Ordinateur infecté ?

Bonjour, me revoila parmi vous =)

J'explique: ma mère à son PC depuis 3 ans... Il a été "fait" par un "ami" (je n'avais pas à ce moment là aucune connaissance en informatique) qui avait installé des logiciels de tout type, et en plus la plupart étaient craqués..... même l'antivirus.
Donc, ce week-end on a pris la décision de "nettoyer" son ordinateur et le mettre à jour: ainsi on a supprimé les programmes/logiciels qui ne servaient à RIEN et remplacé l'antivirus et l'firewalla... aujourd'hui l'ordinateur semble aller mieux..... Cependant, je crains qu'il soit "infecté".

En fin, j'ai installé:
- Antivir (antivirus)
- PC Tools Firewall Plus
- AVG Anti-Spyware
- Sunbelt Personal Firewall
- Spybot - Search & Destroy
- CCleaner
- HiJackThis

Après avoir lancé (fait fonctionner) ces différents logiciels de sécurité j'ai fait un nettoyage avec CCleaner et un rapport avec HiJackThis.

Voila les rapport d' AntiVir, AVG et HiJackThis:

-----------------------------------------------------------------------------------------------------------------------------------------------------------------

AntiVir PersonalEdition Classic
Report file date: mardi 13 novembre 2007 10:13

Scanning for 835736 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: GROSPC

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 14:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 14:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 17:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 13 novembre 2007 10:13

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'agentsvr.exe' - '1' Module(s) have been scanned
Scan process 'WINWORD.EXE' - '1' Module(s) have been scanned
Scan process 'skypePM.exe' - '1' Module(s) have been scanned
Scan process 'ImApp.exe' - '1' Module(s) have been scanned
Scan process 'PopFilter.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'Skype.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgas.exe' - '1' Module(s) have been scanned
Scan process 'FirewallGUI.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'dragdiag.exe' - '1' Module(s) have been scanned
Scan process 'VProperty.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'hpcmpmgr.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '0' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'netdde.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'FWService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
41 processes with 41 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '47' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583662.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583663.sys
[DETECTION] Is the Trojan horse TR/Spy.Qukart.S.1
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583676.exe
[DETECTION] Is the Trojan horse TR/Crypt.l.5.1
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583681.exe
[DETECTION] Is the Trojan horse TR/Click.Small.HP.1
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583682.exe
[DETECTION] Is the Trojan horse TR/Click.Small.HP.1
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583686.exe
[DETECTION] Is the Trojan horse TR/Clicker.Small.HW
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583691.exe
[DETECTION] Contains detection pattern of the worm WORM/Padobot.Z.1
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583692.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583695.exe
[DETECTION] Is the Trojan horse TR/Spy.Vagon.A.1
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583696.dll
[DETECTION] Is the Trojan horse TR/Drop.Druser.H.1
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583697.exe
[DETECTION] Is the Trojan horse TR/Drop.Agent.TA.2
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583698.exe
[DETECTION] Is the Trojan horse TR/Crypt.L.gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583699.exe
[DETECTION] Is the Trojan horse TR/Clicker.Small.HW
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583700.exe
[DETECTION] Is the Trojan horse TR/Spy.Vagon.A.1
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583701.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583702.exe
[DETECTION] Is the Trojan horse TR/Small.bok.1.B
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583704.exe
[DETECTION] Is the Trojan horse TR/Dldr.Sma.agq.3.A
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583705.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583706.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
[INFO] The file was deleted!
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583707.exe
[DETECTION] Is the Trojan horse TR/Small.bok.1.B
[INFO] The file was deleted!
Begin scan in 'D:\' <DONNEES>
D:\Pinnacle\crack - Hollywood FX Pro v4.6.7.34 .KG.exe
[0] Archive type: RAR SFX (self extracting)
--> keygen.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was deleted!
D:\Power Translator 7\Pw7.ace
[0] Archive type: ACE
--> Iris\DRIVERS\HP\WINNT\C2522\DISK1
[WARNING] Error creating the file
--> Iris\READIRIS\LAYOUT.BIN
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
D:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583710.dll
[DETECTION] Is the Trojan horse TR/Drop.Small.aad.3
[INFO] The file was deleted!
D:\System Volume Information\_restore{86A8FEE8-539B-4FE5-B3D9-1D95D4D5795F}\RP75\A0022396.exe
[0] Archive type: RAR SFX (self extracting)
--> keygen.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was deleted!
D:\WIN RAR 3.0\CRACK\WinRar_3-0_All.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.bws.21
[INFO] The file was deleted!


End of the scan: mardi 13 novembre 2007 12:17
Used time: 2:04:19 min

The scan has been done completely.

4604 Scanning directories
220507 Files were scanned
22 viruses and/or unwanted programs were found
2 Files were classified as suspicious:
24 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
220485 Files not concerned
2067 Archives were scanned
7 Warnings
6 Notes

-----------------------------------------------------------------------------------------------------------------------------------------------------------------

AVG Anti-Spyware - Rapport d'analyse


+ Créé à: 15:18:07 13/11/2007

+ Résultat de l'analyse:


HKU\S-1-5-21-515967899-507921405-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{79A576C4-B7A9-47EC-B57C-2CE5CA6ECC6A} -> Adware.Virtumonde : Ignoré.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Rar$EX00.125\mpafv11413g crack.exe -> Logger.Banker.zn : Ignoré.
D:\UTIL\Popup Ad Filter\mpafv11413g crack.exe -> Logger.Banker.zn : Ignoré.
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583664.exe -> Not-A-Virus.Downloader.Win32.ImLoader.b : Ignoré.
C:\System Volume Information\_restore{23CD0AD8-467F-4465-B62D-3309BB5EDFD4}\RP674\A0583673.exe -> Not-A-Virus.Downloader.Win32.ImLoader.b : Ignoré.
:mozilla.24:C:\Documents and Settings\PARENTS\Application Data\Mozilla\Firefox\Profiles\83y7gfwa.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
C:\Documents and Settings\ENFANTS\Cookies\enfants@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Ignoré.
C:\Documents and Settings\ENFANTS\Cookies\enfants@search.msn[2].txt -> TrackingCookie.Msn : Ignoré.

Fin du rapport

-----------------------------------------------------------------------------------------------------------------------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 15:24:57, on 13/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
D:\util\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Philips ToUcam Camera\VProperty.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\UTIL\HP\Digital Imaging\bin\hpqtra08.exe
D:\UTIL\Popup Ad Filter\PopFilter.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\UTIL\Microsoft Office XP\Office10\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Documents and Settings\PARENTS\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://porloschicos.com/PorLosChicos.NET/PorLosChicos.aspx?comando=donar
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ar.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*https://ar.search.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ar.rd.yahoo.com/customize/ie/defaults/su/msgr7/*https://ar.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Systran40perso.IEPlugIn - {D3919E86-D6A5-11D6-AC3E-00B0D094B576} - d:\util\Systran Espagnol\4_0\Personal\IEPlugIn.dll
O3 - Toolbar: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HTML32 Help System] hhs32.pif
O4 - HKLM\..\Run: [HP Software Update] "D:\util\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe
O4 - HKLM\..\Run: [AgenteADSL_15] C:\Program Files\Telefonica\KitAIM\AimExDll.exe AimGestA.dll 7
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [cploader.exe] C:\WINDOWS\system32\cploader.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [HTML32 Help System] hhs32.pif
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunServices: [HTML32 Help System] hhs32.pif
O4 - Startup: Raccourci vers PopFilter.lnk = D:\UTIL\Popup Ad Filter\PopFilter.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\UTIL\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\UTIL\Microsoft Office XP\PUBLISHER\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\UTIL\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by18fd.bay18.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} - http://installs.hotbar.com/installs/hbtools/programs/hbtools.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} (AeatCtl Class) - https://www4.aeat.es/es13/h/cactivex.cab
O16 - DPF: {C68F9105-04FD-4B48-B6CC-2A076F711C35} (HpodPCFileCtrl2 Class) - file://E:\MEMDISC\ALBUM_A\VIEW\PLUGIN\HPODPCFC.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{1872FCF6-BDBC-4F97-8674-BA5A205B24D1}: NameServer = 195.238.2.22 195.238.2.21
O17 - HKLM\System\CCS\Services\Tcpip\..\{ABF86724-30B9-417E-AD09-4D7F7BDD0916}: NameServer = 85.255.113.132,85.255.112.21
O17 - HKLM\System\CCS\Services\Tcpip\..\{E205EBDB-07DE-40D7-9D39-5C293A0F9B35}: NameServer = 85.255.113.132,85.255.112.21
O17 - HKLM\System\CS1\Services\Tcpip\..\{1872FCF6-BDBC-4F97-8674-BA5A205B24D1}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: mljjh - mljjh.dll (file missing)
O20 - Winlogon Notify: vtsqp - C:\WINDOWS\System32\vtsqp.dll (file missing)
O21 - SSODL: Adobe Photoshop 7.0 - {682F7404-FD33-C7E3-BD49-B1DF23A5E366} - (no file)
O21 - SSODL: System - {F55467F6-9B6A-4A39-9064-F15E5258B716} - ssmc.dll (file missing)
O21 - SSODL: JIBDJDJC - {6F720EFD-19DC-27EC-7023-04F2701A1C14} - (no file)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

-----------------------------------------------------------------------------------------------------------------------------------------------------------------

Ben, qu'est-ce que vous pouvez me dire sur ces rapports? Il y a quelque chose à faire? Nettoyer? Supprimer?

Merci d'avance

PhotoMartin


PS: j'ai installé aussi Mozilla Firefox et lui ai dit de l'utiliser à la place de IE.