Virus Internet Security 2010 (pour changer..)

Désolé, voilà j'espère que c'est bon :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:59, on 2010-02-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Sarselle\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\Sarselle\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1201938184&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855&lc=1033
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.myheritage.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Sarselle\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6A6F4B83-45C5-4CA9-BDD9-0D81C12295E4} (Microsoft RDP Client Control (redist)) - http://univ-r.u-strasbg.fr/TSWeb/msrdp.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

mais je viens de le faire avec la version 1,44, dernière en date apparemment...

Bon, je crois que c'est la même version que juste avant ms ça semble être la dernière :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:19, on 2010-02-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Sarselle\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\Sarselle\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Sarselle\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6A6F4B83-45C5-4CA9-BDD9-0D81C12295E4} (Microsoft RDP Client Control (redist)) - http://univ-r.u-strasbg.fr/TSWeb/msrdp.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

Faut pas m'en vouloir je suis un peu limité... c'est en cours..

Voilà, le scan est (enfin) terminé :


Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3510
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.11

2010-02-14 16:12:50
mbam-log-2010-02-14 (16-12-48).txt

Type de recherche: Examen complet (C:\|D:\|E:\|G:\|H:\|I:\|)
Eléments examinés: 180228
Temps écoulé: 42 minute(s), 59 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Mais je l'ai fait j'ai téléchargé la dernière version. Je sais vraiment plus quoi faire, c'est un scan qui a duré 40 min !!

Merci. Le pb c'est surtout que je n'ai plus accès à internet sur le pc infecté d'où la nécessité de jongler avec une clé usb. Dois-je efectuer un scan minutieux à nouveau ?

Non pas encore. comment faire ?

Voilà c'est fait. Je refais un scan Malewarebyte's ?

minutieux ?

Le voici :

.
======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 05.02.2010 à 17:34
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 16:45:12, 2010-02-14 | Mode Normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: MOCHEL-8DD2DDFD | Utilisateur actuel: Sarselle
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.


(!) -- Fichiers temporaires supprimés.

.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
HKLM\software\classes\ComObject.DeskbarEnabler
HKLM\software\classes\ComObject.DeskbarEnabler.1
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.17 [fr] *
.
Nom du profil: i2hlquxr.default (Sarselle)
.
(Sarselle, prefs.js) Browser.download.lastDir, C:\Documents and Settings\Sarselle\Bureau
(Sarselle, prefs.js) Browser.search.defaultenginename, Google
(Sarselle, prefs.js) Browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q=
(Sarselle, prefs.js) Browser.search.selectedEngine, Chercher
(Sarselle, prefs.js) Browser.startup.homepage, hxxp://search.myheritage.com/
(Sarselle, prefs.js) Extensions.enabledItems, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.17
(Sarselle, prefs.js) Keyword.URL, hxxp://search.myheritage.com/?orig=ds&q=
.
(Sarselle, prefs.js) EFFACE - Browser.search.defaultthis.engineName, BS_Player Customized Web Search
(Sarselle, prefs.js) EFFACE - Family_toolbar.Var1, %26todaySortedDate%3D200911140%26lastRefreshTime%3D04%3A21
(Sarselle, prefs.js) EFFACE - Family_toolbar.Var10, 0
(Sarselle, prefs.js) EFFACE - Family_toolbar.Var2, FR
(Sarselle, prefs.js) EFFACE - Family_toolbar.Var3, 0
(Sarselle, prefs.js) EFFACE - Family_toolbar.Var4, Yes
(Sarselle, prefs.js) EFFACE - Family_toolbar.Var5, 1
(Sarselle, prefs.js) EFFACE - Family_toolbar.Var6, Yes
(Sarselle, prefs.js) EFFACE - Family_toolbar.Var7, 1.288
(Sarselle, prefs.js) EFFACE - Family_toolbar.Var8, FF4-06-04-109
(Sarselle, prefs.js) EFFACE - Family_toolbar.Var9, 0
(Sarselle, prefs.js) EFFACE - Family_toolbar.cache.tbs_include_xml_008658, 6/4/14/10/109
(Sarselle, prefs.js) EFFACE - Family_toolbar.firstlaunch, 0
(Sarselle, prefs.js) EFFACE - Family_toolbar.guid, %7B5A8833CE-6B0E-9827-A1C5-3BB7FC254CCD%7D
(Sarselle, prefs.js) EFFACE - Family_toolbar.popupblockedcnt, 6
(Sarselle, prefs.js) EFFACE - Family_toolbar.stored_historySearch_Combo, ////super%20u%20hoenheim////le%20bugue////sans%20plomb%2095////%20aramis%20strasbourg
.
.
* Internet Explorer Version 7.0.5730.11 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1 (0x1)
Enable Browser Extensions: yes
Use Search Asst: no
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search Bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\Sarselle\Application Data\BSplayer\AC3 Filter\dialog_patch.exe
.
===================================
.
4077 Octet(s) - C:\Ad-Report-CLEAN[1].log
507 Octet(s) - C:\Ad-Report-SCAN[1].log
.
1132 Fichier(s) - C:\DOCUME~1\Sarselle\LOCALS~1\Temp
127 Fichier(s) - C:\WINDOWS\Temp
0 Fichier(s) - C:\WINDOWS\Prefetch
.
18 Fichier(s) - C:\Ad-Remover\BACKUP
0 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 16:48:26 | 2010-02-14 - CLEAN[1]
.
============== E.O.F ==============
.

Voilà:

############################## | UsbFix V6.094 |

User :
Update on 14/02/2010 by El Desaparecido , C_XX & Chimay8
Start at: 17:29:08 | 2010-02-14
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) D CPU 3.00GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83886476 [ Enabled | Updated ]

C:\ -> Disque fixe local # 293.45 Go (147.5 Go free) # NTFS
D:\ -> Disque amovible
E:\ -> Disque amovible
F:\ -> Disque amovible # 1.89 Go (649.75 Mo free) [LEXAR] # FAT
G:\ -> Disque amovible
H:\ -> Disque CD-ROM
I:\ -> Disque amovible

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exhttp:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.myheritage.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3A

############################## | UsbFix V6.094 |

User : Sarselle (Administrateurs) # MOCHEL-8DD2DDFD
Update on 14/02/2010 by El Desaparecido , C_XX & Chimay8
Start at: 17:29:08 | 2010-02-14
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) D CPU 3.00GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83886476 [ Enabled | Updated ]

C:\ -> Disque fixe local # 293.45 Go (147.5 Go free) # NTFS
D:\ -> Disque amovible
E:\ -> Disque amovible
F:\ -> Disque amovible # 1.89 Go (649.75 Mo free) [LEXAR] # FAT
G:\ -> Disque amovible
H:\ -> Disque CD-ROM
I:\ -> Disque amovible

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exhttp:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.myheritage.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3A

Je retente un copier/coller après avoir refait le scan, je ne peux pas transférer cijoint sur clé :



############################## | UsbFix V6.094 |

User : Sarselle (Administrateurs) # MOCHEL-8DD2DDFD
Update on 14/02/2010 by El Desaparecido , C_XX & Chimay8
Start at: 17:43:55 | 2010-02-14
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) D CPU 3.00GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83886476 [ Enabled | Updated ]

C:\ -> Disque fixe local # 293.45 Go (147.5 Go free) # NTFS
D:\ -> Disque amovible
E:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque CD-ROM
I:\ -> Disque amovible

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Sarselle\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\Sarselle\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | Elements infectieux |


################## | Registre |

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{3848875e-4f0d-11dc-bc6f-00123fc65c3c}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL ClIENT.Exe

HKCU\..\..\Explorer\MountPoints2\{40309bb8-9dfe-11de-8f08-000e9b8f3347}
Shell\AutoRun\command =F:\WDSetup.exe

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné !

################## | ! Fin du rapport # UsbFix V6.094 ! |

Je retente un copier/coller après avoir refait le scan, je ne peux pas transférer cijoint sur clé :



############################## | UsbFix V6.094 |

User : Sarselle (Administrateurs) # MOCHEL-8DD2DDFD
Update on 14/02/2010 by El Desaparecido , C_XX & Chimay8
Start at: 17:43:55 | 2010-02-14
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) D CPU 3.00GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83886476 [ Enabled | Updated ]

C:\ -> Disque fixe local # 293.45 Go (147.5 Go free) # NTFS
D:\ -> Disque amovible
E:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque CD-ROM
I:\ -> Disque amovible

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Sarselle\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\Sarselle\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | Elements infectieux |


################## | Registre |

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{3848875e-4f0d-11dc-bc6f-00123fc65c3c}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL ClIENT.Exe

HKCU\..\..\Explorer\MountPoints2\{40309bb8-9dfe-11de-8f08-000e9b8f3347}
Shell\AutoRun\command =F:\WDSetup.exe

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné !

################## | ! Fin du rapport # UsbFix V6.094 ! |

Je retente un copier/coller après avoir refait le scan, je ne peux pas transférer cijoint sur clé :



############################## | UsbFix V6.094 |

User : Sarselle (Administrateurs) # MOCHEL-8DD2DDFD
Update on 14/02/2010 by El Desaparecido , C_XX & Chimay8
Start at: 17:43:55 | 2010-02-14
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) D CPU 3.00GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83886476 [ Enabled | Updated ]

C:\ -> Disque fixe local # 293.45 Go (147.5 Go free) # NTFS
D:\ -> Disque amovible
E:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque CD-ROM
I:\ -> Disque amovible

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Sarselle\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\Sarselle\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | Elements infectieux |


################## | Registre |

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{3848875e-4f0d-11dc-bc6f-00123fc65c3c}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL ClIENT.Exe

HKCU\..\..\Explorer\MountPoints2\{40309bb8-9dfe-11de-8f08-000e9b8f3347}
Shell\AutoRun\command =F:\WDSetup.exe

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné !

################## | ! Fin du rapport # UsbFix V6.094 ! |

Voici le rapport :


############################## | UsbFix V6.094 |

User : Sarselle (Administrateurs) # MOCHEL-8DD2DDFD
Update on 14/02/2010 by El Desaparecido , C_XX & Chimay8
Start at: 18:01:38 | 2010-02-14
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) D CPU 3.00GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83886476 [ Enabled | Updated ]

C:\ -> Disque fixe local # 293.45 Go (147.46 Go free) # NTFS
D:\ -> Disque amovible
E:\ -> Disque amovible
F:\ -> Disque amovible # 1.89 Go (651.44 Mo free) [LEXAR] # FAT
G:\ -> Disque amovible
H:\ -> Disque CD-ROM
I:\ -> Disque amovible

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\setup\avast.setup
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\eHome\ehRec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\dllhost.exe

################## | Elements infectieux |

Supprimé ! C:\Recycler\S-1-5-21-1659004503-1935655697-839522115-1003

################## | Registre |

Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{3848875e-4f0d-11dc-bc6f-00123fc65c3c}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{40309bb8-9dfe-11de-8f08-000e9b8f3347}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[2010-02-14 17:44|--a------|3337] C:\2UsbFix.txt
[2007-08-14 11:51|--a------|0] C:\AUTOEXEC.BAT
[2008-10-05 13:59|---hs----|209] C:\boot.ini
[2004-08-10 13:00|-rahs----|4952] C:\Bootfont.bin
[2008-03-17 21:01|--a------|658582] C:\CanalPlus.Vod.log
[2007-08-14 11:51|--a------|0] C:\CONFIG.SYS
[2007-08-14 11:51|-rahs----|0] C:\IO.SYS
[2007-08-14 11:51|-rahs----|0] C:\MSDOS.SYS
[2004-08-10 13:00|-rahs----|47564] C:\NTDETECT.COM
[2004-08-10 13:00|-rahs----|251712] C:\ntldr
[2004-02-29 16:44|--a------|52576] C:\orange.bmp
[?|?|?] C:\pagefile.sys
[2009-08-21 11:57|--a------|6609] C:\RECUP.DOC
[2008-10-09 20:54|--a------|1756] C:\TCleaner.txt
[2010-02-14 18:05|--a------|3402] C:\UsbFix.txt
[2009-02-13 17:26|--a------|11893945] F:\Story PhD Alsace!!!.pdf
[2010-01-29 10:37|--a------|1239552] F:\Titre11.doc
[2009-08-11 11:21|--a------|121856] F:\revel.doc
[2009-02-12 11:08|--a------|2467328] F:\DNS, XI.1938.doc
[2009-02-15 14:11|--a------|44511232] F:\DNA, 1968.doc
[2009-02-15 14:24|--a------|2230784] F:\Strassburger Post.doc
[2009-02-10 17:07|--a------|56175104] F:\SNN.doc
[2009-02-12 13:35|--a------|9504768] F:\DNS, 1938.doc
[2009-02-09 00:07|--a------|24704512] F:\Straßburger Bürger.doc
[2009-02-05 09:24|--a------|53595648] F:\Freie Presse.doc
[2009-02-12 10:36|--a------|112122880] F:\UK-Elsässer.doc
[2007-02-22 19:50|--a------|1650395] F:\Plant, Community.pdf
[2010-01-28 10:22|--a------|164153] F:\RHSH_019_0091.pdf
[2009-10-18 11:07|--a------|506368] F:\gautier.doc
[2009-10-12 08:53|--a------|7656431] F:\Sökefeld.pdf
[2009-06-19 10:37|--a------|2626242] F:\Lacassagne_version_finale_these.pdf
[2009-07-03 18:08|--a------|5497963] F:\Crubellier, Hist éduc°.pdf
[2009-06-13 14:34|--a------|3801730] F:\darviche politix.pdf
[2010-01-16 14:04|--a------|72704] F:\Auteur1.doc
[2009-06-19 10:45|--a------|2289276] F:\Texte.pdf
[2009-12-14 17:34|--a------|109280] F:\1.pdf
[2009-06-19 10:50|--a------|5631531] F:\DenisPeschanski_2000_TEL_TheseEtat.pdf
[2009-10-24 09:50|--a------|77451] F:\289.pdf
[2009-10-28 07:02|--a------|337808] F:\bruter.pdf
[2009-08-09 09:15|--a------|590336] F:\Sapir, Anthropologie 2.doc
[2009-10-05 14:23|---h-----|93696] F:\~WRL3372.tmp
[2009-06-20 10:41|--a------|2908191] F:\jaffrelot.pdf
[2009-06-20 10:44|--a------|82188] F:\cahier17.pdf
[2009-12-08 12:36|--a------|120320] F:\Farge.doc
[2009-10-30 21:31|--a------|95744] F:\Auteur2.doc
[2009-10-24 09:52|--a------|104691] F:\381.pdf
[2008-04-05 08:16|--a------|518361] F:\Joas, D et le pragmatisme, C° cat.pdf
[2009-10-05 14:28|---h-----|93696] F:\~WRL0988.tmp
[2009-11-27 10:38|--a------|115713] F:\hulak.pdf
[2009-11-23 11:18|--a------|579866] F:\rhodes.pdf
[2009-11-22 13:24|--a------|247296] F:\Ann Rigney.doc3.doc
[2009-10-30 21:52|--a------|772608] F:\Ann Rigney.doc
[2010-01-29 10:30|--a------|128512] F:\Titre12.doc
[2009-11-21 17:37|--a------|156959] F:\rorty.pdf
[2009-10-30 14:39|--a------|109660] F:\93.1byrnes.pdf
[2009-10-30 14:43|--a------|233008] F:\39.1.loeffler.pdf
[2009-10-24 09:51|--a------|262281] F:\parrekh logic identity.pdf
[2007-02-21 20:35|--a------|161282] F:\Sluga, Autriche.pdf
[2009-10-24 09:47|--a------|252458] F:\bismarck garibaldi.pdf
[2009-11-27 14:34|--a------|37717] F:\ledebat.pdf
[2009-12-09 14:54|---h-----|481280] F:\~WRL3845.tmp
[2009-06-22 10:40|--a------|57856] F:\role_grands_hommes.doc
[2009-06-22 10:40|--a------|46080] F:\socio_connaissance.doc
[2009-06-22 10:40|--a------|72192] F:\fondement_morale.doc
[2009-06-22 10:41|--a------|51200] F:\formes_elem_org_soc.doc
[2009-06-22 10:25|--a------|448107] F:\costey illusio.pdf
[2009-10-24 09:49|--a------|236207] F:\hindenburg pétain.pdf
[2009-10-24 09:50|--a------|100182] F:\fog identity.pdf
[2009-10-29 14:56|--a------|5910398] F:\charléty.pdf
[2009-12-01 11:07|--a------|133314] F:\29_Diaspora_diaspora_ERS.pdf
[2009-10-31 10:27|--a------|2289228] F:\Le Bras Fra de souche.pdf
[2009-11-01 16:17|---h-----|5415936] F:\~WRL2956.tmp
[2009-08-09 09:31|--a------|445440] F:\Sapir, anthropologie 1.doc
[2009-12-14 17:34|--a------|100796] F:\12.pdf
[2010-01-18 10:16|--a------|526336] F:\Titre13.doc
[2009-04-05 09:53|--a------|2392894] F:\Zaret, Eclipse histoire ds théo so.pdf
[2009-12-12 15:02|---h-----|454144] F:\~WRL3015.tmp
[2009-11-22 08:53|--a------|1612] F:\BOOTEX.LOG
[2008-11-06 12:33|--a------|194402] F:\Chimisso.pdf
[2009-11-09 11:01|--a------|356110] F:\roth.pdf
[2007-06-04 11:21|--a------|881716] F:\Mayo, war memo.pdf
[2009-08-08 08:39|--a------|432128] F:\sapir, anthropologie, 1.doc
[2009-08-08 08:40|--a------|724480] F:\Sapir, Le langage.doc
[2009-12-01 11:58|--a------|22528] F:\Neither Individualism nor.doc
[2009-08-16 08:00|--a------|111397] F:\Mesures_transitoires.pdf
[2007-02-22 19:22|--a------|1301238] F:\Kennedy, Decline NAtionalistic History.pdf
[2009-12-15 17:34|--a------|203759] F:\docannexe.pdf
[2009-12-13 12:29|---h-----|490496] F:\~WRL2579.tmp
[2009-12-14 17:35|--a------|151093] F:\25.pdf
[2009-12-01 11:12|--a------|1392177] F:\12_National_Minorities.pdf
[2009-08-21 13:10|--a------|77312] F:\Etat_d'av...doc
[2007-06-03 16:43|--a------|923225] F:\Chanet, fabriq gds hommes.pdf
[2009-09-26 10:32|--a------|29184] F:\DALISSON R.doc
[2009-09-21 10:33|--a------|75264] F:\cohesion_sociale.doc
[2009-09-21 10:34|--a------|580096] F:\essai_sur_le_don.doc
[2009-09-21 10:35|--a------|137728] F:\une_categorie_de_esprit.doc
[2009-09-21 10:36|--a------|581120] F:\essai_societes_eskimos.doc
[2009-09-21 10:36|--a------|89088] F:\fait_social_caractere.doc
[2009-09-21 10:37|--a------|146944] F:\divisions_de_socio.doc
[2009-09-21 10:38|--a------|159232] F:\fragments_plan.doc
[2007-02-11 19:07|--a------|179520] F:\Shulman, cception nation.pdf
[2009-11-28 17:16|--a------|86035] F:\Ryan.pdf
[2009-12-01 10:34|--a------|1471971] F:\gurvitch.pdf
[2009-04-05 09:50|--a------|1298909] F:\Leçons ouv FdC.pdf
[2007-02-27 13:02|--a------|17560781] F:\modes de domin°.pdf
[2009-11-21 12:15|--a------|179712] F:\Titre12a.doc
[2009-09-26 20:53|--a------|48128] F:\Cahiers alsaciens d.doc
[2009-12-01 11:11|--a------|883455] F:\04_The_French_Revolution_and_the_Invention_of_Citizenship.pdf
[2009-11-28 21:03|--a------|444350] F:\document-1125.pdf
[2009-11-23 11:18|--a------|515407] F:\657023.pdf
[2009-10-03 09:40|--a------|111993] F:\JM Schaeffer.pdf
[2009-12-15 11:12|--a------|1076736] F:\essais_et_melanges.doc
[2009-12-14 17:35|--a------|101369] F:\45.pdf
[2009-12-13 13:02|--a------|495616] F:\tarde_opinion_et_la_foule.doc
[2009-12-14 17:35|--a------|162077] F:\55.pdf
[2009-11-21 10:33|--a------|49518] F:\Eley 2009 Pub PDF.pdf
[2009-05-13 10:56|--a------|277101] F:\Guilhaumou, Genèses.pdf
[2009-11-27 15:44|--a------|34816] F:\2pagecv.doc
[2009-12-16 11:55|--a------|244224] F:\chapitre nov-déc 1918.doc
[2009-12-14 17:36|--a------|209107] F:\78.pdf
[2009-07-06 09:50|--a------|44051456] F:\contrôle postal.doc
[2009-12-01 10:40|--a------|11238195] F:\bréal.pdf
[2009-12-01 11:14|---h-----|26624] F:\~WRL4002.tmp
[2009-07-03 18:12|--a------|1057653] F:\INRP_RH065_2.pdf
[2009-12-01 11:47|---h-----|26112] F:\~WRL1545.tmp
[2009-07-03 18:09|--a------|1347492] F:\INRP_RH050_5.pdf
[2009-12-01 11:11|--a------|1252693] F:\06_Social_Theory_as_Habitus.pdf
[2009-12-02 15:17|--a------|363688] F:\163830.pdf
[2009-06-25 10:59|--a------|60416] F:\La sémiotique narrative de A.doc
[2009-12-01 11:12|--a------|1649622] F:\08_Aftermaths_of_Empire.pdf
[2009-12-12 10:38|--a------|114869] F:\Grondeux_2008.pdf
[2010-01-28 11:11|--a------|206034] F:\ANSO_092_0275.pdf
[2009-12-12 15:04|--a------|885248] F:\tarde_ecrits_psycho_soc.doc
[2009-11-28 17:29|--a------|83309] F:\la_narratologie_allemande_john_pier.pdf
[2009-12-15 17:35|--a------|117362] F:\Laoureux, Schutz.pdf
[2009-12-14 10:32|--a------|158073] F:\paradigm4.pdf
[2009-07-09 08:42|--a------|383921152] F:\SHAT, 16 N 1464.doc
[2009-11-23 10:47|--a------|783272] F:\ahess_0395-2649_1985_num_40_5_283216.pdf
[2009-11-22 15:30|--a------|269364] F:\Toews, AHR 2.pdf
[2009-11-22 15:29|--a------|308110] F:\Lacapra, sur Darnton & Chartier.pdf
[2009-11-22 15:28|--a------|425862] F:\LaCapra.pdf
[2009-11-22 15:27|--a------|599396] F:\LaCapra 3.pdf
[2009-11-22 15:28|--a------|979627] F:\LaCapra4.pdf
[2009-12-02 10:33|--a------|811543] F:\Hogan Understanding.pdf
[2009-11-22 15:32|--a------|292454] F:\Toews 4.pdf
[2009-11-23 13:08|--a------|1173504] F:\Isaac, RH.doc
[2009-12-14 10:34|--a------|124891] F:\paradigm5.pdf
[2009-12-06 12:11|--a------|438032] F:\jost2.pdf
[2009-12-02 15:21|--a------|39424] F:\1989.doc
[2009-12-09 14:16|--a------|67584] F:\pacifisme_patriotisme.doc
[2009-12-05 08:54|--a------|18102532] F:\N0107921_PDF_1_-1DM.pdf
[2009-12-06 13:38|--a------|1449984] F:\SOUVENIRS D.doc
[2009-12-13 13:00|--a------|86528] F:\Contribution intempestive à la rénovation de la gauche.doc
[2009-12-15 17:37|--a------|92856] F:\docannexe3.pdf
[2009-12-14 17:36|--a------|158251] F:\109.pdf
[2009-12-09 10:35|--a------|187041] F:\°Chevalier, Sahlins.pdf
[2009-12-14 10:37|--a------|458284] F:\Marshall Sahlins - Creative Commons.mht
[2009-12-14 10:09|--a------|149094] F:\TEXTE_11_Cefai_Trom[1].pdf
[2009-12-14 10:32|--a------|349171] F:\paradigm10.pdf
[2009-12-14 10:35|--a------|180334] F:\paradigm3.pdf
[2009-12-14 17:36|--a------|133881] F:\134.pdf
[2010-01-24 09:10|--a------|252416] F:\1899.doc
[2010-01-28 11:22|--a------|149432] F:\APHI_652_0255.pdf
[2009-11-26 08:15|--a------|182784] F:\Analyses et interprétations.doc
[2009-02-16 11:10|--a------|749709] F:\Eley, Alltagsgeschichte.pdf
[2009-11-27 14:34|--a------|102912] F:\AnthropologicalTheoryFNLversion.doc
[2009-11-27 14:34|--a------|119808] F:\EconomistsJOIE,10Jan05.doc
[2009-11-27 14:35|--a------|132395] F:\PhenomenologicalIllusion.pdf
[2009-11-27 14:35|--a------|41684] F:\searleinterview1199.rtf
[2009-11-27 14:35|--a------|55869] F:\limits_phenomenology.rtf
[2009-11-27 14:35|--a------|42396] F:\reply_to_dreyfus_1_30_99.rtf
[2009-11-27 14:35|--a------|70540] F:\Consciousness1.rtf
[2009-11-27 14:35|--a------|224533] F:\whatislanguage.pdf
[2009-11-27 14:54|--a------|111993] F:\shaeffer bib.pdf
[2010-01-28 10:49|--a------|213075] F:\LHOM_185_0195.pdf
[2010-01-28 10:49|--a------|179283] F:\LHOM_185_0187.pdf
[2010-01-29 12:12|--a------|174793] F:\57.pdf
[2010-01-29 12:19|--a------|232485] F:\221.pdf
[2008-10-08 08:41|--a------|493421] F:\Première leçon FdC, Revue de synthèse 1901.pdf
[2009-12-14 17:37|--a------|210673] F:\153.pdf
[2009-12-14 17:37|--a------|150949] F:\186.pdf
[2009-12-14 17:37|--a------|186610] F:\206.pdf
[2009-12-14 17:38|--a------|191301] F:\234.pdf
[2009-12-16 21:44|---h-----|70656] F:\~WRL3001.tmp
[2010-01-29 12:25|--a------|129644] F:\985.pdf
[2009-12-15 17:29|--a------|984771] F:\Didderen, Searle-Derrida.pdf
[2009-12-15 22:18|---h-----|244736] F:\~WRL1892.tmp
[2009-12-16 21:48|--a------|53248] F:\http.doc
[2009-12-17 13:28|--a------|84992] F:\DURKH&PB.doc
[2009-12-17 13:20|--a------|17851] F:\ceque82.rtf
[2009-12-17 13:27|---h-----|74752] F:\~WRL2312.tmp
[2009-07-18 11:03|--a------|176157] F:\LS_091_0005.pdf
[2009-12-17 13:28|---h-----|86016] F:\~WRL3039.tmp
[2010-01-28 10:22|--a------|168766] F:\RHSH_019_0143.pdf
[2009-12-08 10:29|--a------|24079715] F:\centenaire.pdf
[2010-01-28 10:22|--a------|355294] F:\RHSH_020_0129.pdf
[2010-01-28 11:14|--a------|84008] F:\ANSO_041_0029.pdf
[2009-12-02 17:22|--a------|8158325] F:\08heffernan.pdf
[2009-07-25 10:49|--a------|60931197] F:\année socio 1904-05.pdf
[2009-07-25 10:43|--a------|4825339] F:\HEL_10_2_pp057-073.pdf
[2010-01-28 10:53|--a------|134362] F:\LHOM_175_0019.pdf
[2010-01-28 10:53|--a------|145941] F:\LHOM_175_0057.pdf
[2009-12-14 10:35|--a------|152064] F:\°Sahlins, Waiting for Foucault, still.pdf
[2009-11-25 20:44|--a------|5433733] F:\°Simon-Nahum, Renan et langues sémitiques.pdf
[2010-01-28 14:35|--a------|21504] F:\Par la présente.doc
[2010-01-28 10:39|--a------|152129] F:\chanetMNC_019_0127.pdf
[2010-01-28 10:52|--a------|147017] F:\LHOM_175_0233.pdf
[2010-02-14 17:08|--a------|4462] F:\Ad-Report-CLEAN[1].log
[2010-02-14 17:44|--a------|3337] F:\2UsbFix.txt

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix .

################## | Upload |

Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_MOCHEL-8DD2DDFD.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.094 ! |

Je n'arrive plus à me connecter à Internet, sinon ça va

Ah et le logo de mon antivirus a disparu d ela barre des tâches

Voilà. J'espère que ce sera complet, comme Combo ne pouvait pas avoir accès à INternet...


ComboFix 10-02-12.01 - Sarselle 2010-02-14 18:36:14.4.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1014.651 [GMT 1:00]
Lancé depuis: F:\ComboFix.exe
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Sarselle\Application Data\Adobe\Player.exe.bak
c:\documents and settings\Sarselle\Local Settings\Temporary Internet Files\616A4b3.jpg
c:\documents and settings\Sarselle\Local Settings\Temporary Internet Files\6Y8Oao1.jpg
c:\documents and settings\Sarselle\Local Settings\Temporary Internet Files\pnaba.jpg
c:\documents and settings\Sarselle\Local Settings\Temporary Internet Files\Y2ky5BnX7.jpg

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-01-14 au 2010-02-14 ))))))))))))))))))))))))))))))))))))
.

2010-02-14 17:05 . 2010-02-14 17:05 5807 ----a-w- C:\UsbFix_Upload_Me_MOCHEL-8DD2DDFD.zip
2010-02-14 16:27 . 2010-02-14 17:05 -------- d-----w- C:\UsbFix
2010-02-14 15:40 . 2010-02-14 16:22 -------- d-----w- C:\Ad-Remover
2010-02-14 15:39 . 2010-02-14 15:38 1263511 ----a-w- c:\program files\AD-R.exe
2010-02-14 11:43 . 2010-02-14 11:43 -------- d-----w- c:\windows\system32\wbem\Repository
2010-02-07 08:15 . 2010-02-11 18:38 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-07 08:15 . 2010-02-11 18:42 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-07 08:15 . 2010-02-11 18:39 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-07 08:15 . 2010-02-11 18:42 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-07 08:15 . 2010-02-11 18:38 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-02-07 08:15 . 2010-02-11 18:38 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-02-07 08:15 . 2010-02-11 18:38 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-07 08:14 . 2010-02-11 18:53 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-07 08:14 . 2010-02-11 18:53 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-07 07:36 . 2010-02-07 08:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-02-06 03:46 . 2010-02-06 03:46 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2010-02-06 03:41 . 2010-02-06 03:41 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-14 14:28 . 2008-10-07 18:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-14 09:26 . 2008-08-01 08:44 -------- d-----w- c:\program files\Trend Micro
2010-02-07 17:01 . 2008-04-04 17:34 -------- d-----w- c:\program files\Norton Security Scan
2010-02-07 07:37 . 2007-08-20 11:38 -------- d-----w- c:\program files\Alwil Software
2010-02-06 03:41 . 2007-08-22 11:16 -------- d-----w- c:\program files\Google
2010-02-03 13:23 . 2007-10-14 17:54 -------- d-----w- c:\documents and settings\Sarselle\Application Data\uTorrent
2010-02-03 09:25 . 2009-05-11 15:07 -------- d-----w- c:\program files\Fichiers communs\COWON
2010-02-03 09:25 . 2009-05-11 15:07 -------- d-----w- c:\program files\JetAudio
2010-01-26 18:08 . 2009-11-24 03:22 79488 ----a-w- c:\documents and settings\Sarselle\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-20 12:40 . 2009-03-12 16:51 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-07 15:07 . 2008-10-07 18:30 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2008-10-07 18:30 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-05 09:56 . 2006-03-04 03:35 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 09:56 . 2004-08-10 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:56 . 2004-08-10 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-31 16:14 . 2004-08-10 12:00 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-17 07:59 . 2007-08-14 10:45 347648 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:36 . 2004-08-10 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-10 06:48 . 2004-08-10 12:00 85404 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-10 06:48 . 2004-08-10 12:00 513080 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-09 10:19 . 2005-03-30 17:36 2144768 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:19 . 2005-03-30 17:36 2022912 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 14:41 . 2004-08-10 12:00 453760 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:10 . 2004-08-10 12:00 1297920 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:10 . 2004-08-04 00:54 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:38 . 2004-08-10 12:00 85504 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:38 . 2004-08-10 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:38 . 2004-08-10 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:38 . 2004-08-04 00:54 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:38 . 2001-08-23 17:47 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-21 16:42 . 2004-08-10 12:00 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-07-15 185896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 339968]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-05 114688]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-05 77824]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-03-16 127037]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-28 136600]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]

c:\documents and settings\Sarselle\Menu D‚marrer\Programmes\D‚marrage\
Outil de notification Live Search.lnk - c:\documents and settings\Sarselle\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2008-6-11 142336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Lphant\\eLePhantClient.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-02-07 162512]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-02-07 19024]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 135664]
S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;c:\windows\system32\drivers\usbiad.sys [2007-08-20 31547]
.
Contenu du dossier 'Tâches planifiées'

2010-01-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 03:41]

2010-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 03:41]

2010-02-07 c:\windows\Tasks\Norton Security Scan.job
- c:\program files\Norton Security Scan\Nss.exe [2008-01-09 03:08]

2010-02-14 c:\windows\Tasks\User_Feed_Synchronization-{4D6FAE54-6008-4CF9-B2BC-9726DF043DDB}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:58]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = *.local
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
DPF: {6A6F4B83-45C5-4CA9-BDD9-0D81C12295E4} - hxxp://univ-r.u-strasbg.fr/TSWeb/msrdp.cab
FF - ProfilePath - c:\documents and settings\Sarselle\Application Data\Mozilla\Firefox\Profiles\i2hlquxr.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Chercher
FF - prefs.js: browser.startup.homepage - hxxp://search.myheritage.com/
FF - prefs.js: keyword.URL - hxxp://search.myheritage.com/?orig=ds&q=
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - (no file)
MSConfigStartUp-avast! - c:\progra~1\ALWILS~1\Avast4\ashDisp.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-14 18:41
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Heure de fin: 2010-02-14 18:43:14
ComboFix-quarantined-files.txt 2010-02-14 17:43

Avant-CF: 158,320,803,840 octets libres
Après-CF: 158,690,803,712 octets libres

- - End Of File - - 7056790E4FAEDF1ECB501E56E220E004

sur un pc à côté seulement. L'infecté ne peut pas s'y connecter depuis l'infection.

ça prend vraiment un temps fou...

Que faire ensuite ?

Tout marche à nouveau, merci beaucoup à toi si tu me lis.