Virus Type Win 32

Bonjour,

Je ne vois pas d'infection dans ce rapport.

Peux-tu me donner l'emplacement et le nom du fichier infecté ?

• Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
• Double-clique sur RSIT.exe afin de lancer le programme.

(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

• Clique sur Continue à l'écran Disclaimer.
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

info.txt logfile of random's system information tool 1.06 2009-07-27 21:00:10

======Uninstall list======

-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Pegasus Engine"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Control"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Scanner"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
-->"C:\Program Files\Orange\AntivirusFirewall\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Age of Empires III - The Asian Dynasties-->C:\Program Files\InstallShield Installation Information\{C43C1415-3DFC-4089-9A32-0BECF28A6046}\install.exe -runfromtemp -l0x040c
Age of Empires III - The WarChiefs-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{1C08A24C-B168-407E-A826-68FAF5F20710}
Age of Empires III-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{485775E8-AEB8-46BD-922B-242879E03DD5}
AntiVirus Firewall-->"C:\Program Files\Orange\AntivirusFirewall\FSGUI\PostInstall.exe" /tUnInstall
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Commandos 2: Men of Courage-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7963BA0-EE1C-11D4-9FA5-00A0C9E6A342}\setup.exe"
Commandos 3 - Destination Berlin-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C270BC04-1540-4673-960F-A546B2C860CD}\setup.EXE"
Commandos, Le Sens du Devoir-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Eidos Interactive\Pyro\Commandos, Le Sens du Devoir\DeIsL1.isu"
Commandos-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Eidos Interactive\Pyro\Commandos\DeIsL1.isu"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
CursorFX-->"C:\Documents and Settings\All Users\Application Data\{A850D4D9-871B-4234-908D-21C457767270}\CursorFX_public.exe" REMOVE=TRUE MODIFY=FALSE
CursorFX-->C:\Documents and Settings\All Users\Application Data\{A850D4D9-871B-4234-908D-21C457767270}\CursorFX_public.exe
Destination Paris 1.34-->"C:\Program Files\Commandos II\unins000.exe"
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Free Video Dub version 1.4-->"C:\Program Files\DVDVideoSoft\Free Video Dub\unins000.exe"
GameEx 10.12-->"C:\Program Files\GameEx\unins000.exe"
GUILD WARS-->"C:\Program Files\GUILD WARS\Gw.exe" -uninstall
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Morgan\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Ma-Config.com-->MsiExec.exe /X{E780E536-16CE-4CD1-8FE0-2D5E52FAA65B}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.12)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NVIDIA Drivers-->C:\WINDOWS\System32\nvunrm.exe UninstallGUI
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
RollerCoaster Tycoon 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}\Setup.exe" -l0x40c
Satsuki Decoder Pack-->C:\Program Files\Satsuki Decoder Pack\Uninstall.exe
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
Uninstall 1.0.0.1-->"C:\Program Files\Fichiers communs\DVDVideoSoft\unins000.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

Hosts File Missing
======Security center information======

AV: AntiVirus Firewall 7.03
FW: AntiVirus Firewall 7.03

======System event log======

Computer Name: MORGAN-R64PLPFS
Event Code: 7035
Message: Un contrôle Arrêter a correctement été envoyé au service Fax.

Record Number: 7575
Source Name: Service Control Manager
Time Written: 20090619110915.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: MORGAN-R64PLPFS
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{05C77284-3E58-43A9-98EA-0D2EF58AE159} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.

Record Number: 7574
Source Name: Tcpip
Time Written: 20090619110912.000000+120
Event Type: Informations
User:

Computer Name: MORGAN-R64PLPFS
Event Code: 10
Message: Ce lecteur ne semble pas prendre en charge la lecture audio numérique.

Record Number: 7573
Source Name: redbook
Time Written: 20090619110912.000000+120
Event Type: Informations
User:

Computer Name: MORGAN-R64PLPFS
Event Code: 1001
Message: Le service SNMP a démarré correctement.

Record Number: 7572
Source Name: SNMP
Time Written: 20090619110911.000000+120
Event Type: Informations
User:

Computer Name: MORGAN-R64PLPFS
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 7571
Source Name: EventLog
Time Written: 20090619110851.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: MORGAN-R64PLPFS
Event Code: 103
Message: 6 2009-06-21 23:39:44+02:00 morgan-r64plpfs MORGAN-R64PLPFS\Morgan F-Secure Anti-Virus
Scanning of \DEVICE\HARDDISKVOLUME1\DOCUMENTS AND SETTINGS\MORGAN\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS LIVE CONTACTS\{C7D695BD-29C1-4B26-9382-F1EEB52C0704}\DBSTORE\DBSTORE.INI was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).


Record Number: 1143
Source Name: F-Secure Anti-Virus
Time Written: 20090621233944.000000+120
Event Type: erreur
User:

Computer Name: MORGAN-R64PLPFS
Event Code: 103
Message: 5 2009-06-21 23:39:24+02:00 morgan-r64plpfs MORGAN-R64PLPFS\Morgan F-Secure Anti-Virus
Scanning of \DEVICE\HARDDISKVOLUME1\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FSAUA\SUBSCRIPTIONS\AVH_AVPE was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).


Record Number: 1142
Source Name: F-Secure Anti-Virus
Time Written: 20090621233930.000000+120
Event Type: erreur
User:

Computer Name: MORGAN-R64PLPFS
Event Code: 103
Message: 4 2009-06-21 23:39:24+02:00 morgan-r64plpfs MORGAN-R64PLPFS\Morgan F-Secure Anti-Virus
Scanning of \DEVICE\HARDDISKVOLUME1\WINDOWS\SYSTEM32\UPNP.DLL was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).


Record Number: 1141
Source Name: F-Secure Anti-Virus
Time Written: 20090621233930.000000+120
Event Type: erreur
User:

Computer Name: MORGAN-R64PLPFS
Event Code: 103
Message: 3 2009-06-21 21:42:57+02:00 morgan-r64plpfs MORGAN-R64PLPFS\Morgan F-Secure Anti-Virus
Scanning of \DEVICE\HARDDISKVOLUME1\DOCUMENTS AND SETTINGS\MORGAN\COOKIES\MORGAN@TRADEDOUBLER[1].TXT was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).


Record Number: 1140
Source Name: F-Secure Anti-Virus
Time Written: 20090621214258.000000+120
Event Type: erreur
User:

Computer Name: MORGAN-R64PLPFS
Event Code: 103
Message: 2 2009-06-21 21:42:52+02:00 morgan-r64plpfs MORGAN-R64PLPFS\Morgan F-Secure Anti-Virus
Scanning of \DEVICE\HARDDISKVOLUME1\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH10B.OCX was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).


Record Number: 1139
Source Name: F-Secure Anti-Virus
Time Written: 20090621214254.000000+120
Event Type: erreur
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------

Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2513
Windows 5.1.2600 Service Pack 3

27/07/2009 21:33:50
mbam-log-2009-07-27 (21-33-50).txt

Type de recherche: Examen rapide
Eléments examinés: 84062
Temps écoulé: 8 minute(s), 16 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\WINDOWS\system32\A1.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\VRT76.tmp (Malware.Tool) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\VRT77.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\VRT78.tmp (Rogue.Installer) -> Quarantined and deleted successfully.

Merci de ton aide mais juste avant de faire ce que tu me conseil , est ce que mettre à jour Internet explorer est essentiel ?
Car j'utilise Mozilla Firefox et j'en suis satisfait mais si c'est obligé pour éliminer le virus je le ferais sans problème.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Morgan at 2009-07-27 22:17:46
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 63 GB (48%) free of 131 GB
Total RAM: 446 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:18:39, on 27/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE
C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Morgan\Bureau\RSIT.exe
C:\Documents and Settings\Morgan\Mes documents\ex-racourcis du bureau\Morgan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.shinobi.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 1009102014
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/g [...] ction2.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] _1_2_1.cab
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 6543 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Scheduled scanning task.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-20 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-20 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2006-07-12 7626752]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2006-07-12 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-08-02 16049664]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-04 69632]
"F-Secure Manager"=C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE [2008-04-23 182936]
"F-Secure TNB"=C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe [2008-04-23 744032]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-20 148888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"CursorFX"=C:\Program Files\Stardock\CursorFX\CursorFX.exe [2008-02-20 418632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs"
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5611bcd9-34d5-11de-915d-000b6b6937c9}]
shell\AutoRun\command - J:\WDSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{79c70354-4394-11de-9187-000b6b6937c9}]
shell\AutoRun\command - J:\start.exe
shell\iledefrance\command - J:\start.exe


======File associations======

.scr - open - "%1" /S "%3"

======List of files/folders created in the last 1 months======

2009-07-27 22:06:06 ----HDC---- C:\WINDOWS\ie8
2009-07-27 21:18:22 ----D---- C:\Documents and Settings\Morgan\Application Data\Malwarebytes
2009-07-27 21:18:11 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-07-27 21:18:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-27 20:59:36 ----D---- C:\rsit
2009-07-26 15:04:02 ----A---- C:\WINDOWS\ntbtlog.txt
2009-07-26 11:49:54 ----A---- C:\WINDOWS\system32\9D.tmp
2009-07-26 11:48:52 ----A---- C:\WINDOWS\system32\90.tmp
2009-07-26 03:07:25 ----D---- C:\Program Files\FIFA Soccer Manager
2009-07-24 13:08:12 ----HD---- C:\Documents and Settings\All Users\Application Data\{A850D4D9-871B-4234-908D-21C457767270}
2009-07-24 13:08:09 ----D---- C:\Program Files\Stardock
2009-07-23 23:57:36 ----D---- C:\WINDOWS\Sun
2009-07-22 14:58:43 ----D---- C:\Program Files\Infogrames
2009-07-21 18:59:04 ----D---- C:\Program Files\PhotoFiltre
2009-07-20 20:59:33 ----D---- C:\ElectronicArts
2009-07-20 20:59:25 ----A---- C:\WINDOWS\unin040c.exe
2009-07-18 00:00:18 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-07-16 00:28:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-16 00:28:10 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-16 00:24:17 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-12 20:06:26 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-07-11 21:51:32 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-07-11 21:51:31 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-07-11 21:51:30 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-07-11 21:51:28 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-07-11 21:51:28 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-07-11 21:51:26 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-07-11 21:51:25 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-07-11 21:51:23 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-07-11 21:51:23 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-07-11 21:51:22 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-07-11 21:51:22 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-07-11 21:51:21 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-07-11 21:51:21 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-07-11 21:51:20 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-07-11 21:51:19 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-07-11 21:51:19 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-07-11 21:51:18 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-07-11 21:51:17 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-07-11 21:51:17 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-07-11 21:51:15 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-07-11 21:51:13 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-07-11 21:51:12 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-07-11 21:51:11 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-07-11 21:51:10 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-07-11 21:51:10 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-07-11 21:51:09 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-07-11 21:51:09 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-07-11 21:51:07 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-07-11 21:51:07 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-07-11 21:51:06 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-07-11 21:51:05 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-07-11 21:51:04 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-07-11 21:51:04 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-07-11 21:51:03 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-07-11 21:51:02 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-07-11 21:51:02 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-07-11 21:51:00 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-07-11 21:50:59 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-07-11 21:50:39 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-07-11 21:50:33 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-07-11 21:50:29 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-07-11 21:50:22 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-07-11 21:50:21 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-07-11 21:50:11 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-07-11 21:50:09 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-07-11 21:50:07 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-07-11 21:50:06 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-07-11 21:50:04 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-07-11 21:50:04 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-07-11 21:50:03 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-07-11 21:50:01 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-07-11 21:49:58 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-07-11 21:46:16 ----D---- C:\WINDOWS\Logs
2009-07-11 21:43:55 ----D---- C:\Program Files\MSBuild
2009-07-11 21:43:43 ----D---- C:\WINDOWS\system32\XPSViewer
2009-07-11 21:43:21 ----D---- C:\WINDOWS\system32\en-us
2009-07-11 21:43:18 ----D---- C:\Program Files\Reference Assemblies
2009-07-11 21:42:35 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-07-01 13:47:54 ----D---- C:\Program Files\Eidos
2009-07-01 13:22:57 ----D---- C:\Program Files\Commandos II
2009-06-29 12:42:34 ----D---- C:\Program Files\Eidos Interactive
2009-06-29 12:41:38 ----A---- C:\WINDOWS\uninst.exe
2009-06-28 12:53:37 ----D---- C:\Documents and Settings\All Users\Application Data\TrackMania
2009-06-28 12:52:02 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-06-28 12:52:02 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-06-28 12:52:01 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-06-28 12:51:41 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-06-28 12:51:40 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-06-28 12:51:40 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-06-28 12:51:39 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-06-28 12:51:38 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-06-28 12:51:38 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-06-28 12:51:37 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-06-28 12:51:26 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-06-28 12:49:03 ----D---- C:\Program Files\TmNationsForever
2009-06-28 12:19:59 ----D---- C:\DVDVideoSoft

======List of files/folders modified in the last 1 months======

2009-07-27 22:18:39 ----D---- C:\WINDOWS\Temp
2009-07-27 22:15:54 ----D---- C:\Program Files\Mozilla Firefox
2009-07-27 22:11:55 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-27 22:11:46 ----D---- C:\WINDOWS
2009-07-27 22:11:45 ----D---- C:\WINDOWS\system32
2009-07-27 22:11:22 ----D---- C:\WINDOWS\system32\fr-fr
2009-07-27 22:11:21 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-27 22:11:21 ----D---- C:\WINDOWS\Help
2009-07-27 22:11:21 ----D---- C:\Program Files\Internet Explorer
2009-07-27 22:10:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-27 22:09:28 ----HD---- C:\WINDOWS\inf
2009-07-27 22:09:28 ----D---- C:\WINDOWS\Prefetch
2009-07-27 22:09:23 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-27 22:09:18 ----A---- C:\WINDOWS\imsins.BAK
2009-07-27 22:07:44 ----D---- C:\WINDOWS\WBEM
2009-07-27 22:07:35 ----D---- C:\WINDOWS\Media
2009-07-27 22:05:59 ----D---- C:\WINDOWS\system32\CatRoot
2009-07-27 21:37:18 ----RD---- C:\Program Files
2009-07-27 21:37:18 ----D---- C:\WINDOWS\system32\drivers
2009-07-26 15:32:44 ----D---- C:\WINDOWS\system32\config
2009-07-26 15:32:24 ----D---- C:\WINDOWS\system32\wbem
2009-07-26 15:32:23 ----D---- C:\WINDOWS\Registration
2009-07-26 15:32:09 ----D---- C:\Documents and Settings\Morgan\Application Data\Azureus
2009-07-26 15:31:12 ----D---- C:\WINDOWS\system32\Restore
2009-07-26 11:48:30 ----D---- C:\Documents and Settings\Morgan\Application Data\F-Secure
2009-07-24 21:24:36 ----D---- C:\Program Files\Vuze
2009-07-24 14:51:08 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-24 13:08:12 ----SHD---- C:\WINDOWS\Installer
2009-07-18 10:47:29 ----D---- C:\Program Files\DivX
2009-07-18 00:00:18 ----D---- C:\Program Files\Fichiers communs
2009-07-12 00:36:23 ----D---- C:\Emulators
2009-07-11 21:56:08 ----RSD---- C:\WINDOWS\assembly
2009-07-11 21:53:29 ----D---- C:\WINDOWS\Microsoft.NET
2009-07-11 21:51:36 ----D---- C:\WINDOWS\system32\DirectX
2009-07-11 21:44:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-11 21:43:53 ----RSD---- C:\WINDOWS\Fonts
2009-07-11 21:42:48 ----D---- C:\WINDOWS\system32\spool
2009-07-11 21:40:48 ----D---- C:\WINDOWS\WinSxS
2009-07-11 21:39:35 ----D---- C:\WINDOWS\system32\mui
2009-07-08 22:22:11 ----D---- C:\Program Files\Messenger Plus! Live
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-06 01:41:48 ----SD---- C:\Documents and Settings\Morgan\Application Data\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 F-Secure HIPS;F-Secure HIPS; \??\C:\Program Files\Orange\AntivirusFirewall\HIPS\fshs.sys []
R1 hwinterface;hwinterface; C:\WINDOWS\System32\Drivers\hwinterface.sys [2009-06-06 2996]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-06-22 21419]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-02 4356608]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-07-12 3934592]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2006-07-12 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2006-07-12 20480]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 a2r3kodl;a2r3kodl; C:\WINDOWS\system32\drivers\a2r3kodl.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-28 12288]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 PRISM_A02;802.11g USB 2.0 adapter; C:\WINDOWS\System32\DRIVERS\PRISMA02.sys [2004-03-30 374816]
S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys []
S3 RT73;Hercules Wireless USB Dongle Driver ; C:\WINDOWS\system32\DRIVERS\rt73.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys []
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe [2008-04-23 47800]
R2 FSMA;F-Secure Management Agent; C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE [2008-04-23 113304]
R2 Iprip;Écouteur RIP; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-20 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2006-07-12 155715]
R2 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\System32\tcpsvcs.exe [2001-08-28 19456]
R2 SNMP;Service SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]
R3 FSAUA;F-Secure Automatic Update Agent; C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe [2008-04-23 461408]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe [2008-04-23 453216]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 LPDSVC;Serveur d'impression TCP/IP; C:\WINDOWS\System32\tcpsvcs.exe [2001-08-28 19456]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-04-21 216232]
S3 SNMPTRAP;Service d'interruption SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
========== FILES ==========
C:\WINDOWS\system32\9D.tmp moved successfully.
C:\WINDOWS\system32\90.tmp moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 32902 bytes

User: Morgan
->Temp folder emptied: 805122446 bytes
->Temporary Internet Files folder emptied: 54422823 bytes
->Java cache emptied: 19423918 bytes
->FireFox cache emptied: 88939138 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\NV16121680.TMP folder deleted successfully.
%systemroot% .tmp files removed: 4549133 bytes
%systemroot%\System32 .tmp files removed: 2833408 bytes
Windows Temp folder emptied: 4672935 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 934,66 mb


OTM by OldTimer - Version 3.0.0.5 log created on 07272009_222505

Files moved on Reboot...

Registry entries deleted on Reboot...

visiblement non donc je vais attendre quelques jours et si je donne pas de nouvelle c'est que c'est bon.
En attendant je te remercie de m'avoir apporter ton aide.
J'ai juste une dernière question, faut-il que je garde tout les trucs téléchargés précédemment ou je peux les enlever une fois que je suis sur que c'est fini avec ce virus ?

Ok Merci

Salut luluvelu,

Merci de créer ton propre sujet avec le bouton vert "Créer un nouveau sujet" que tu peux trouver en haut de la page.
Tu y mettras les explications de ton problème ainsi que tes logs. Fait attention, car le log que tu avais fourni n'était pas entier, partage le log en deux messages si besoin.