PC Infecte par W32.Myzor.FK@yf
PC Infecte par W32.Myzor.FK@yf - Virus/Spywares - Windows & Software
Sujets relatifs:
- Rapport Hijackthis PC très lent suite désinfection W32/bagle
- infecté procédure???
- W32 bagle et perte de connexion wifi HELP !!!
- W32.Spybot.Worm
- Help! mon site pro infecté par cheval de troie urgent
- besoin d'aide pour virus w32.Myzorfk@yf
- Virus : comment savoir s'il a infecté le MBR ?
- Mon pc est infecté depuis 3-4 jours
- Supprimer W32.Beagle.KF/Trojan.Tooso.R/Bagle (exeflg)
- contentlink kontera infecte mes sites
Marsh Posté le 04-02-2008 à 12:12:22
Bonjour à tous !
Nous avons un PC infecte par W32.Myzor.FK@yf
J'ai chercher sur le net des solutions pour viré ce virus mais sans succes
J'ai suivi un tutorial qui parler du scan de antivir et de hijackthis mais ca marche pas ! toujours ce troyen ou virus :s
Je vous poste içi le resultat des 2 logiciel que j'ai utiliser pour le scan en ésperant que vous m'aiderai a resoudre ce probleme
je vous remercie d'avance !
AntiVir PersonalEdition Classic
Report file date: lundi 4 février 2008 10:41
Scanning for 835736 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: FATMA
Computer name: FATMAFH
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 14:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 14:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 17:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 3/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 8/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 7/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: lundi 4 février 2008 10:41
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
15 processes with 15 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'A:\'
[NOTE] In the drive 'A:\' no data medium is inserted!
Starting to scan the registry.
The registry was scanned ( '34' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\backup2.zip
[0] Archive type: ZIP
--> backup2.pst
[1] Archive type: MS Outlook Mailbox
--> Mailbox_[Folder:Bo te de r ception][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]852.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
--> Mailbox_[Folder:Onemli][Subject:invoice & packing list][From:runint@ms59.hinet.net]2126.html
[DETECTION] Contains detection pattern of the VBS script virus VBS/Redlof.A
--> Mailbox_[Folder:DIVERS][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]3075.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
[INFO] The file was moved to '4809deac.qua'!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\backup2\backup2.pst
[0] Archive type: MS Outlook Mailbox
--> Mailbox_[Folder:Bo te de r ception][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]852.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
--> Mailbox_[Folder:Onemli][Subject:invoice & packing list][From:runint@ms59.hinet.net]2126.html
[DETECTION] Contains detection pattern of the VBS script virus VBS/Redlof.A
--> Mailbox_[Folder:DIVERS][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]3075.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
[WARNING] The file was ignored!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1DF50477.tmp
[DETECTION] Contains detection pattern of the worm WORM/Mytob.AD
[INFO] The file was deleted!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4C7E1508.tmp
[DETECTION] Contains detection pattern of the worm WORM/Mytob.AD
[INFO] The file was deleted!
C:\Documents and Settings\FATMA\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst
[0] Archive type: MS Outlook Mailbox
--> Mailbox_[Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]186.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
[WARNING] The file was ignored!
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Infected\AVP1D.tmp
[0] Archive type: MS Outlook Mailbox
--> Mailbox_[Folder:Bo te de r ception][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]852.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
--> Mailbox_[Folder:Onemli][Subject:invoice & packing list][From:runint@ms59.hinet.net]2126.html
[DETECTION] Contains detection pattern of the VBS script virus VBS/Redlof.A
--> Mailbox_[Folder:DIVERS][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]3075.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
[WARNING] The file was ignored!
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Infected\AVP26.tmp
[0] Archive type: MS Outlook Mailbox
--> Mailbox_[Folder:Bo te de r ception][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]852.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
--> Mailbox_[Folder:Onemli][Subject:invoice & packing list][From:runint@ms59.hinet.net]2126.html
[DETECTION] Contains detection pattern of the VBS script virus VBS/Redlof.A
--> Mailbox_[Folder:DIVERS][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]3075.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
[WARNING] The file was ignored!
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Infected\AVP589.tmp
[0] Archive type: MS Outlook Mailbox
--> Mailbox_[Folder:Bo te de r ception][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]852.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
--> Mailbox_[Folder:Onemli][Subject:invoice & packing list][From:runint@ms59.hinet.net]2126.html
[DETECTION] Contains detection pattern of the VBS script virus VBS/Redlof.A
--> Mailbox_[Folder:DIVERS][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]3075.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
[WARNING] The file was ignored!
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Infected\backup2.pst
[0] Archive type: MS Outlook Mailbox
--> Mailbox_[Folder:Bo te de r ception][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]852.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
--> Mailbox_[Folder:Onemli][Subject:invoice & packing list][From:runint@ms59.hinet.net]2126.html
[DETECTION] Contains detection pattern of the VBS script virus VBS/Redlof.A
--> Mailbox_[Folder:DIVERS][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]3075.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
[WARNING] The file was ignored!
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Infected\backup2.zip
[0] Archive type: ZIP
--> backup2.pst
[1] Archive type: MS Outlook Mailbox
--> Mailbox_[Folder:Bo te de r ception][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]852.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
--> Mailbox_[Folder:Onemli][Subject:invoice & packing list][From:runint@ms59.hinet.net]2126.html
[DETECTION] Contains detection pattern of the VBS script virus VBS/Redlof.A
--> Mailbox_[Folder:DIVERS][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]3075.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
[INFO] The file was deleted!
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Infected\Outlook.pst
[0] Archive type: MS Outlook Mailbox
--> Mailbox_[Folder:DIVERS][Subject:Urgent From Cairo][From:tariq.ramadan@medecine.univ-mrs.fr]1312.news.scr
[DETECTION] Contains detection pattern of the worm WORM/Bugbear.B
--> Mailbox_[Folder:Bo te de r ception][Subject:Captured! Finally!][From:pupil@tcn.net]2614.pics.zip
[1] Archive type: ZIP
--> pics.scr
[DETECTION] Is the Trojan horse TR/Dldr.Small.axr
--> Mailbox_[Folder:Bo te de r ception][From:fatma@ulak.gen.tr]2794.Work and taxes.rar
[1] Archive type: ZIP
--> Taxes.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.CA
--> Mailbox_[Folder: l ments supprim s][Subject:Margaret][From:ceylan@umail.ru]3150.Hughe.zip
[1] Archive type: ZIP
--> S3700026.exe
[DETECTION] Is the Trojan horse TR/Bagle.EW
[WARNING] The file was ignored!
C:\Program Files\Navilog1\navilog1.bat
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '481ce90b.qua'!
C:\System Volume Information\_restore{468DB67F-8C3D-42B1-8A5F-E378C3278A21}\RP1223\A0125027.bat
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '47d7ea4a.qua'!
Begin scan in 'A:\'
Search path A:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'D:\'
Search path D:\ could not be opened!
Le périphérique n'est pas prêt.
End of the scan: lundi 4 février 2008 11:49
Used time: 1:07:43 min
The scan has been done completely.
4746 Scanning directories
288257 Files were scanned
28 viruses and/or unwanted programs were found
2 Files were classified as suspicious:
3 files were deleted
0 files were repaired
3 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
288229 Files not concerned
9258 Archives were scanned
8 Warnings
0 Notes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:54:36, on 4/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://be.msn.com/defaultf.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://be.msn.com/defaultf.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/040C/bl8.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.compaq.com/1Q00CDT/040C/bl7.asp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.isaserver.be;*.isanet.be;info.BBL.be
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Sotfone Tracker Class - {10C52A42-DB8B-4ade-AA4A-CED6A8282B85} - C:\Program Files\Sotfone\1202048600.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} - C:\Program Files\Video Add-on\isfmdl.dll
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-ABCD-7DD20B8622FF} - C:\Program Files\Helper\1202048597.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [IsabelUpgrade] C:\PROGRA~1\Isabel\BIN\ARBOOT.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SystemDoctor Free] C:\Program Files\SystemDoctor Free\sdmain.exe /min
O4 - HKLM\..\Run: [DC6V_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrdc.exe"
O4 - HKLM\..\Run: [MDRV_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrmdr.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Weflirt] "C:\Program Files\Weflirt\weflirt.exe" -background
O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
O4 - HKCU\..\Run: [AntiSpywareShield] C:\Program Files\AntiSpywareShield\AntiSpywareShield.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Video Add-on\icthis.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Video Add-on\isfmntr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.freeietool.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.freeietool.com/redirect.php (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?li [...] lcid=0x409
O16 - DPF: {207D2A66-5DC0-478F-BA7E-A492146D7750} (CardActivator Control) - https://business.isabel.be/CardActi [...] ivator.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/adva [...] module.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} (isInstalled Class) - http://javadl-esd.sun.com/update/1 [...] s-i586.cab
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - http://axas.dnip.net/msrdp.cab
O16 - DPF: {E2F2B9D0-96B9-4B25-B90C-636ECB207D18} - http://www.whenusearch.com/WUInstSECS.cab
O16 - DPF: {F0EE09A4-1D4D-4948-BE5A-F22B0EBA8DE5} - http://www.isabel.be/download/IBS501G01234.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1654DDDD-6634-46FF-B17D-8673FA7D9FA5}: NameServer = 85.255.114.90,85.255.112.233
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C3A31F3-34E4-475C-99FD-20C2D372F0A5}: NameServer = 85.255.114.90,85.255.112.233
O17 - HKLM\System\CCS\Services\Tcpip\..\{33525BB7-C52C-4ED0-BB75-302B1C5C8327}: NameServer = 85.255.114.90,85.255.112.233
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F243524-7970-48C8-BB20-3E41E05F90F0}: NameServer = 85.255.114.90,85.255.112.233
O17 - HKLM\System\CCS\Services\Tcpip\..\{A064C78F-8A20-4F14-889F-D79DC58E2C1A}: NameServer = 85.255.114.90,85.255.112.233
O17 - HKLM\System\CCS\Services\Tcpip\..\{A58B094E-162E-4F21-B3B7-8930A318B296}: NameServer = 85.255.114.90,85.255.112.233
O17 - HKLM\System\CCS\Services\Tcpip\..\{D5ED7EE1-BDC3-482E-9980-B7B9B591DBBF}: NameServer = 85.255.114.90,85.255.112.233
O17 - HKLM\System\CCS\Services\Tcpip\..\{D992E22C-BEC4-46DE-ABA9-4328472E7885}: NameServer = 85.255.114.90,85.255.112.233
O17 - HKLM\System\CCS\Services\Tcpip\..\{FEB06008-EB7A-40B0-ABC3-480113BC0EDB}: NameServer = 85.255.114.90,85.255.112.233
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.90 85.255.112.233
O17 - HKLM\System\CS1\Services\Tcpip\..\{1654DDDD-6634-46FF-B17D-8673FA7D9FA5}: NameServer = 85.255.114.90,85.255.112.233
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.90 85.255.112.233
O17 - HKLM\System\CS2\Services\Tcpip\..\{1654DDDD-6634-46FF-B17D-8673FA7D9FA5}: NameServer = 85.255.114.90,85.255.112.233
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.90 85.255.112.233
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: cured - {7265100a-17e1-41bf-bd08-63b95a25a9c3} - C:\WINDOWS\system32\ofcpi.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 12068 bytes
Merci d'avance
Seiy@r