Virus ou pas Résolu

Question

Bonjour,
Suite à la visite de votre site et aux conseils de désinfection je vous signale avoir appliqué la procédure CCleaner puis l'AVG anti spyware dont je colle ci-après le rapport :

-----------
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

 + Créé à:	21:39:21 26/07/2008

 + Résultat de l'analyse:	



C:\System Volume Information\_restore{4BE0C30C-E663-43CA-B279-5E91062D536D}\RP85\A0050369.exe -> Adware.Gator : Ignoré.
E:\System Volume Information\_restore{4BE0C30C-E663-43CA-B279-5E91062D536D}\RP91\A0065016.exe -> Backdoor.Agent.duj : Ignoré.
E:\System Volume Information\_restore{4BE0C30C-E663-43CA-B279-5E91062D536D}\RP91\A0065015.exe -> Not-A-Virus.Downloader.Win32.ImLoader.e : Ignoré.
:mozilla.93:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.93:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.94:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.94:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.95:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.95:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.285:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.285:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.286:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.286:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.287:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.287:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.288:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.288:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.289:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.289:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.290:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.290:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.291:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.291:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.292:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.292:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.293:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.293:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.294:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.294:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.295:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.295:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.530:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.530:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.624:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.624:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.803:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.803:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.804:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.804:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.805:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.805:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.474:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Adjuggler : Ignoré.
:mozilla.474:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Adjuggler : Ignoré.
:mozilla.475:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Adjuggler : Ignoré.
:mozilla.475:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Adjuggler : Ignoré.
:mozilla.10:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\7rrxb0wk.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.409:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.409:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.11:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\7rrxb0wk.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.891:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.891:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.892:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.892:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.893:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.893:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.894:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.894:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.895:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.895:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.916:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
:mozilla.916:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
:mozilla.12:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\7rrxb0wk.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
:mozilla.798:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Clickhype : Ignoré.
:mozilla.798:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Clickhype : Ignoré.
:mozilla.187:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.187:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.189:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.189:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.190:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.190:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.823:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Dealtime : Ignoré.
:mozilla.823:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Dealtime : Ignoré.
:mozilla.164:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Estat : Ignoré.
:mozilla.164:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Estat : Ignoré.
:mozilla.445:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Euroclick : Ignoré.
:mozilla.445:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Euroclick : Ignoré.
:mozilla.446:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Euroclick : Ignoré.
:mozilla.446:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Euroclick : Ignoré.
:mozilla.447:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Euroclick : Ignoré.
:mozilla.447:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Euroclick : Ignoré.
:mozilla.448:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Euroclick : Ignoré.
:mozilla.448:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Euroclick : Ignoré.
:mozilla.449:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Euroclick : Ignoré.
:mozilla.449:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Euroclick : Ignoré.
:mozilla.331:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.331:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.668:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.668:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.712:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.712:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.854:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.854:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.341:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Imrworldwide : Ignoré.
:mozilla.341:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Imrworldwide : Ignoré.
:mozilla.342:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Imrworldwide : Ignoré.
:mozilla.342:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Imrworldwide : Ignoré.
:mozilla.605:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Liveperson : Ignoré.
:mozilla.605:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Liveperson : Ignoré.
:mozilla.616:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Planetactive : Ignoré.
:mozilla.616:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Planetactive : Ignoré.
:mozilla.130:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Revsci : Ignoré.
:mozilla.130:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Revsci : Ignoré.
:mozilla.131:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Revsci : Ignoré.
:mozilla.131:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Revsci : Ignoré.
:mozilla.136:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Revsci : Ignoré.
:mozilla.136:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Revsci : Ignoré.
:mozilla.137:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Revsci : Ignoré.
:mozilla.137:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Revsci : Ignoré.
:mozilla.562:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.562:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.563:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.563:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.564:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.564:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.565:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.565:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.566:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.566:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.567:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.567:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.568:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.568:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.547:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.547:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.548:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.548:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.15:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\7rrxb0wk.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.160:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.160:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.161:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.161:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.162:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.162:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.163:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.163:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.16:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\7rrxb0wk.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.17:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\7rrxb0wk.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.18:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\7rrxb0wk.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.852:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.852:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.853:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.853:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Skype : Ignoré.
:mozilla.102:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.102:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.103:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.103:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.105:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.105:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.99:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.99:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.8:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\7rrxb0wk.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.9:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\7rrxb0wk.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.560:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignoré.
:mozilla.560:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignoré.
:mozilla.274:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.274:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.275:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.275:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.502:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.502:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.503:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.503:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.504:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.504:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.505:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.505:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.535:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.535:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.536:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.536:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.537:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.537:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.538:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.538:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.539:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.539:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.540:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.540:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.541:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.541:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.57:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.57:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.58:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.58:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.595:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.595:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.596:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.596:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.597:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.597:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.598:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.598:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.59:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.59:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.694:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.694:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.695:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.695:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.696:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.696:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.697:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.697:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.698:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.698:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.699:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.699:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.700:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.700:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.701:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.701:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.855:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.855:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.856:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.856:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.857:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.857:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.858:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.858:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.933:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.933:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.934:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.934:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.935:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.935:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.936:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.936:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.403:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Webtrends : Ignoré.
:mozilla.403:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Webtrends : Ignoré.
:mozilla.801:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Yadro : Ignoré.
:mozilla.801:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Yadro : Ignoré.
:mozilla.802:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\cookies.txt -> TrackingCookie.Yadro : Ignoré.
:mozilla.802:H:\RECUP_AMD\Application Data\Mozilla\Firefox\Profiles	04mwrvx.default\cookies.txt -> TrackingCookie.Yadro : Ignoré.
I:\System Volume Information\_restore{53C85A7C-39E3-497C-AAAD-803CCDC8B56C}\RP48\A0014844.exe/aupdate.exe -> Trojan.Monder : Ignoré.


Fin du rapport


----------
Merci de votre aide
Noël

ep44 · Answer

Bonsoir 

ton rapport nous montre des TrackingCookie.
il faut appliquer les actions de suppression 

ensuite si tu veux que l'on pousse la recherche 

1/ Télécharge sur le Bureau HijackThis  

http://download.hijackthis.eu/HJTInstall.exe

* Double-clique sur dessus pour l'installer 

* Laisse le s'installer par défaut 
C:\Program Files\Trend Micro\HijackThis 

* accepte la licence 

* Ferme Hijackthis en cliquant sur la croix-rouge. 

 
2/ Télécharge sur ton Bureau DSS (ex Comboscan) de Deckard:

(choisis enregistrer, puis Bureau comme emplacement)

http://deckard.geekstogo.com/dss.exe

* Ferme toutes les applications en cours.

* Double-clic sur comboscan.exe pour lancer l'outil.

* Une fenêtre s'ouvre, invitant à fermer toutes les applications, clique sur OK.

* A la fin de l'analyse, une fenêtre s'ouvre, clique sur OK.

Le rapport Comboscan.txt va s'afficher, copie le dans ta prochaine réponse.
Si un rapport complémentaire a été créé, poste le aussi dans ta réponse.

@+

ndubau · Answer

"ton rapport nous montre des TrackingCookie.
il faut appliquer les actions de suppression "
Je ne vois pas dans AVG comment appliquer ces actions ; merci de me l'indiquer.
Noël

ep44 · Answer

tu dois avoir action recommander ensuite tu choisis supprimer 

fait le reste nous verrons par la suite

ndubau · Answer

Bonsoir,
J'avais trouvé entre temps ! Voici le rapport généré par DSS

Deckard's System Scanner v20071014.68
Run by Dubau on 2008-07-26 22:25:52
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
31: 2008-07-26 20:26:15 UTC - RP108 - Deckard's System Scanner Restore Point
30: 2008-07-25 15:40:02 UTC - RP107 - Opération de restauration
29: 2008-07-24 17:48:22 UTC - RP106 - Point de vérification système
28: 2008-07-23 15:00:07 UTC - RP105 - Opération de restauration
27: 2008-07-22 10:41:51 UTC - RP104 - Point de vérification système


-- First Restore Point -- 
1: 2008-06-30 09:11:33 UTC - RP78 - Installed NDAS Software 3.20.1527


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Dubau.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:27:39, on 26/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
C:\Program Files\Fichiers communs\Mediafour\MACVNTFY.EXE
C:\WINDOWS\vsnpstd2.exe
D:\Unlocker\UnlockerAssistant.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\hphmon03.exe
C:\WINDOWS\system32\hphmon04.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\NDAS\System
dassvc.exe
C:\Program Files\e-Carte Bleue Société Générale\ecbl-sg.exe
C:\Program Files\NDAS\System
dasmgmt.exe
D:\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\HPHipm11.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\Dubau\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Dubau.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - d:\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Pluginseg\VeohToolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MediafourGettingStartedWithMacDrive6] "C:\Program Files\Mediafour\MacDrive\MacDrive.exe" /runonce
O4 - HKLM\..\Run: [MDDiskProtect.exe] C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Fichiers communs\Mediafour\MACVNTFY.EXE" /auto
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "D:\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] d:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: e-Carte Bleue Société Générale.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = D:\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NDAS Device Management.lnk = C:\Program Files\NDAS\System
dasmgmt.exe
O4 - Global Startup: WinZip Quick Pick.lnk = D:\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - d:\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - d:\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{548DD908-A421-440A-B81A-334B1AB42192}: NameServer = 212.27.32.5
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NDAS Service (ndassvc) - XIMETA, Inc. - C:\Program Files\NDAS\System
dassvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcappcapd.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

ep44 · Answer

Connais tu ceci 

C:\ppwork   

si non fait le vèrifier ici

as tu des soucis particulier avec ton PC ?

ndubau · Answer

Bonsoir,
ppwork est le répertoire de travail de je ne sais quel utilitaire de tt video.

Le souci est venu ce soir alors que mon ordi s'est mis à rebooter sans cesse sans même atteindre l'écran Windows. Pas moyen non plus d'atteindre le mode sans échec. Je n'ai pu redémarrer correctemement que depuis le cd XP auquel j'ai demandé une réparation.
Mais dans ma quête de solution sur ce symptôme j'étais arrivé sur http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr ce qui m'a conduit à poster !
A+

ep44 · Answer

Et bien par forcément du as un souci d'infection 

le rapport que tu ma posté ne donne aucune trace d'infection 
on peut pousser la recherche si tu veux 

Télécharge DiagHelp.zip sur ton bureau http://www.malekal.com/download/DiagHelp.zip
==> Ne double-clic pas dessus !! Fais un clic droit sur le fichier et extraire tout
==> Un nouveau dossier chercher va être créé DiagHelp
==> Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
==> Une fenêtre va s'ouvrir, choisis l'option 1
==> L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande
==> Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
==> Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
==> A nouveau menu Edition / copier
==> Dans un nouveau message ici, faire un clic droit / coller
@+

ndubau · Answer

"le rapport que tu ma posté ne donne aucune trace d'infection
on peut pousser la recherche si tu veux "

Ah, ah ! Là je sens qu'il va y en avoir : Avast me bloque dans cette acquisition car Diaghelp.zip semble infecté par Win32:Trojan-gen {Other}
Tu comprends que je devienne prudent !
Noël

ep44 · Answer

Pas de soucis 

fausse alerte de avast 

continu la manip stp 

Diaghelp est un outils pour faire in listing de ton PC ;)
si avast dérange déconecte toi et désactive avast le temps de faire l'analyse

ndubau · Answer

Bonsoir 
Je n'ai pas eu de rapport à l'issue sinon une archive qui a été transmise via un formulaire...
Bizarre ! Je reprendrai demain le fil !
Bonne nuit !
Noël

ndubau · Answer

Honte à moi de n'avoir pas patienté ! Voici le log !

DiagHelp version v1.4 - http://www.malekal.com
excute le 26/07/2008 à 23:18:06,40

Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\VERCLSID.EXE-3B227142.pf -->26/07/2008 23:17:23
C:\WINDOWS\prefetch\CMD.EXE-137A0D53.pf -->26/07/2008 23:16:03
C:\WINDOWS\prefetch\WINWORD.EXE-24B3FA2E.pf -->26/07/2008 22:55:21
C:\WINDOWS\prefetch\THUNDERBIRD.EXE-09CB352D.pf -->26/07/2008 22:49:12
C:\WINDOWS\prefetch\FILEMAKER PRO ADVANCED.EXE-252BC65E.pf -->26/07/2008 22:34:12
C:\WINDOWS\prefetch\FIREFOX.EXE-018A3DCE.pf -->26/07/2008 22:30:19
C:\WINDOWS\prefetch\FIND.EXE-0F127430.pf -->26/07/2008 22:28:25
C:\WINDOWS\prefetch\CSCRIPT.EXE-1CE24927.pf -->26/07/2008 22:28:15
C:\WINDOWS\prefetch\SED.EXE-396D0974.pf -->26/07/2008 22:28:10
C:\WINDOWS\prefetch\FINDSTR.EXE-0BE9F630.pf -->26/07/2008 22:28:06

C:\WINDOWS\System32\drivers\adidsl.cfg -->12/06/2008 17:37:43
C:\WINDOWS\System32\drivers\aswSP.sys -->16/05/2008 01:20:32
C:\WINDOWS\System32\drivers\aswmon2.sys -->16/05/2008 01:18:33
C:\WINDOWS\System32\drivers\aswFsBlk.sys -->16/05/2008 01:16:06
C:\WINDOWS\System32\drivers\aswRdr.sys -->16/05/2008 01:15:29
C:\WINDOWS\System32\drivers\aswTdi.sys -->16/05/2008 01:14:11
C:\WINDOWS\System32\drivers\aavmker4.sys -->16/05/2008 01:13:26

C:\WINDOWS\System32\nvapps.xml -->26/07/2008 19:38:36
C:\WINDOWS\System32\wpa.dbl -->26/07/2008 15:52:16
C:\WINDOWS\System32\jupdate-1.6.0_07-b06.log -->20/07/2008 16:08:44
C:\WINDOWS\System32\FNTCACHE.DAT -->15/07/2008 20:13:06
C:\WINDOWS\System32\uxtheme.dll -->12/07/2008 14:04:38
C:\WINDOWS\System32\divxg400.htm -->05/07/2008 17:02:24
C:\WINDOWS\System32\DivXG400.ax -->05/07/2008 17:02:24
C:\WINDOWS\System32\DivXAF.ax -->05/07/2008 17:02:04
C:\WINDOWS\System32\perfh00C.dat -->30/06/2008 11:13:42
C:\WINDOWS\System32\perfh009.dat -->30/06/2008 11:13:42
C:\WINDOWS\System32\perfc00C.dat -->30/06/2008 11:13:42
C:\WINDOWS\System32\perfc009.dat -->30/06/2008 11:13:42
C:\WINDOWS\System32\PerfStringBackup.INI -->30/06/2008 11:13:40
C:\WINDOWS\System32\jupdate-1.6.0_04-b12.log -->25/06/2008 13:55:06
C:\WINDOWS\System32\omginstlog.txt -->21/06/2008 21:47:15
C:\WINDOWS\System32\ezsidmv.dat -->20/06/2008 12:14:59
C:\WINDOWS\System32\CONFIG.NT -->16/06/2008 14:48:16
C:\WINDOWS\System32\javaws.exe -->10/06/2008 02:32:34
C:\WINDOWS\System32\javacpl.cpl -->10/06/2008 02:32:34
C:\WINDOWS\System32\javaw.exe -->10/06/2008 01:21:04
C:\WINDOWS\System32\java.exe -->10/06/2008 01:21:01
C:\WINDOWS\System32\TZLog.log -->07/06/2008 15:49:19
C:\WINDOWS\System32\spupdwxp.log -->07/06/2008 15:22:33
C:\WINDOWS\System32\brsvc01a.bsi -->06/06/2008 22:06:36
C:\WINDOWS\System32\brss01a.ini -->06/06/2008 22:06:36

C:\WINDOWS\WindowsUpdate.log -->26/07/2008 19:39:24
C:\WINDOWS\wiadebug.log -->26/07/2008 19:39:13
C:\WINDOWS\wiaservc.log -->26/07/2008 19:39:03
C:\WINDOWS\bootstat.dat -->26/07/2008 19:38:10
C:\WINDOWS\SchedLgU.Txt -->26/07/2008 17:16:17
C:\WINDOWS\hpfsched.ini -->26/07/2008 07:52:26
C:\WINDOWS\NeroDigital.ini -->17/07/2008 08:54:36
C:\WINDOWS\BricoPackUninst.txt -->12/07/2008 14:04:39
C:\WINDOWS\BricoPackUninst.cmd -->12/07/2008 14:04:39
C:\WINDOWS\BricoPackFoldersDelete.cmd -->12/07/2008 14:04:39
C:\WINDOWS\BricoPack Wallpaper.bmp -->12/07/2008 13:50:32
C:\WINDOWS\win.ini -->10/07/2008 14:44:01
C:\WINDOWS\IPUI_DivXG400.exe -->05/07/2008 17:02:25
C:\WINDOWS\WMSysPr9.prx -->05/07/2008 11:53:30
C:\WINDOWS\BRWMARK.INI -->05/07/2008 09:10:18

winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
explorer.exe pid: 1792
Command line: C:\WINDOWS\Explorer.EXE

Base Size Version Path
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll
0x44080000 0xd0000 7.00.6000.16640 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16640 C:\WINDOWS\system32\iertutil.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll
0x10000000 0x23000 2.00.0000.0000 C:\Program Files\Fichiers communs\Mediafour\MACVICON.DLL
0x4c5a0000 0x18000 9.00.0000.4503 C:\PROGRA~1\WINDOW~2\wmpband.dll
0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL
0x44360000 0x5cd000 7.00.6000.16640 C:\WINDOWS\system32\ieframe.dll
0x44160000 0x127000 7.00.6000.16640 C:\WINDOWS\system32\urlmon.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x442b0000 0x3c000 7.00.6000.16640 C:\WINDOWS\system32\webcheck.dll
0x00c90000 0x6000 d:\Unlocker\UnlockerCOM.dll
0x01d50000 0x1b000 6.00.0000.0000 C:\Program Files\Fichiers communs\Mediafour\MACFRESV.DLL
0x02180000 0x16000 6.00.0002.0000 C:\WINDOWS\system32\MACDRAPI.DLL
0x021f0000 0x14000 6.00.0000.0000 C:\Program Files\Fichiers communs\Mediafour\1033\MACFRESV.DL_
0x02220000 0x1f000 6.00.0002.0000 C:\Program Files\Fichiers communs\Mediafour\MACFARCH.DLL
0x00bd0000 0x15000 5.00.0000.0005 C:\Program Files\Fichiers communs\Mediafour\1033\MACFARCH.DL_
0x16200000 0x6000 4.01.0000.0000 D:\WINZIP\WZSHLSTB.DLL
0x02310000 0x4000 D:\Unlocker\UnlockerHook.dll
0x64f00000 0x12000 4.08.1201.0000 C:\Program Files\Alwil Software\Avast4\ashShell.dll
0x02920000 0x50000 1.00.0000.0847 D:\ABBYY PDF Transformer 1.0\PDFShellExtension.dll
0x4eb80000 0x1a6000 5.01.3102.5512 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\gdiplus.dll
0x02cb0000 0x185000 1.05.0000.0011 d:\SPYBOT~1\SDHelper.dll
0x43ff0000 0xa000 7.00.6000.16640 C:\WINDOWS\system32\jsproxy.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x015e0000 0x1b000 6.00.0002.0000 C:\Program Files\Fichiers communs\Mediafour\MACFPROP.DLL
0x025a0000 0x14000 5.00.0000.0007 C:\Program Files\Fichiers communs\Mediafour\1033\MACFPROP.DL_
0x61310000 0x54000 2.00.0500.0000 D:\OpenOffice.org 2.4\program\shlxthdl.dll
0x7c340000 0x56000 7.10.3052.0004 D:\OpenOffice.org 2.4\program\MSVCR71.dll
0x60e20000 0x8e000 4.05.2003.0120 D:\OpenOffice.org 2.4\program\stlport_vc7145.dll
0x7c3a0000 0x7b000 7.10.3077.0000 D:\OpenOffice.org 2.4\program\MSVCP71.dll
0x67080000 0x1c000 3.00.0011.0001 D:\FileZilla\FileZilla FTP Client\fzshellext.dll
0x01660000 0x6000 6.00.0001.0000 C:\Program Files\Mediafour\MacDrive\1033\MDVOLSEL.DL_
0x02f10000 0x6000 6.00.0000.0000 C:\Program Files\Mediafour\MacDrive\1033\MDFNAMES.DL_
0x086d0000 0x246000 10.00.0000.3802 C:\WINDOWS\system32\wmvcore.dll
0x070d0000 0x3a000 10.00.0000.3802 C:\WINDOWS\system32\WMASF.DLL
0x00960000 0x13000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
0x41f00000 0x7000 1.01.0000.3917 C:\WINDOWS\system32\asfsipc.dll
0x60990000 0x7000 3.01.4001.5512 C:\WINDOWS\system32\MSISIP.DLL
0x7e6a0000 0x16000 5.07.0000.16599 C:\WINDOWS\system32\wshext.dll

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
winlogon.exe pid: 860
Command line: winlogon.exe

Base Size Version Path
0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL
0x10000000 0x10000 1.00.0000.0000 C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 581D-04A8

Répertoire de C:\WINDOWS\system

10/09/1999 12:06 4 672 WOWPOST.EXE
1 fichier(s) 4 672 octets
0 Rép(s) 14 083 055 616 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 581D-04A8

Répertoire de C:\WINDOWS\system32

14/04/2008 04:33 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 14 083 055 616 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 581D-04A8

Répertoire de C:\WINDOWS\Downloaded Program Files

26/07/2008 22:27 <REP> .
26/07/2008 22:27 <REP> ..
06/06/2008 19:29 65 desktop.ini
26/07/2002 07:13 24 576 dwusplay.dll
26/07/2002 07:13 196 608 dwusplay.exe
17/02/2005 07:15 401 408 isusweb.dll
24/03/2008 19:18 247 swflash.inf
30/07/2007 19:24 293 wuweb.inf
6 fichier(s) 623 197 octets

Total des fichiers listés :
6 fichier(s) 623 197 octets
2 Rép(s) 14 083 055 616 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues

Export des clefs sensibles..

Liste des fichiers en exception sur le pare-feu XP SP2

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\\eMule\\emule.exe"="D:\\eMule\\emule.exe:*:Enabled:eMule"
"D:\\FileMaker Pro 9 Advanced\\FileMaker Pro Advanced.exe"="D:\\FileMaker Pro 9 Advanced\\FileMaker Pro Advanced.exe:*:Enabled:FileMaker Pro Advanced"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"D:\\VideoSpin\\Programs\\RM.exe"="D:\\VideoSpin\\Programs\\RM.exe:*:Enabled:Render Manager"
"D:\\VideoSpin\\Programs\\PMSRegisterFile.exe"="D:\\VideoSpin\\Programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"D:\\VideoSpin\\Programs\\umi.exe"="D:\\VideoSpin\\Programs\\umi.exe:*:Enabled:umi"
"D:\\VideoSpin\\Programs\\VideoSpin.exe"="D:\\VideoSpin\\Programs\\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Export de la clef SharedTaskScheduler

[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

exports des policies
REGEDIT4

[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
127.0.0.1 www.activexupdate.com
127.0.0.1 activexupdate.com
127.0.0.1 www.antispywareupdates.net
127.0.0.1 antispywareupdates.net
127.0.0.1 www.avpcheckupdate.com
127.0.0.1 avpcheckupdate.com
127.0.0.1 client.exeupdate.com
127.0.0.1 www.eupdatepage.com
127.0.0.1 eupdatepage.com
127.0.0.1 www.exeupdate.com
127.0.0.1 exeupdate.com
127.0.0.1 www.flwupdate.com
127.0.0.1 flwupdate.com
127.0.0.1 www.hotwinupdates.com
127.0.0.1 hotwinupdates.com
127.0.0.1 www.lavasoftupdate.com
127.0.0.1 lavasoftupdate.com
127.0.0.1 www.malwarewipeupdate.com
127.0.0.1 malwarewipeupdate.com
127.0.0.1 www.msupdate.net
127.0.0.1 msupdate.net
127.0.0.1 www.msupdater.net
127.0.0.1 msupdater.net
127.0.0.1 www.necessaryupdates.com
127.0.0.1 necessaryupdates.com
127.0.0.1 newupdates.lzio.com
127.0.0.1 redirect.msupdate.net
127.0.0.1 search.keyword.exeupdate.com
127.0.0.1 www.securityupdatesite.com
127.0.0.1 securityupdatesite.com
127.0.0.1 settings.updatemysettings.com
127.0.0.1 www.spyaxeupdate.com
127.0.0.1 spyaxeupdate.com
127.0.0.1 www.spyfalconupdate.com
127.0.0.1 spyfalconupdate.com
127.0.0.1 www.systemupdates.net
127.0.0.1 systemupdates.net
127.0.0.1 trial.updates.winsoftware.com
127.0.0.1 update.680180.net
127.0.0.1 update.shareaza.com
127.0.0.1 www.updatemysettings.com
127.0.0.1 updatemysettings.com
127.0.0.1 updates.spywarequake.com
127.0.0.1 www.urgentsystemupdate.biz
127.0.0.1 urgentsystemupdate.biz
127.0.0.1 www.urgentsystemupdate.com
127.0.0.1 urgentsystemupdate.com
127.0.0.1 windupdates.com
127.0.0.1 www.pandaantivirus-2007.com
127.0.0.1 pandaantivirus-2007.com
127.0.0.1 www.pandadownload-now.com
127.0.0.1 pandadownload-now.com
127.0.0.1 www.panda-hq.com
127.0.0.1 panda-hq.com
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-26 23:19:00
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:000001cc
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1A9FFE51-6672-C1E1-56B9-068EDF0DBC95}]
"iafalfnckflbgfemde"=hex:6a,61,69,6a,70,6b,61,6a,6b,63,66,65,69,6c,69,63,61,64,61,6f,00,..
"hadbneagjgomlajj"=hex:6a,61,69,6a,70,6b,61,6a,6b,63,66,65,69,6c,69,63,61,64,61,6f,00,..

scanning hidden files ...

scan completed successfully
hidden services: 0
hidden files: 0

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Process list by traversal of KiWaitListHead

4 - System
260 - BRSS01A.EXE
264 - spoolsv.exe
608 - cmd.exe
656 - ashDisp.exe
832 - csrss.exe
860 - winlogon.exe
908 - services.exe
920 - lsass.exe
1036 - hphmon04.exe
1080 - svchost.exe
1116 - ctfmon.exe
1152 - TeaTimer.exe
1188 - svchost.exe
1284 - svchost.exe
1336 - svchost.exe
1400 - msmsgs.exe
1428 - nvsvc32.exe
1432 - ndassvc.exe
1460 - VeohClient.exe
1464 - vsnpstd2.exe
1480 - thunderbird.exe
1636 - ecbl-sg.exe
1696 - ashServ.exe
1736 - ndasmgmt.exe
1776 - alg.exe
1792 - explorer.exe
2144 - svchost.exe
2168 - avgas.exe
2480 - guard.exe
2996 - ashMaiSv.exe
3052 - ashWebSv.exe
3324 - hphipm11.exe

Total number of processes = 33
NOTE: Under WinXP, this will not show all processes.

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Driver/Module list by traversal of PsLoadedModuleList

804D7000 - \WINDOWS\system32\ntoskrnl.exe
806EE000 - \WINDOWS\system32\hal.dll
F7AEF000 - \WINDOWS\system32\KDCOM.DLL
F79FF000 - \WINDOWS\system32\BOOTVID.dll
F759F000 - ACPI.sys
F7AF1000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS
F758E000 - pci.sys
F75EF000 - isapnp.sys
F75FF000 - ohci1394.sys
F760F000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS
F7AF3000 - viaide.sys
F786F000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
F761F000 - MountMgr.sys
F756F000 - ftdisk.sys
F7AF5000 - dmload.sys
F7549000 - dmio.sys
F762F000 - sbp2port.sys
F7877000 - PartMgr.sys
F763F000 - VolSnap.sys
F7531000 - atapi.sys
F751E000 - viamraid.sys
F7506000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS
F764F000 - iteraid.sys
F787F000 - MDPMGRNT.sys
F765F000 - disk.sys
F766F000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
F74E6000 - fltmgr.sys
F74D4000 - sr.sys
F767F000 - PxHelp20.sys
F74BD000 - KSecDD.sys
F7430000 - Ntfs.sys
F7403000 - NDIS.sys
F768F000 - lpx.sys
F7887000 - \WINDOWS\system32\DRIVERS\TDI.SYS
F769F000 - uagp35.sys
F788F000 - viaagp1.sys
F73E9000 - Mup.sys
F73AC000 - lfsfilt.sys
F781F000 - \SystemRoot\system32\DRIVERS\amdk7.sys
F66DD000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys
F66C9000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
F782F000 - \SystemRoot\system32\DRIVERS\nic1394.sys
F783F000 - \SystemRoot\system32\DRIVERS\imapi.sys
F7AB3000 - \SystemRoot\system32\drivers\pfc.sys
F784F000 - \SystemRoot\system32\DRIVERS\cdrom.sys
F785F000 - \SystemRoot\system32\DRIVERS\redbook.sys
F66A6000 - \SystemRoot\system32\DRIVERS\ks.sys
F78FF000 - \SystemRoot\system32\DRIVERS\usbuhci.sys
F6682000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
F7907000 - \SystemRoot\system32\DRIVERS\usbehci.sys
F76CF000 - \SystemRoot\system32\DRIVERS\i8042prt.sys
F790F000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
F7917000 - \SystemRoot\system32\DRIVERS\fdc.sys
F6671000 - \SystemRoot\system32\DRIVERS\serial.sys
F7ABB000 - \SystemRoot\system32\DRIVERS\serenum.sys
F665D000 - \SystemRoot\system32\DRIVERS\parport.sys
F65C6000 - \SystemRoot\system32\drivers\ALCXWDM.SYS
F65A2000 - \SystemRoot\system32\drivers\portcls.sys
F6B3D000 - \SystemRoot\system32\drivers\drmk.sys
F6540000 - \SystemRoot\system32\drivers\ALCXSENS.SYS
F6B2D000 - \SystemRoot\system32\DRIVERS\fetnd5b.sys
F7C29000 - \SystemRoot\system32\DRIVERS\audstub.sys
F6B1D000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
F7ABF000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
F6501000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
F6B0D000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
F6AFD000 - \SystemRoot\system32\DRIVERS\raspptp.sys
F64F0000 - \SystemRoot\system32\DRIVERS\psched.sys
F6AED000 - \SystemRoot\system32\DRIVERS\msgpc.sys
F791F000 - \SystemRoot\system32\DRIVERS\ptilink.sys
F7927000 - \SystemRoot\system32\DRIVERS\raspti.sys
F64C0000 - \SystemRoot\system32\DRIVERS\rdpdr.sys
F6ADD000 - \SystemRoot\system32\DRIVERS\termdd.sys
F792F000 - \SystemRoot\system32\DRIVERS\mouclass.sys
F64A9000 - \SystemRoot\system32\DRIVERS\mcdbus.sys
F7B0D000 - \SystemRoot\system32\DRIVERS\swenum.sys
F644B000 - \SystemRoot\system32\DRIVERS\update.sys
F7ADF000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
F643A000 - \SystemRoot\system32\DRIVERS\ndasbus.sys
F6ACD000 - \SystemRoot\System32\Drivers\NDProxy.SYS
F6ABD000 - \SystemRoot\system32\DRIVERS\usbhub.sys
F7B0F000 - \SystemRoot\system32\DRIVERS\USBD.SYS
F793F000 - \SystemRoot\system32\DRIVERS\flpydisk.sys
F7B11000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F7C11000 - \SystemRoot\System32\Drivers\Null.SYS
F7B13000 - \SystemRoot\System32\Drivers\Beep.SYS
F794F000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
F7957000 - \SystemRoot\System32\drivers\vga.sys
F7B15000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F7B17000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
F795F000 - \SystemRoot\System32\Drivers\Msfs.SYS
F7967000 - \SystemRoot\System32\Drivers\Npfs.SYS
F7AA3000 - \SystemRoot\system32\DRIVERS\rasacd.sys
F526E000 - \SystemRoot\system32\DRIVERS\ipsec.sys
F5215000 - \SystemRoot\system32\DRIVERS\tcpip.sys
F76DF000 - \SystemRoot\System32\Drivers\aswTdi.SYS
F514D000 - \SystemRoot\system32\DRIVERS\netbt.sys
F512B000 - \SystemRoot\System32\drivers\afd.sys
F76EF000 - \SystemRoot\system32\DRIVERS\netbios.sys
F5100000 - \SystemRoot\system32\DRIVERS\rdbss.sys
F50A6000 - \??\C:\WINDOWS\system32\DRIVERS\ndasfat.sys
F5036000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
F5003000 - \SystemRoot\System32\Drivers\MDFSYSNT.SYS
F76FF000 - \SystemRoot\System32\Drivers\Fips.SYS
F4FDD000 - \SystemRoot\system32\DRIVERS\ipnat.sys
F770F000 - \SystemRoot\system32\DRIVERS\wanarp.sys
F771F000 - \SystemRoot\system32\DRIVERS\arp1394.sys
F6528000 - \SystemRoot\system32\DRIVERS\hidusb.sys
F772F000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
F7977000 - \SystemRoot\system32\DRIVERS\usbccgp.sys
F7987000 - \SystemRoot\System32\drivers\hphius11.sys
F4F9E000 - \SystemRoot\System32\Drivers\aswSP.SYS
F798F000 - \SystemRoot\System32\Drivers\ASPI32.SYS
F6520000 - \SystemRoot\system32\DRIVERS\usbscan.sys
F651C000 - \SystemRoot\system32\DRIVERS\mouhid.sys
F775F000 - \SystemRoot\system32\DRIVERS\hphid411.sys
F799F000 - \SystemRoot\System32\Drivers\Aavmker4.SYS
F642E000 - \SystemRoot\system32\DRIVERS\kbdhid.sys
F4F7A000 - \SystemRoot\System32\Drivers\Fastfat.SYS
F777F000 - \SystemRoot\System32\Drivers\hphs2k11.sys
F6426000 - \SystemRoot\system32\DRIVERS\hphipr11.sys
F779F000 - \SystemRoot\System32\Drivers\Cdfs.SYS
F4F62000 - \SystemRoot\System32\Drivers\dump_atapi.sys
F7B39000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
F7A9F000 - \SystemRoot\System32\drivers\Dxapi.sys
F79C7000 - \SystemRoot\System32\watchdog.sys
BF000000 - \SystemRoot\System32\drivers\dxg.sys
F7D20000 - \SystemRoot\System32\drivers\dxgthk.sys
BF012000 - \SystemRoot\System32\nv4_disp.dll
F79CF000 - \SystemRoot\system32\DRIVERS\aswFsBlk.sys
BA6BC000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
BA06A000 - \SystemRoot\System32\Drivers\aswMon2.SYS
B9E9D000 - \SystemRoot\system32\drivers\wdmaud.sys
BA650000 - \SystemRoot\system32\drivers\sysaudio.sys
B9A10000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
F79EF000 - \SystemRoot\System32\drivers\BrPar.sys
F7B27000 - \SystemRoot\System32\Drivers\ParVdm.SYS
B9504000 - \SystemRoot\System32\Drivers\Stltrk2k.SYS
B942E000 - \SystemRoot\system32\DRIVERS\srv.sys
B8C7A000 - \SystemRoot\System32\Drivers\HTTP.sys
B8DDE000 - \SystemRoot\System32\Drivers\aswRdr.SYS
F7947000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS
F7C14000 - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
B5F95000 - \SystemRoot\system32\drivers\kmixer.sys
F7C6E000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys

Total number of drivers = 146

Liste des programmes installes

ABBYY PDF Transformer 1.0
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Photoshop CS
Ahead NeroVision Express
AsfTools 3.1 (remove only)
Audacity 1.2.6
avast! Antivirus
AVG Anti-Spyware 7.5
Brother HL-1430
CCleaner (remove only)
CDex extraction audio
Correctif pour Windows Internet Explorer 7 (KB947864)
CursorXP
DivX 5.0.2 Bundle
DivX Codec 3.1alpha release
DivXG400
DVD Shrink 3.2
DVD Solution
e-Carte Bleue Société Générale
Ecrivons
EVEREST Home Edition v2.20
eXPert PDF 4
FileMaker Developer 6
FileMaker Pro 9 Advanced
FileZilla Client 3.0.11.1
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
hp photosmart série printer (Supprimer uniquement)
iColorFolder
ITE 8212 Controller
Java(TM) 6 Update 7
MacDrive 6
Magic ISO Maker v5.5 (build 0261)
MagicDisc 2.5.79
Medi@Show
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Professional
Mise à jour de sécurité pour Windows XP (KB923789)
Mise à jour pour Windows XP (KB942763)
Morgan Stream Switcher
Mozilla Firefox (3.0.1)
Mozilla Thunderbird (2.0.0.16)
Multimedia Launcher
NDAS Software 3.20.1527
Nero OEM
NVIDIA Drivers
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
OpenMG Secure Module 4.7.00
OpenOffice.org 2.4
Package de pilotes Windows - ITE Tech. Inc. (iteraid) SCSIAdapter (09/17/2007 1.7.2.9)
Passware Kit Enterprise 8.3
PhotoFiltre
Photosmart 130,230,7150,7345,7350,7550 (Supprimer uniquement)
Pinnacle VideoSpin
PowerDVD
PowerProducer
QuarkXPress 6.0 Demo
QuickTime Alternative 2.6.0
Real Alternative 1.7.5
RealProducer Plus 10
Realtek AC'97 Audio
Rippack v3 beta 16.1
Riva FLV Encoder 2.0
SAGEM F@st 800-840
Sarbacane 3
Serials 2000 7.1+
Skype™ 3.8
SonicStage 4.3
Spybot - Search & Destroy
Todae - Live Media
Trust WB-3400T Webcam
Universal Extractor 1.5
Unlocker 1.8.7
VeohTV BETA
VeohTV BETA
VideoLAN VLC media player 0.8.6c
WebFldrs XP
Win NMD 1.3
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows XP Service Pack 3
WinPcap 4.0.2
WinZip
WM Recorder 11.0
ZiO SmartMedia Adapter Ver 2.00

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 581D-04A8

Répertoire de C:\Program Files

26/07/2008 22:21 <REP> .
26/07/2008 22:21 <REP> ..
16/06/2008 06:42 <REP> Ahead
06/06/2008 19:53 <REP> Alwil Software
19/06/2008 08:53 <REP> AsfTools 3.1
06/06/2008 22:06 <REP> Brother
06/06/2008 22:06 <REP> Brownie
26/07/2008 20:02 <REP> CCleaner
06/06/2008 19:26 <REP> ComPlus Applications
12/07/2008 14:32 <REP> CursorXP
05/07/2008 16:10 <REP> CyberLink
05/07/2008 16:10 <REP> CyberLink DVD Solution
06/06/2008 20:14 <REP> DIFX
16/06/2008 08:13 <REP> directx
05/07/2008 17:39 <REP> DivX
16/06/2008 11:10 <REP> e-Carte Bleue Société Générale
14/07/2008 16:58 <REP> Ecrivons
24/07/2008 20:19 <REP> Fichiers communs
18/07/2008 15:59 <REP> FileMaker Pro 9 Advanced
26/06/2008 08:27 <REP> Goto software
26/07/2008 20:14 <REP> Grisoft
21/07/2008 16:42 <REP> hp photosmart
26/07/2008 07:50 <REP> HP Photosmart 11
12/07/2008 14:08 <REP> iColorFolder
12/07/2008 14:37 <REP> Internet Explorer
05/07/2008 13:55 <REP> ISOpen
06/06/2008 20:14 <REP> ITE
20/07/2008 16:08 <REP> Java
16/06/2008 15:21 <REP> KeyMap
17/06/2008 12:16 <REP> Lavalys
05/07/2008 13:43 <REP> MagicDisc
08/07/2008 12:13 <REP> Mediafour
07/06/2008 14:56 <REP> Messenger
07/06/2008 11:16 <REP> microsoft frontpage
25/07/2008 17:41 <REP> Microtech
05/07/2008 16:01 <REP> Morgan
12/07/2008 14:37 <REP> Movie Maker
07/06/2008 08:21 <REP> MSN
06/06/2008 19:25 <REP> MSN Gaming Zone
30/06/2008 11:11 <REP> NDAS
07/06/2008 14:59 <REP> NetMeeting
06/06/2008 19:25 <REP> Online Services
12/07/2008 14:37 <REP> Outlook Express
29/06/2008 19:59 <REP> Pinnacle
16/06/2008 09:20 <REP> QuickTime Alternative
15/06/2008 16:43 <REP> Real Alternative
12/07/2008 14:03 <REP> RK Launcher
12/06/2008 17:37 <REP> SAGEM
06/06/2008 19:28 <REP> Services en ligne
20/06/2008 12:12 <REP> Skype
21/06/2008 21:47 <REP> Sony
26/07/2008 22:21 <REP> Trend Micro
12/07/2008 17:50 <REP> Trust
23/10/2003 17:52 40 960 Uninstall_CDS.exe
18/07/2008 16:15 <REP> Universal Extractor
14/06/2008 19:36 <REP> uTorrent
15/07/2008 12:33 <REP> Veoh Networks
06/06/2008 22:30 <REP> Visagesoft
26/06/2008 13:09 <REP> Win NMD
12/07/2008 14:37 <REP> Windows Media Player
07/06/2008 14:59 <REP> Windows NT
30/06/2008 11:10 <REP> WinPcap
06/06/2008 19:36 <REP> xerox
1 fichier(s) 40 960 octets
62 Rép(s) 14 082 764 800 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 581D-04A8

Répertoire de C:\Program Files\fichiers communs

24/07/2008 20:19 <REP> .
24/07/2008 20:19 <REP> ..
17/06/2007 19:47 <REP> Adobe
08/06/2008 15:58 <REP> Adobe Systems Shared
06/06/2008 20:56 <REP> Ahead
07/06/2008 11:21 <REP> Designer
28/06/2008 15:29 <REP> InstallShield
20/07/2008 16:07 <REP> Java
07/06/2008 18:20 <REP> Macrovision Shared
08/07/2008 12:13 <REP> Mediafour
01/07/2008 17:26 <REP> Microsoft Shared
06/06/2008 19:27 <REP> MSSoap
07/06/2008 08:19 <REP> ODBC
25/07/2008 17:41 <REP> SCM
06/06/2008 19:27 <REP> Services
20/06/2008 12:12 <REP> Skype
21/06/2008 21:47 <REP> Sony Shared
06/06/2008 21:13 <REP> SpeechEngines
08/07/2008 16:07 <REP> SWF Studio
12/07/2008 14:36 <REP> System
01/07/2008 08:47 <REP> Yahoo!
0 fichier(s) 0 octets
21 Rép(s) 14 082 764 800 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 581D-04A8

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

01/07/2008 17:26 <REP> .
01/07/2008 17:26 <REP> ..
01/07/2008 17:20 <REP> 1036
26/10/2006 19:49 970 528 MSONSEXT.DLL
03/06/1999 12:09 122 937 MSOWS409.DLL
07/03/2001 07:00 127 033 MSOWS40c.DLL
18/03/1999 06:37 593 977 RAGENT.DLL
4 fichier(s) 1 814 475 octets
3 Rép(s) 14 082 764 800 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 581D-04A8

Répertoire de C:\

26/01/2008 17:21 155 648 ndasscan.exe
1 fichier(s) 155 648 octets
0 Rép(s) 14 082 764 800 octets libres

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 581D-04A8

Répertoire de C:\

c:\Documents and Settings\Dubau\Bureau\dss.exe
c:\Documents and Settings\Dubau\Bureau\Mediator4-internet.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\catchme.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\diff.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\dumphive.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\find2.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\Fport.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\grep.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\gzip.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\KProcCheck.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\LFiles.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\md5sums.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\pslist.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\sigcheck.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\streams.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\swreg.exe
c:\Documents and Settings\Dubau\Bureau\diag\DiagHelp\tar.exe
c:\Documents and Settings\Dubau\Bureau\zio\ZSM\LAUNCH.EXE
c:\Documents and Settings\Dubau\Bureau\zio\ZSM\Setup.exe
c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\extensions\piclens@cooliris.com\components\piclensstub.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\extensions\piclens@cooliris.com\libs\avcodec-51.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\extensions\piclens@cooliris.com\libs\avformat-52.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\extensions\piclens@cooliris.com\libs\avutil-49.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\extensions\piclens@cooliris.com\libs\freetype.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\extensions\piclens@cooliris.com\libs\piclens18.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\extensions\piclens@cooliris.com\libs\piclens19.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\extensions\piclens@cooliris.com\libs\pixomatic.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\extensions\piclens@cooliris.com-trash\components\piclensstub.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\e3qaxzbp.default\extensions\piclens@cooliris.com-trash\libs\piclens19.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\t04mwrvx.default\extensions\piclens@cooliris.com\components\piclensstub.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\t04mwrvx.default\extensions\piclens@cooliris.com\libs\avcodec-51.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\t04mwrvx.default\extensions\piclens@cooliris.com\libs\avformat-52.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\t04mwrvx.default\extensions\piclens@cooliris.com\libs\avutil-49.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\t04mwrvx.default\extensions\piclens@cooliris.com\libs\freetype.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\t04mwrvx.default\extensions\piclens@cooliris.com\libs\piclens18.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\t04mwrvx.default\extensions\piclens@cooliris.com\libs\piclens19.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\t04mwrvx.default\extensions\piclens@cooliris.com\libs\pixomatic.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\t04mwrvx.default\extensions\piclens@cooliris.com-trash\components\piclensstub.dll
c:\Documents and Settings\Dubau\Application Data\Mozilla\Firefox\Profiles\t04mwrvx.default\extensions\piclens@cooliris.com-trash\libs\piclens18.dll

****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_AMD2500.tar.gz a l'adresse http://upload.malekal.com

ep44 · Answer

Et bien ton Pc semble propre 

peut-être un petit nettoyage ne lui ferais pas de mal 
par contre je ne sais pas pourquoi tu as du passer par la réparation Windows pour redémarrer 
peut-être le fichiers boot as sauté ?

pour ce qui est du nettoyage 

Télécharge ATF Cleaner par Atribune.
http://www.atribune.org/ccount/click.php?id=1

      Double-clique ATF-Cleaner.exe afin de lancer le programme.
      Sous l'onglet Main, choisis : Select All
      Clique sur le bouton Empty Selected

  ensuite tu peux visiter mes tutos sur la sécurité et protections 
http://www.swl1f.net/viewforum.php?f=14

@+

ndubau · Answer

Bonjour,
La bête a été docile et redémarré correctement ce matin ! J'ai également appliqué ta dernière prescription.
Merci encore de ton aide : je visiterai tes pages mais je doute que mes compétences me permettent d'agir seul en la matière !
Bon dimanche
Noël

ep44 · Answer

Bonjour 

ok content pour toi 
et n'hésite pas ;)

@+

Virus ou pas

14 réponses

Votre réponse

Discussions similaires

Newsletters