32\snmp.exe 1660
C:\WINDOWS\system32\svchost.exe 1228
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe 1800
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe 2152
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe 2448
C:\WINDOWS\system32\igfxext.exe 2728
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe 2828
C:\WINDOWS\system32\wuauclt.exe 3240
C:\WINDOWS\system32\wbem\wmiprvse.exe 3568
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 3872
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 3968

################## | Fichiers # Dossiers infectieux |

SupprimÈ ! C:\WINDOWS\IDB.zip
SupprimÈ ! C:\WINDOWS\UDB.zip
Non supprimÈ ! G:\autorun.inf
SupprimÈ ! J:\log.txt
SupprimÈ ! L:\autorun.inf
SupprimÈ ! L:\._autorun.inf

################## | Registre # ClÈs infectieuses |


################## | Registre # Mountpoints2 |


################## | Listing des fichiers prÈsent |

[01/01/2009 20:02|--a------|33648] C:\ASLog.txt
[07/03/2005 18:21|--a------|0] C:\AUTOEXEC.BAT
[26/11/2009 08:13|--ahs----|216] C:\boot.ini
[05/08/2004 13:00|-rahs----|4952] C:\Bootfont.bin
[05/04/2007 16:27|--a------|274] C:\Bryce Lightning Uninstall.log
[05/04/2007 16:21|--a------|254] C:\Bryce Uninstall.log
[25/11/2009 19:31|--a------|1164] C:\cleannavi.txt
[24/11/2009 12:17|--a------|451] C:\colorbox.log
[07/03/2005 18:21|--a------|0] C:\CONFIG.SYS
[24/11/2009 09:34|--a------|10] C:\confin.sys
[21/11/2006 17:21|--a------|40973] C:\debug.log
[12/09/2008 10:43|--a------|9269] C:\EyeCandyLog.txt
[?|?|?] C:\hiberfil.sys
[24/11/2006 11:14|--a------|47] C:\index.html
[09/09/2006 20:14|--a------|1119] C:\INSTALL.LOG
[07/03/2005 18:21|-rahs----|0] C:\IO.SYS
[07/03/2005 18:21|-rahs----|0] C:\MSDOS.SYS
[05/08/2004 13:00|-rahs----|47564] C:\NTDETECT.COM
[23/09/2008 09:07|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[23/03/2006 15:27|--a------|87] C:\PC_Basemap.log
[25/11/2009 13:32|--a------|1979] C:\rapport.txt
[05/04/2006 17:18|--a------|3186] C:\smitfiles.txt
[31/10/2005 16:56|--a------|700416] C:\StubInstaller.exe
[10/01/2001 11:23|--a------|162304] C:\UNWISE.EXE
[27/11/2009 10:22|--a------|5023] C:\UsbFix.txt
[17/11/2006 22:14|--a------|73] C:\WMDiag.log
[08/08/2005 07:46|--a------|16763] D:\anim.swf
[15/06/2009 11:15|--a------|0] D:\auchan2.whtt
[16/06/2009 16:41|--a------|4243] D:\backblue.gif
[02/07/2009 17:19|--a------|0] D:\class_test.php
[25/10/2006 18:07|--a------|1444] D:\Copie de canalplus.mpg.txt
[24/06/2009 12:28|--a------|2342] D:\correlation.php
[22/06/2009 16:24|--a------|958] D:\correlation2.php
[26/06/2009 09:03|--a------|7096] D:\correlation_resync.php
[25/06/2009 14:13|--a------|4631] D:\correlation_resync2.php
[25/06/2009 14:47|--a------|6888] D:\correlation_resync_online.php
[23/06/2009 14:57|--a------|2665] D:\correlation_web.php
[16/06/2009 16:41|--a------|828] D:\fade.gif
[25/10/2006 18:05|--a------|1152] D:\france2.mpg.txt
[16/06/2009 13:09|--a------|0] D:\houra.whtt
[16/06/2009 16:41|--a------|0] D:\INTERMARCHE.whtt
[16/06/2009 07:42|--a------|0] D:\monoprix.whtt
[24/06/2009 17:09|--a------|881] D:\netoyer.php
[06/07/2009 18:20|--a------|10796] D:\newsletter-asp.php
[15/06/2009 12:45|--a------|0] D:\ooshop.whtt
[07/03/2009 20:56|--a------|550] D:\Raccourci vers Slumdog.Millionaire.DVDSCR.XviD-NoGrp.avi.lnk
[10/06/2009 07:18|--a------|0] D:\telemarket.whtt
[02/07/2009 17:21|--a------|0] D:\test.php
[23/06/2009 17:54|--a------|298] D:\test_array.php
[24/08/2009 16:30|--ahs----|4608] D:\Thumbs.db
[06/07/2009 09:13|--a------|527] D:\xml.php
[02/08/2006 16:12|-r-------|23558] G:\3dsmax.ico
[29/09/2006 21:37|-r-------|127] G:\3dsmax9dvd.mid
[21/10/2004 21:38|-r-------|126976] G:\Setup.exe
[24/08/2006 00:17|-r-------|379] G:\Setup.ini
[06/09/2006 18:31|-r-------|44] G:\autorun.inf
[08/11/2008 15:34|--a------|2611540] J:\trumeau musique.JPG
[08/11/2008 15:33|--a------|2664474] J:\trumeau science.JPG
[13/03/2008 17:11|--a------|1436676] J:\zzimg209.jpg
[22/11/2006 19:07|--a------|115085] J:\dÇtail Senlis 1.jpg
[22/11/2006 19:07|--a------|124939] J:\dÇtail Senlis 3.jpg
[22/11/2006 19:11|--a------|201358] J:\La Guette.jpg
[22/11/2006 19:09|--a------|88471] J:\plafond reims 1.jpg
[22/11/2006 19:09|--a------|111445] J:\Plafond Reims 2.jpg
[22/11/2006 19:13|--a------|141293] J:\Salon piscine 1.jpg
[31/03/2007 19:11|--a------|1934073] J:\Salon piscine 2.jpg
[22/11/2006 19:05|--a------|132367] J:\Trompe l'oeil cadre.jpg
[22/11/2006 19:03|--a------|204287] J:\Trompe l'oeil toits.jpg
[08/11/2008 15:33|--a------|2824370] J:\trumeau jeu.JPG
[08/11/2008 15:34|--a------|2546084] J:\trumeau livre.JPG
[06/08/2007 14:53|--a------|2365766] J:\salon Montesson 1.jpg
[06/08/2007 14:53|--a------|2869241] J:\salon Montesson 2.jpg
[03/12/2006 18:44|--a------|592994] J:\zzzimg041.jpg
[31/03/2007 18:51|--a------|95865] J:\zzimg021.jpg
[31/03/2007 18:51|--a------|94866] J:\zzimg019.jpg
[22/11/2006 19:07|--a------|123555] J:\zzzimg029.jpg
[22/11/2006 19:09|--a------|188341] J:\zzzimg033.jpg
[22/11/2006 19:11|--a------|204364] J:\zzzimg035.jpg
[22/11/2006 19:12|--a------|90948] J:\zzzimg038.jpg
[22/11/2006 19:28|--a------|217178] J:\zzzimg040.jpg
[22/11/2006 19:07|--a------|70060] J:\dÇtail salon028.jpg
[22/11/2006 19:05|--a------|150815] J:\zzzimg025.jpg
[22/11/2006 19:05|--a------|132367] J:\zzzimg026.jpg
[31/05/2009 13:36|--a------|2498513] J:\P1010980.JPG
[31/05/2009 13:30|--a------|2307652] J:\matiäres984.JPG
[11/09/2009 12:54|--a------|235796] J:\plan427.jpg
[11/09/2009 13:18|--a------|231482] J:\zzimg437.jpg
[11/09/2009 13:19|--a------|246846] J:\zzimg438.jpg
[11/09/2009 13:06|--a------|121362] J:\croquis431.jpg
[11/09/2009 13:20|--a------|188862] J:\croquis439.jpg
[11/09/2009 13:17|--a------|301926] J:\pers436.jpg
[04/10/2009 21:33|--a------|365918] J:\zzimg472.jpg
[05/10/2009 13:20|--a------|51050] J:\zzimg473.jpg
[06/11/2009 14:34|--a------|672092] J:\ecran1.jpg
[06/11/2009 14:35|--a------|647116] J:\ecran2.jpg
[05/10/2009 13:35|--a------|68997] J:\zzimg474.jpg
[17/05/2009 21:33|--a------|43002] J:\zzimg296.jpg
[17/05/2009 21:30|--a------|55595] J:\zzimg291.jpg
[17/05/2009 21:45|--a------|120767] J:\zzimg298.jpg
[25/11/2009 08:28|--ah-----|4096] J:\._.Trashes
[19/11/2009 22:13|--a------|4045528] J:\mbam-setup.exe
[03/11/2009 19:51|--a------|812344] J:\HJTInstall.exe
[25/11/2009 08:34|--a------|15074] J:\hijackthis.log
[27/11/2009 09:00|--ah-----|15364] J:\.DS_Store
[13/11/2006 03:40|--a------|383836] J:\smitRem.exe
[13/09/2009 10:10|--a------|1872472] J:\SmitfraudFix.exe
[25/11/2009 13:35|--a------|1979] J:\rapport.txt
[21/03/2009 21:46|--a------|781909] J:\RSIT.exe
[25/11/2009 14:13|--a------|49419] J:\info.txt
[23/11/2009 16:34|--a------|20428800] J:\vlc-fr.exe
[20/09/2006 11:30|--a------|66984] J:\STOPzilla_Setup.exe
[10/11/2009 18:04|--a------|228109] J:\Navilog1.exe
[26/11/2009 08:04|--a------|1005] J:\mbam-log-2009-11-25 (19-24-08).txt
[23/11/2009 19:57|--a------|7392800] J:\SUPERAntiSpyware.exe
[26/11/2009 14:39|--a------|3955] J:\SUPERAntiSpyware Scan Log - 11-26-2009 - 14-38-09.log
[26/11/2009 14:40|--a------|190] J:\message erreur.txt
[26/11/2009 03:38|--a------|1285781] J:\UsbFix.exe
[27/11/2009 08:41|--a------|9394] J:\UsbFix.txt
[27/11/2009 08:36|--a------|1232] K:\EncFiltLog.menc
[16/11/2009 20:06|--ah-----|372736] K:\album.vol
[01/01/2009 20:39|--a------|296] K:\WMPInfo.xml
[25/11/2009 14:10|--ah-----|4096] K:\._.Trashes
[25/11/2009 14:11|--ah-----|12292] K:\.DS_Store
[06/01/2009 19:59|--a------|2119121] K:\TCPMP-0.72RC1-ARM-PPC-recomp-03.CAB
[01/11/2008 13:58|--a------|734281728] K:\bienvenue chez les ch'ti.avi
[12/01/2009 21:49|--a------|732831744] K:\Slumdog.Millionaire.DVDSCR.XviD-NoGrp.avi
[12/01/2009 19:38|--a------|733837312] K:\bald-fr.avi
[18/11/2006 21:06|--a------|733009920] K:\Borat.FRENCH.CAM.XViD-K-LuCiFeR.avi
[03/12/2006 17:19|--a------|735191040] K:\Bridget Jones 2, L'age De Raison Dvdrip Fr.avi
[21/11/2006 04:38|--a------|726681600] K:\The.Da.Vinci.Code.2006.FRENCH.DVDSCR.REPACK.1CD.XViD-SnowTigerS-iBO.avi
[04/08/2009 13:12|--a------|1362706432] K:\Terminator.Salvation.DVDSCR.XViD.avi
[04/08/2009 12:26|--a------|735379456] K:\X-Men Origins Wolverine (2009) DVDRip XviD-MAXSPEED www.torentz.3xforum.ro.avi
[30/08/2009 14:32|---hs----|29018] L:\.VolumeIcon.icns
[30/08/2009 14:32|---hs----|25214] L:\.VolumeIcon.ico
[30/08/2009 14:31|---------|126976] L:\LaCie.exe
[30/08/2009 14:31|---h-----|390] L:\LaCie.ini
[09/09/2009 21:49|--a------|930051054] L:\Le voyage aux PyrÇnÇes (vod_11964).wmv

################## | Vaccination |

# C:\autorun.inf -> Dossier crÈÈ par UsbFix.
# D:\autorun.inf -> Dossier crÈÈ par UsbFix.
# J:\autorun.inf -> Dossier crÈÈ par UsbFix.
# K:\autorun.inf -> Dossier crÈÈ par UsbFix.
# L:\autorun.inf -> Dossier crÈÈ par UsbFix.

################## | Suspect | https://www.virustotal.com/gui/ |


################## | Cracks / Keygens / Serials |

"C:\Program Files\Autodesk\3ds Max 9\max9keygen.exe"
11/10/2006 09:19 |Size 94208 |Crc32 caf70f9a |Md5 236e0270cee6f33ffdfaf2489341521c

"C:\Program Files\SourceTec\Sothink SWF Decompiler\crack.exe"
09/01/2005 21:34 |Size 24734 |Crc32 8de0c97b |Md5 00da85a6bd6c9ae598854d54ef8d68bd

"D:\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com\Adobe Photoshop CS2 (9.0) Fr\Setup.exe"
02/08/2004 23:34 |Size 159744 |Crc32 7d40e599 |Md5 a2c6003ddcd8d9b5a79f94660e607099

"D:\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com\Adobe Photoshop CS2 (9.0) Fr\Adobe Reader 7.0\AdbeRdr70_fra_full.exe"
05/01/2005 12:30 |Size 22606384 |Crc32 36b66db1 |Md5 264e2dc1bde41050502e3df98788c49f

"D:\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com\Adobe Photoshop CS2 (9.0) Fr\Adobe(R) Photoshop(R) CS2\instmsia.exe"
11/03/2002 07:45 |Size 1708856 |Crc32 3ccaccf9 |Md5 43f7305c2e5dd4a8f3c5abeb2ffe4833

"D:\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com\Adobe Photoshop CS2 (9.0) Fr\Adobe(R) Photoshop(R) CS2\instmsiw.exe"
11/03/2002 11:06 |Size 1822520 |Crc32 be716ace |Md5 61a5fb191ae2ae876db31dcce75e4183

"D:\Adobe.Photoshop.CS2.(v9.0).FR.Officielle.Incl-Crack.et.Keygen.par.eMule-Paradise.com\Adobe Photoshop CS2 (9.0) Fr\Adobe(R) Photoshop(R) CS2\setup.exe"
11/04/2005 12:01 |Size 225280 |Crc32 a0e407c4 |Md5 7d86228a6b7d377a6ff2de23c3e277e0

"D:\down\Sothink SWF Decompiler 5.1.516\sotswf\fullydown.net\Setup\Sothink SWF Decompiler 5.1.516\crack\SWFDecompiler.exe"
14/10/2009 15:01 |Size 7607296 |Crc32 93020655 |Md5 2d2186697ffe15cdca80028fce383ef5

"L:\backup fred\programme\internet\3dsmax.9\AF.Export.Channels.v3.21.for.3DS.Max.3.and.9\AF.Export.Channels.v3.21.for.3DS.Max.3.and.9\Crack\XF-AFVS-KG.exe"
06/04/2007 23:41 |Size 34261 |Crc32 345d4a20 |Md5 e15a04d7474525439c450022a8b9b307

"L:\backup fred\programme\internet\3dsmax.9\AF.Loft.v1.25D\AF.Loft.v1.25D.for.3DS.Max.3.and.9\keygen\XF-AFVS-KG.exe"
06/04/2007 23:41 |Size 34261 |Crc32 345d4a20 |Md5 e15a04d7474525439c450022a8b9b307

"L:\backup fred\programme\internet\3dsmax.9\AF.Material.Correct.v1.45\AF.Material.Correct.v1.45.for.3DS.Max.3.and.9\keygen\XF-AFVS-KG.exe"
06/04/2007 23:41 |Size 34261 |Crc32 345d4a20 |Md5 e15a04d7474525439c450022a8b9b307

"L:\backup fred\programme\internet\3dsmax.9\AF.Tile.v1.4\AF.Tile.v1.4.for.3DS.Max.3.and.9\Crack\XF-AFVS-KG.exe"
06/04/2007 23:41 |Size 34261 |Crc32 345d4a20 |Md5 e15a04d7474525439c450022a8b9b307

"L:\backup fred\programme\internet\3dsmax.9\Brazil RS 1.2.66 for Max9\Crackíí´É1\Brazilíí´É.EXE"
19/02/2004 09:26 |Size 693986 |Crc32 22b66027 |Md5 7f92212c891a884123c4e4c3f9fe2eec

"L:\backup fred\programme\internet\3dsmax.9\Brazil RS 1.2.66 for Max9\Crackíí´É2\sfmgr\sfmgr.exe"
11/02/2004 11:51 |Size 171008 |Crc32 e74e3535 |Md5 f671d90df80ca914d9358ac09cc5afe6

"L:\backup fred\programme\internet\3dsmax.9\DS_2.5c_max9_32Bit\Keygen\turbosquidkg.exe"
09/12/2003 18:30 |Size 53248 |Crc32 22b5a8d1 |Md5 931c01ae8f749c1ddcafbe0d01a79bc8

"L:\backup fred\programme\internet\3dsmax.9\ill54 ®˘÷˘Ñô‘Ûíˆ\Crack\XF-Illustrate-KG.exe"
23/03/2007 18:37 |Size 25669 |Crc32 5bc6bcb4 |Md5 0e724d5a8c55cba4b065a47112bc85a2

"L:\backup fred\programme\internet\3dsmax.9\PBoost_v3\Crack íí´ÉÙÓØ\íí´ÉÙÓØ.exe"
06/04/2007 12:46 |Size 1643197 |Crc32 d3f0dac0 |Md5 d1ea53fc2a334d566f86ec59722dc6c8

"L:\backup fred\programme\internet\3dsmax.9\pb_v30_c\crackíí´É“‡íÊ\CheatEngine43.exe"
17/05/2004 20:50 |Size 2857623 |Crc32 fd641c0d |Md5 3a09da34be8ac872cd6ff3f898fb0f67

"L:\backup fred\programme\internet\3dsmax.9\VRay15RC3max9_32bit\www.51render.com\Crack\Keymaker.exe"
25/06/2005 20:23 |Size 49152 |Crc32 01088e95 |Md5 f9c97851b65dc708139911cba56e27a0

"L:\backup fred\programme\internet\Pc_cloneur_Expert_v8.0.937_Keygen_Only_FRENCH-BS\Pc_cloneur_Expert_v8.0.937_Keygen_Only_FRENCH-BS\pcloneur\BS-pcclone.exe"
11/12/2005 11:47 |Size 138752 |Crc32 b2eeabc4 |Md5 13ce839f94c208c0d65a1e4297b238c4

"L:\backup fred\programme\Pixologic ZBRUSH 2.0 sur t (Ibm-17)\CRACK\PDXKG.exe"
02/04/2004 14:11 |Size 81408 |Crc32 4d16fe89 |Md5 eb2aad9a4fb0b5a96f4477b0806b6e12

"L:\backup fred\programme\swfdec\sothink-1.swf.decompiler.mx.2005.build.41221.crack-rev\sothink.swf.decompiler.mx.2005.build.41221.crack-rev\crack.exe"
09/01/2005 21:34 |Size 24734 |Crc32 8de0c97b |Md5 00da85a6bd6c9ae598854d54ef8d68bd

"C:\Program Files\Autodesk\3dsmax9-keygen.zip"
Contain : max9keygen.exe

"G:\Crack\3dsmax9-keygen.zip"
Contain : max9keygen.exe

"L:\backup fred\programme\internet\Pc_cloneur_Expert_v8.0.937_Keygen_Only_FRENCH-BS.ZIP"
Contain : Pc_cloneur_Expert_v8.0.937_Keygen_Only_FRENCH-BS\pcloneur\BS-pcclone.exe

"L:\backup fred\programme\swfdec\sothink-1.swf.decompiler.mx.2005.build.41221.crack-rev\sothink.swf.decompiler.mx.2005.build.41221.crack-rev.zip"
Contain : crack.exe 24734 DFLT-X 7% 23098 09-01-2005 21:34:56 8de0c97b


################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\moi\Bureau\UsbFix_Upload_Me_FJ.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.057 ! |

http://www.cijoint.fr/cjlink.php?file=cj200911/cijGs6SJPA.txt

ok merci



Logfile of random's system information tool 1.06 (written by random/random)
Run by moi at 2009-11-27 12:03:35
Microsoft Windows XP …dition familiale Service Pack 3
System drive C: has 3 GB (9%) free of 29 GB
Total RAM: 1014 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:03:55, on 27/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
C:\Program Files\Freenet\bin\wrapper-windows-x86-32.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\java.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\moi\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\moi.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.net.sy:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\Stopzilla!\Toolbar\SZSG.dll
O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\Stopzilla!\Toolbar\SZSG.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE R…SEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: CrÈer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O15 - Trusted Zone: http://www.camiondesmots.com
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - https://www.3ds.com/products-services/3dvia/
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://tiragesphoto.fnac.com/
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Bonjour,
je les supprime manuellement ?

par ailleurs j'ai perdu mes droits administrateur (win XP)
et pourtant je suis toujours en administrateur !!
aurais tu une solution ?

merci

j'ai supprimé tous les cracks ... et vidé la poubelle
sauf les deux fichiers que "etat de grace" a trouvé
parcequ'ils sont sur un disque virtuel

en compte utilisateur il y a :
le mien
un autre qui est un compte limité
je viens de creer un compte admin pour faire des tests
et un compte invité qui est desactivé (je ne me rappelle pas l'avoir crée !)

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\cleannavi.txt: trouvÈ !
C:\UsbFix.txt: trouvÈ !
C:\UsbFix: trouvÈ !
C:\Rsit: trouvÈ !
C:\Documents and Settings\All Users\Menu DÈmarrer\Programmes\HijackThis: trouvÈ !
C:\Documents and Settings\All Users\Menu DÈmarrer\Programmes\HijackThis\HijackThis.lnk: trouvÈ !
C:\Documents and Settings\moi\Bureau\HijackThis.lnk: trouvÈ !
C:\Documents and Settings\moi\Bureau\Navilog1.exe: trouvÈ !
C:\Documents and Settings\moi\Bureau\SmitFraudFix.exe: trouvÈ !
C:\Documents and Settings\moi\Bureau\UsbFix.exe: trouvÈ !
C:\Documents and Settings\moi\Bureau\Rsit.exe: trouvÈ !
C:\Documents and Settings\moi\Bureau\SmitFraudfix: trouvÈ !
C:\Program Files\Navilog1: trouvÈ !
C:\Program Files\Navilog1\Navilog1.bat: trouvÈ !
C:\Program Files\Trend Micro\HijackThis: trouvÈ !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvÈ !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvÈ !

---------------------------------
--> Suppression:

C:\Documents and Settings\All Users\Menu DÈmarrer\Programmes\HijackThis\HijackThis.lnk: supprimÈ !
C:\Documents and Settings\moi\Bureau\HijackThis.lnk: supprimÈ !
C:\Documents and Settings\moi\Bureau\Navilog1.exe: supprimÈ !
C:\Documents and Settings\moi\Bureau\SmitFraudFix.exe: supprimÈ !
C:\Program Files\Navilog1\Navilog1.bat: supprimÈ !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimÈ !
C:\cleannavi.txt: supprimÈ !
C:\UsbFix.txt: supprimÈ !
C:\Documents and Settings\moi\Bureau\UsbFix.exe: supprimÈ !
C:\Documents and Settings\moi\Bureau\Rsit.exe: supprimÈ !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimÈ !
C:\UsbFix: ERREUR DE SUPPRESSION !!
C:\Rsit: supprimÈ !
C:\Documents and Settings\All Users\Menu DÈmarrer\Programmes\HijackThis: supprimÈ !
C:\Documents and Settings\moi\Bureau\SmitFraudfix: supprimÈ !
C:\Program Files\Navilog1: supprimÈ !
C:\Program Files\Trend Micro\HijackThis: supprimÈ !

j'ai réussi à démarrer en mode sans echec avec le nouveau compte admin que je viens de créer
je fais tourner SUPERAntispy... pour etre sur qu'il n'y a plus rien ?

bon je crois que tout est bon
il n'a rien trouvé :)

je te remercie grandement pour ton aide
à bientot