Virus insupprimables, constants... (avec rapport Hijackthis).

Bonjour,

Je veux bien le rapport de MBAM.

Télécharge Ad-Remover (de C_XX) sur ton Bureau.

Déconnecte-toi et ferme toutes applications en cours.

Double-clique sur AD-R situé sur ton Bureau pour le lancer.

Choisis Nettoyer puis valide.

Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Bonjour,

Voici le rapport MBAM il m'avait indiqué qu'il n'avait pas pu tout supprimé, je lance et poste celui d'AD-Remover sous peu :

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4052

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

26/10/2010 14:17:29
mbam-log-2010-10-26 (14-17-29).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 339422
Temps écoulé: 4 heure(s), 9 minute(s), 4 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\cryptnet32.dll (Trojan.Tracur) -> Delete on reboot.

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 93.188.164.249,93.188.160.249 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{a7a0f9cd-4a8e-4228-b269-848308bb01f8}\NameServer (Trojan.DNSChanger) -> Data: 93.188.164.249,93.188.160.249 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f211bd65-6b05-4ca8-85cc-5ddfc3b31f74}\NameServer (Trojan.DNSChanger) -> Data: 93.188.164.249,93.188.160.249 -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\cryptnet32.dll (Trojan.Tracur) -> Delete on reboot.
C:\WINDOWS\system32\crt.dat (Malware.Trace) -> Quarantined and deleted successfully.

Le rapport d'Ad-Remover :

======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 25/10/10 à 11:40
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 09:37:42 le 30/10/2010, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
HP_Administrateur@NOM-FB9B15D2723 ( )

============== ACTION(S) ==============

Service: "Application Updater" Stoppé et supprimé

Fichier supprimé: C:\Program Files\Mozilla Firefox\extensions\searchsettings@spigot.com
Fichier supprimé: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Dossier supprimé: C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Mozilla\FireFox\Profiles\swse1aww.default\extensions\toolbar@ask.com
Dossier supprimé: C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\AskToolbar
Dossier supprimé: C:\Program Files\Application Updater
Dossier supprimé: C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Search Settings

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Mozilla\FireFox\Profiles\swse1aww.default\Prefs.js --
Ligne supprimée:
Ligne supprimée:
Ligne supprimée: user_pref("extensions.asktb.cbid", "NL");
Ligne supprimée: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&...
Ligne supprimée: user_pref("extensions.asktb.dtid", "YYYYYYYYFR");
Ligne supprimée: user_pref("extensions.asktb.fresh-install", false);
Ligne supprimée: user_pref("extensions.asktb.l", "dis");
Ligne supprimée: user_pref("extensions.asktb.last-config-req", "1288330862972");
Ligne supprimée: user_pref("extensions.asktb.locale", "fr_FR");
Ligne supprimée: user_pref("extensions.asktb.o", "14300");
Ligne supprimée: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Ligne supprimée: user_pref("extensions.asktb.qsrc", "2871");
Ligne supprimée: user_pref("extensions.asktb.r", "6");
Ligne supprimée: user_pref("extensions.asktb.search-suggestions-enabled", true);
Ligne supprimée: user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,jqs@sun.com:1.0,...
-- Fichier Fermé --


Clé supprimée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Clé supprimée: HKLM\Software\Classes\CLSID\{47C6C527-6204-4F91-849D-66E234DEE015}
Clé supprimée: HKLM\Software\Classes\CLSID\{9461b922-3c5a-11d2-bf8b-00c04fb93661}
Clé supprimée: HKLM\Software\Classes\CLSID\{B791A095-A4AC-4312-8894-5B7E8FF5B3CD}
Clé supprimée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Clé supprimée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Clé supprimée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Clé supprimée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Clé supprimée: HKLM\Software\Classes\TypeLib\{ECA4E801-17AE-4863-9F5C-AF4047AABEE0}
Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Clé supprimée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Clé supprimée: HKLM\Software\Application Updater
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\Search Settings
Clé supprimée: HKCU\Software\Ask.com
Clé supprimée: HKCU\Software\AskToolbar
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\Search Settings
Clé supprimée: HKCU\Software\AppDataLow\AskToolbarInfo
Clé supprimée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SearchSettings
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.12 (fr)] **

-- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Mozilla\FireFox\Profiles\swse1aww.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\HP_Administrateur.NOM-FB9B15D2723\\Bureau
browser.startup.homepage, hxxp://www.google.fr/
browser.startup.homepage_override.mstone, rv:1.9.2.12
keyword.URL, hxxp://r.orange.fr/r?ref=O_toolbar32_hook_syntaxError&url=http%3A//rws.search.ke.voila.fr/RW/A/O_toolbar31?...

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 165 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 30/10/2010 (2392 Octet(s))

Fin à: 09:39:04, 30/10/2010

============== E.O.F ==============

Relance Ad-Remover et choisis Désinstaller.

Tu as refait un scan avec MBAM à jour ?

Bonjour, j'ai bien désinstaller.

Voici l'alerte par Antivir du virus principal en question que j'ai reçu hier une fois de plus :

"Dans le fichier 'C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP279\A0301467.dll'
un virus ou un programme indésirable 'TR/Lukicsel.G.1' [trojan] a été détecté."

Et je viens de recevoir en ce moment même en démarrant mon ordinateur une nouvelle alerte d'Antivir d'un autre virus :

"C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\AntiVirus 2010\taskmgr.dll'
un virus ou un programme indésirable 'TR/Crypt.ZPACK.Gen' [trojan] a été détecté.
Action exécutée : Déplacer le fichier en quarantaine"

J'ai aussi des alertes de soit disant outils de protections de virus d'un soit disant faux antivirus "Antivirus 2010" ou je ne sais quoi.

Je lance un scan complet avec MBAM à jour en mode sans échecs et je poste le rapport.

RE, voici le rapport de MBAM après scan :

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 5004

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

31/10/2010 11:22:56
mbam-log-2010-10-31 (11-22-56).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 363143
Temps écoulé: 4 heure(s), 9 minute(s), 25 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 18

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\AntiVirus 2010 (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\AntiVirus 2010 (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\9nahweuwvobn (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus 2010 (Rogue.AntiVirusStudio2010) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\0.6807690190969035 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reportingmicrosoft (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reportingdwintl20 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\YouTube Downloader Toolbar\FF\components\youtubedownloaderToolbarFF.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Menu Démarrer\Programmes\AntiVirus 2010 (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\AntiVirus 2010 (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temp\m.210.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\AntiVirus 2010\AntiVirus_Studio_2010.exe (Rogue.AntiVirusStudio2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temp\0.6807690190969035.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\program files\fichiers communs\microsoft shared\DW\1081\reportingdwintl20.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\AntiVirus 2010\securityhelper.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temp\0.33088679052329706.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Electronic Arts\EADM\EADMEADMInstaller.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\QuickTime\PictureViewer.Resources\it.lproj\QuickTimeQuickTime7.6.6.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\YouTube Downloader Toolbar\WidgiHelper.exe (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
C:\Program Files\YouTube Downloader Toolbar\FF\components\youtubedownloaderToolbarFF.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
C:\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spool\prtprocs\w32x86\sKU5m.dll (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Menu Démarrer\Programmes\AntiVirus 2010\Activate AntiVirus 2010.lnk (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Menu Démarrer\Programmes\AntiVirus 2010\AntiVirus 2010.lnk (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Menu Démarrer\Programmes\AntiVirus 2010\Help AntiVirus 2010.lnk (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Menu Démarrer\Programmes\AntiVirus 2010\How to Activate AntiVirus 2010.lnk (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\shimg.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Menu Démarrer\Programmes\AntiVirus 2010.lnk (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.

J'ai encore les défauts de bars et le problème audio, apparemment c'est du à l'erreur Generic Host Process for Win32 Services que je reçois souvent, mais que je n'avais pas avant ces virus.

Donc j'ai essayer des solutions que j'ai vu, chose que je n'aurais pas du faire ... J'ai désactivé le Client DNS via Services.msc mais sans succès, Ad-Remover, réparation du système avec sfc /scannow via exécuter.

Dans la réparation du système, des fichiers n'ont pas été reconnus et certains remplacés, on m'a demandé d'insérer le CD de Windows service pack 3, je ne savais pas qu'un tel CD existait puisque j'ai téléchargé le service pack 3 gratuitement et légalement sur Windows Update.

Et là catastrophe ... Après le redémarrage, l'interface est atroce, tout est redimensionné, une résolution des plus basses. En allant dans les propriétés et options, impossible de changer la résolution, pixels et couleurs, elle est fixé à la plus basse et pas d'autres options disponible.
Je panique je ne sais pas quoi faire.

Voilà à quoi ça ressemble avec les erreurs :

http://img442.imageshack.us/img442/5453/erreur01.jpg

http://img255.imageshack.us/img255/5014/erreur02.jpg

C'est un problème de pilote.

Afin d'en connaître un peu plus sur ta config', fais ce qui suit :

Télécharge et installe Everest Ultimate.

Lance-le, va dans Ordinateur puis Résumé et donne-moi le résumé. Pour prendre le résumé, utilise la fonction Rapport en haut de ton écran :



PS : supprime ton adresse mail si elle apparaît dans le rapport.

Bonjour, encore merci de ton aide, voici le rapport :

--------[ EVEREST Ultimate Edition ]------------------------------------------------------------------------------------

Version EVEREST v4.50.1330/fr
Module de benchmark 2.3.224.0
Site web http://www.lavalys.com/
Type de rapport Rapport rapide [ TRIAL VERSION ]
Ordinateur NOM-FB9B15D2723
Générateur HP_Administrateur
Système d'exploitation Microsoft Windows XP Media Center Edition 5.1.2600 (WinXP Retail)
Date 2010-11-01
Heure 08:17


--------[ Résumé ]------------------------------------------------------------------------------------------------------

Ordinateur:
Type de système PC multiprocesseur ACPI
Système d'exploitation Microsoft Windows XP Media Center Edition
Service Pack du système [ TRIAL VERSION ]
Internet Explorer 8.0.6001.18702
DirectX 4.09.00.0904 (DirectX 9.0c)
Nom du système NOM-FB9B15D2723
Nom de l'utilisateur HP_Administrateur
Domaine de connexion [ TRIAL VERSION ]
Date / Heure 2010-11-01 / 08:17

Carte mère:
Type de processeur DualCore AMD Athlon 64 X2, 2000 MHz (10 x 200) 3800+
Nom de la carte mère MSI Amethyst-M
Chipset de la carte mère ATI Radeon Xpress 200/1100/1150, AMD Hammer
Mémoire système [ TRIAL VERSION ]
DIMM1: Micron Tech. 16VDDT6464AY-40BG6 512 Mo PC3200 DDR SDRAM (3.0-3-3-8 @ 200 MHz) (2.5-3-3-7 @ 166 MHz) (2.0-2-2-6 @ 133 MHz)
DIMM2: Micron Tech. 16VDDT6464AY-40BG6 [ TRIAL VERSION ]
Type de BIOS Award (01/12/06)
Port de communication Port imprimante ECP (LPT1)

Moniteur:
Carte vidéo Radeon X1300/X1550 Series Secondary (256 Mo)
Carte vidéo Radeon X1300/X1550 Series (256 Mo)
Accélérateur 3D ATI Radeon X1300 LE / X1550 (RV515)
Moniteur HP VS19 [19" LCD] (CNC551240R)

Multimédia:
Carte audio Realtek ALC658 @ ATI SB400 - AC'97 Audio Controller

Stockage:
Contrôleur IDE Contrôleur IDE standard double canal PCI
Contrôleur IDE Contrôleur IDE standard double canal PCI
Contrôleur de stockage ASANRDAZ IDE Controller
Disque dur Generic USB CF Reader USB Device
Disque dur Generic USB MS Reader USB Device
Disque dur Generic USB SD Reader USB Device
Disque dur Generic USB SM Reader USB Device
Lecteur optique LEV 7KDMB8X2VGL SCSI CdRom Device
Lecteur optique TSSTcorp CD/DVDW TS-H552D (DVD+R9:2.4x, DVD+RW:16x/4x, DVD-RW:12x/4x, DVD-ROM:16x, CD:40x/32x/48x DVD+RW/DVD-RW)
État des disques durs SMART Inconnu

Partitions:
C: (NTFS) [ TRIAL VERSION ]
D: (FAT32) 7162 Mo (1779 Mo libre)
Taille totale [ TRIAL VERSION ]

Entrée:
Clavier HP PS2 Keyboard (2K - 3)
Souris Souris HID

Réseau:
Adresse IP principale [ TRIAL VERSION ]
Adresse MAC principale 00-18-E7-80-E1-77
Carte réseau Realtek RTL8139/810x Family Fast Ethernet NIC
Carte réseau TG123g USB Wireless Adapter (192. [ TRIAL VERSION ])

Périphériques:
Imprimante Fax
Imprimante HP Photosmart 3200 series
Imprimante HP remote printers
Imprimante Microsoft XPS Document Writer
Contrôleur FireWire VIA VT6307 Fire IIM IEEE1394 Host Controller (PHY: VIA VT6307)
Contrôleur USB1 ATI SB400 - USB Controller
Contrôleur USB1 ATI SB400 - USB Controller
Contrôleur USB2 ATI SB400 - USB 2.0 Controller
Périphérique USB Périphérique de stockage de masse USB
Périphérique USB Périphérique d'interface utilisateur USB
Périphérique USB TG123g USB Wireless Adapter

DMI:
Distributeur du BIOS Phoenix Technologies, LTD
Version du BIOS 3.43
Fabricant du système HP Pavilion 061
Nom du système EP239AA-ABF m7355.fr
Version du système 0qm0114RE101AMETM00
Numéro de série du système [ TRIAL VERSION ]
UUID du système [ TRIAL VERSION ]
Fabricant de la carte mère MSI
Nom de la carte mère AMETHYST-M
Version de la carte mère 1.0
Numéro de série de la carte mère [ TRIAL VERSION ]
Fabricant du châssis Hewlett-Packard
Version du châssis
Numéro de série du châssis [ TRIAL VERSION ]
Identifiant du châssis [ TRIAL VERSION ]
Type du châssis Desktop Case
Sockets mémoire (Total/Libres) 4 / 2


--------[ Debug - PCI ]-------------------------------------------------------------------------------------------------

B00 D00 F00: ATI Radeon Xpress 200/1600 (RD480/RS480/RS482/RS485/RX480/RX482) Chipset - Host Bridge

Offset 000: 02 10 50 59 06 00 20 22 10 00 00 06 00 40 00 00
Offset 010: 00 00 00 00 00 00 00 00 01 41 00 00 04 00 00 E0
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
Offset 030: 00 00 00 00 C4 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 42 20 06 00
Offset 050: 3C 10 24 2A 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 7F 00 00 00 00 00 00 00 00 00 00 00 28 00 73 06
Offset 070: E0 08 00 00 00 00 00 00 00 00 00 00 00 00 00 10
Offset 080: 10 0B 00 02 94 10 00 03 20 00 00 00 05 25 00 00
Offset 090: 00 00 00 40 45 CA 45 EC 00 00 00 00 01 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 08 00 80 01 60 00 11 11 D0 00 00 00
Offset 0D0: 25 06 65 00 02 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 FF FF FF FF 5F 00 00 00 00 00 80 00
Offset 0F0: 00 00 00 00 00 80 80 00 03 00 00 00 00 00 40 01

B00 D02 F00: ATI PCI Express Root Port

Offset 000: 02 10 34 5A 07 00 10 00 00 00 04 06 08 00 01 00
Offset 010: 00 00 00 00 00 00 00 00 00 01 01 00 E1 E1 00 20
Offset 020: D0 FD D0 FD 01 D0 F1 DF 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 FF 00 0A 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 01 58 03 C8 00 00 00 00 10 80 41 00 20 00 00 00
Offset 060: 10 08 00 00 01 0D 00 00 00 00 01 11 00 00 00 00
Offset 070: C0 03 48 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 0D B8 00 00 02 10 50 59 08 00 03 A8 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: A2 00 00 00 66 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B00 D12 F00: ATI SB400 - SATA Controller

Offset 000: 02 10 79 43 07 00 B0 02 00 8F 01 01 08 40 00 00
Offset 010: 01 FE 00 00 01 FD 00 00 01 FC 00 00 01 FB 00 00
Offset 020: 01 FA 00 00 00 F0 02 FE 00 00 00 00 3C 10 24 2A
Offset 030: 00 00 00 00 60 00 00 00 00 00 00 00 16 01 00 00
Offset 040: 00 00 00 00 02 00 0C 02 00 00 00 00 00 00 00 00
Offset 050: 05 00 00 00 00 00 00 00 00 00 00 00 0E 23 00 00
Offset 060: 01 50 22 06 00 40 00 64 02 10 00 00 00 00 00 00
Offset 070: 00 00 00 00 F8 FE D3 06 08 00 20 00 00 00 00 00
Offset 080: 22 00 00 00 22 00 00 00 00 00 01 00 47 DE 97 CB
Offset 090: 49 6E 66 50 49 6E 66 50 49 6E 66 50 49 6E 66 50
Offset 0A0: 01 21 15 65 DD 62 DD 62 92 43 92 43 09 40 09 40
Offset 0B0: 01 21 15 65 DD 62 DD 62 92 43 92 43 09 40 09 40
Offset 0C0: 00 00 00 00 49 6E 66 50 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B00 D13 F00: ATI SB400 - USB Controller

Offset 000: 02 10 74 43 07 00 B0 02 00 10 03 0C 08 40 80 00
Offset 010: 00 E0 02 FE 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
Offset 030: 00 00 00 00 D0 00 00 00 00 00 00 00 13 01 00 00
Offset 040: 80 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B00 D13 F01: ATI SB400 - USB Controller

Offset 000: 02 10 75 43 07 00 B0 02 00 10 03 0C 08 40 00 00
Offset 010: 00 D0 02 FE 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
Offset 030: 00 00 00 00 D0 00 00 00 00 00 00 00 13 01 00 00
Offset 040: 80 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00
Offset 050: 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B00 D13 F02: ATI SB400 - USB 2.0 Controller

Offset 000: 02 10 73 43 07 00 B0 02 00 20 03 0C 08 40 00 00
Offset 010: 00 C0 02 FE 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
Offset 030: 00 00 00 00 DC 00 00 00 00 00 00 00 13 01 00 00
Offset 040: 80 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00
Offset 050: 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 20 20 00 00 00 20 00 00 00 20 00 00 00 20 00 00
Offset 070: 00 20 00 00 00 20 00 00 00 20 00 00 00 20 00 00
Offset 080: 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 01 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 05 00 00 00 00 00 00 00 00 00 00 00 01 D0 02 7E
Offset 0E0: 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B00 D14 F00: ATI SB400 - SMBus Controller

Offset 000: 02 10 72 43 03 00 30 02 11 00 05 0C 00 00 80 00
Offset 010: 01 05 00 00 00 B0 02 FE 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
Offset 030: 00 00 00 00 B0 00 00 00 00 00 00 00 00 00 00 00
Offset 040: D0 A1 00 00 00 00 00 00 0F FF 00 00 00 00 00 00
Offset 050: FF 03 00 00 FF 03 00 00 00 00 00 00 00 00 00 00
Offset 060: 01 00 04 00 BF B9 9E 8F 00 90 00 00 20 00 00 00
Offset 070: 00 00 00 00 08 00 C0 FE FF 4E 00 00 00 00 00 00
Offset 080: 0F 0B 00 00 00 00 00 00 00 00 00 00 8C 00 00 80
Offset 090: 01 05 00 00 FB DE FF 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 FF FF FF FF 00 00 00 3F 03 00 C0 0B 00 F9
Offset 0B0: 08 00 02 A8 00 00 00 00 00 00 00 00 F0 0F 00 00
Offset 0C0: FF B7 E9 FF 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: D8 0C 00 00 00 41 00 00 00 00 00 00 00 00 00 00

B00 D14 F01: ATI SB400 - IDE Controller

Offset 000: 02 10 76 43 05 00 30 02 00 8A 01 01 00 40 00 00
Offset 010: 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00
Offset 020: 01 F8 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
Offset 030: 00 00 00 00 70 00 00 00 00 00 00 00 FF 01 00 00
Offset 040: 99 99 99 20 FF FF FF FF 00 00 00 04 00 00 00 00
Offset 050: 00 00 00 00 04 00 00 02 00 00 00 00 00 00 00 00
Offset 060: 00 00 40 01 10 2C 46 18 01 00 00 00 FF FF 0F 00
Offset 070: 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B00 D14 F03: ATI SB400 - PCI-ISA Bridge

Offset 000: 02 10 77 43 0F 00 20 02 00 00 01 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 04 00 00 00 41 00 00 FC BF FF 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 08 00 00 0E 00 0F 00 F8 FF FF FF
Offset 070: 67 45 23 01 00 00 00 00 01 00 00 00 00 00 00 00
Offset 080: 08 00 03 A8 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B00 D14 F04: ATI SB400 - PCI-PCI Bridge

Offset 000: 02 10 71 43 07 00 A0 02 00 01 04 06 00 40 81 00
Offset 010: 00 00 00 00 00 00 00 00 00 02 02 20 D1 D1 80 22
Offset 020: C0 FD C0 FD E0 FD E0 FD 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00
Offset 040: 26 00 3C FF 00 00 00 00 04 01 3F F1 00 00 00 00
Offset 050: 01 00 00 00 08 00 03 A8 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 01 00 02 06
Offset 0E0: 00 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B00 D14 F05: ATI SB400 - AC'97 Audio Controller

Offset 000: 02 10 70 43 07 00 30 04 02 00 01 04 08 40 80 00
Offset 010: 00 A0 02 FE 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 25 2A
Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 11 02 02 00
Offset 040: 05 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B00 D18 F00: AMD Hammer - HyperTransport Technology Configuration

Offset 000: 22 10 00 11 00 00 10 00 00 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 80 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 01 01 01 00 01 01 01 00 01 01 01 00 01 01 01 00
Offset 050: 01 01 01 00 01 01 01 00 01 01 01 00 01 01 01 00
Offset 060: 00 00 01 00 E4 00 00 00 20 C8 20 0F 0C 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 08 00 01 21 20 00 11 11 22 06 75 80 02 00 00 00
Offset 090: 56 04 51 02 00 00 02 00 07 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B00 D18 F01: AMD Hammer - Address Map

Offset 000: 22 10 01 11 00 00 00 00 00 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 03 00 00 00 00 00 3F 00 00 00 00 00 01 00 00 00
Offset 050: 00 00 00 00 02 00 00 00 00 00 00 00 03 00 00 00
Offset 060: 00 00 00 00 04 00 00 00 00 00 00 00 05 00 00 00
Offset 070: 00 00 00 00 06 00 00 00 00 00 00 00 07 00 00 00
Offset 080: 03 0A 00 00 00 0B 00 00 00 00 00 00 00 00 00 00
Offset 090: 03 00 40 00 80 FF DF 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 03 00 F0 00 00 02 FE 00
Offset 0B0: 03 00 E0 00 80 2F E0 00 00 00 00 00 00 00 00 00
Offset 0C0: 13 D0 00 00 00 F0 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 03 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B00 D18 F02: AMD Hammer - DRAM Controller

Offset 000: 22 10 02 11 00 00 00 00 00 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 01 00 00 00 01 10 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 EE E0 03 00 EE E0 03 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 04 00 00 00 00 00 00 00 42 35 82 13 21 0B 00 00
Offset 090: 80 8E 05 38 07 07 7B 06 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 2B 67 94 08 02 00 00 00 BF 0D 59 54 AF 74 CF 5F
Offset 0C0: 00 80 02 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 75 26 03 81 4E A2 32 1A B5 37 FB 42 A2 90 32 F7
Offset 0E0: 76 06 57 D0 C9 88 F5 8D FE 8A 66 1E 8C 3D D9 4C
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B00 D18 F03: AMD Hammer - Miscellaneous Control

Offset 000: 22 10 03 11 00 00 00 00 00 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: FF 3B 00 00 40 00 00 08 00 00 00 00 00 00 00 00
Offset 050: 90 77 93 F3 EF 00 00 00 00 00 00 00 80 98 ED F3
Offset 060: 7D 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 11 01 02 51 11 80 00 50 00 38 00 08 1B 22 00 00
Offset 080: 00 00 07 23 13 21 13 21 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 60 58 00 00 90 38 30 F2 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 36 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 01 A7 0D 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 20 0D 63 12 19 11 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B01 D00 F00: ATI Radeon X1300 LE / X1550 (RV515) Video Adapter

Offset 000: 02 10 46 71 07 00 10 00 00 00 00 03 08 00 80 00
Offset 010: 0C 00 00 D0 00 00 00 00 04 00 DF FD 00 00 00 00
Offset 020: 01 EF 00 00 00 00 00 00 00 00 00 00 62 14 70 04
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 12 01 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 70 04
Offset 050: 01 58 02 06 00 00 00 00 10 80 01 00 A0 0F 00 00
Offset 060: 10 08 0B 00 01 0D 00 00 00 00 01 11 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B01 D00 F01: ATI Radeon X1300 LE / X1550 (RV515) - Secondary Video Adapter

Offset 000: 02 10 66 71 07 00 10 00 00 00 80 03 08 00 00 00
Offset 010: 04 00 DE FD 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 71 04
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 FF 00 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 01 58 02 06 00 00 00 00 10 00 01 00 80 0F 00 00
Offset 060: 00 00 00 00 01 0D 00 00 00 00 01 11 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B02 D00 F00: Philips SAA7134 PCI AV Decoder

Offset 000: 31 11 34 71 06 00 90 02 01 00 80 04 00 40 00 00
Offset 010: 00 F0 CF FD 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 43 10 60 48
Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 14 01 54 20
Offset 040: 01 00 01 06 00 20 00 1C 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B02 D03 F00: Realtek RTL8139 PCI Fast Ethernet Adapter [A/B/C]

Offset 000: EC 10 39 81 05 00 90 02 10 00 00 02 00 40 00 00
Offset 010: 01 F9 00 00 00 E0 CF FD 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 14 01 20 40
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 01 00 C2 F7 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B02 D04 F00: VIA VT6307 Fire IIM IEEE1394 Host Controller

Offset 000: 06 11 44 30 07 00 10 02 80 10 00 0C 08 40 00 00
Offset 010: 00 D0 CF FD 01 DE 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 15 01 00 20
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 01 00 02 E4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

PCI-1002-5950: ATI ClkConfig

Offset 00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 01 70 17 00
Offset 40: 01 00 00 00 FF 7F 44 00 00 00 00 00 00 00 00 00
Offset 50: 21 60 04 00 21 60 04 00 00 00 00 00 53 98 05 02
Offset 60: 00 00 00 2F 00 50 A0 F0 00 F0 02 00 80 00 00 00
Offset 70: 00 00 00 00 18 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 7F 04 00
Offset 90: 00 00 00 00 9E FF FF 73 00 00 00 1A E0 17 40 00
Offset A0: 00 00 80 C3 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 FF FF 10 00
Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08
Offset D0: 00 00 00 00 6C 7B 00 00 10 00 00 00 00 00 00 00
Offset E0: 00 00 4D 07 00 00 00 00 00 00 00 07 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 0F 00 00 00 00 00 00

PCI-1002-5950: ATI RC410/RD400/RS4xx/RX4xx NBMCIND

Offset 00: 00000300 00000322 10A10000 00000006
Offset 04: 00000000 00000000 00000000 00000000
Offset 08: 00000000 00000000 00000000 00000000
Offset 0C: 00000000 00000000 00000000 00000000
Offset 10: 08881018 0000F09A 9999AAAA 00000000
Offset 14: FFFF0000 00000000 00000000 00000000
Offset 18: 00001000 00000000 00000020 00000000
Offset 1C: 00054204 00000000 00000000 FFDD0000
Offset 20: 00000000 00000000 00000000 00000000
Offset 24: 00000000 00000000 00000000 00000000
Offset 28: 00000000 00000000 00000000 00000000
Offset 2C: 00000000 00000010 00000000 00000000
Offset 30: 00000000 00000000 00000007 103FDA40
Offset 34: 00000001 00000007 00000002 00000003
Offset 38: 00000000 01400000 00000000 00000000
Offset 3C: 00000000 0009A09A 00000000 0000F0F0
Offset 40: 00000000 00000000 00000000 00000000
Offset 44: 00000000 52800000 00000000 81000000
Offset 48: 00000000 50000000 00000000 00000000
Offset 4C: 00000000 00000000 00000000 0009A09A
Offset 50: 00000000 0000F0F0 9999AAAA 00000000
Offset 54: FFFF0000 00000000 00000000 00000000
Offset 58: 00000000 00000000 00000000 00000000
Offset 5C: 00000000 00000000 00000000 00800000
Offset 60: 00000000 00000000 00000000 00000001
Offset 64: 04000001 08000001 0C000001 10000000
Offset 68: 10000000 10000000 10000000 03E0FE00
Offset 6C: 03E0FE00 03E0FE00 03E0FE00 3FE0FE00
Offset 70: 3FE0FE00 3FE0FE00 3FE0FE00 40000055
Offset 74: 00177000 1016000B 003000B0 000E0008
Offset 78: 01E2EE2A 00000000 0000015F 00200020
Offset 7C: 001FFFC7 00080808 00400004 00000000


--------[ Debug - Video BIOS ]------------------------------------------------------------------------------------------

C000:0000 U...o...................0.....IBMM.............. 761295520......
C000:0040 ??..............09/29/05 18:35..9....+...H.........\Ahb.p.Fq....
C000:0080 113-A67608-107.S\13.RV515.PCI_EXPRESS.DDR2...RV515LE 102-A67608-
C000:00C0 10 A12 Infineon DDR2 BIOS 450e/400m Channel AB .......
C000:0100 ................................................................
C000:0140 ................................................................
C000:0180 ........(C) 1988-2005, ATI Technologies Inc. .ATOMBIOSBK-ATI VER
C000:01C0 009.011.001.004.015494.13A67608.107.215156 .15494 .BIOS .B
C000:0200 R15494.H....$...ATOM......U...T.....b.p.0.......PCIR..Fq........
C000:0240 ........ATI ATOMBIOS.5.............|.....F....h....... ........
C000:0280 ...fPfQfRfSfUfVfW...... .f........f.2..."...&..&.....f......,..4
C000:02C0 .t.f.\.f.L.;.u...f.^.f.N..........SfPV....>....f=....r.f.....f-.
C000:0300 P...,..4.t.f.D..^fX[.....f......9..\.....3&.w...a.Db.,..4.t..LP.
C000:0340 ....!.f.....& ...fP... .. .....fXt.. f..D....f_f^f]f[fZfYfX.....
C000:0380 .U......F.f3..F....F..R.....d<Z....]..>...u.............f....e..
C000:03C0 ...@.T...B.....T.......|..k..~.....-o.........d.............d..e


------------------------------------------------------------------------------------------------------------------------

The names of actual companies and products mentioned herein may be the trademarks

Installe ceci :
ftp://ftp.hp.com/pub/softlib/software7/COL16130/pv-4270...

Et ceci :
http://www.commentcamarche.net/download/telecharger-340...

Bonsoir, merci à toi.

Tout est revenu à la normale niveau résolution et interface.
Par contre niveau audio j'ai toujours le déséquilibre des balances, avec presque plus de 90% du son à droite et j'ai encore l'erreur Généric Host Process for Win32 Services.

Par ailleurs, aujourd'hui je n'ai pas spécialement navigué et j'ai reçu une nouvelle alerte de menace de virus par Antivir, là voilà :

"Dans le fichier 'C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP285\A0321583.dll'
un virus ou un programme indésirable 'TR/Alureon.EC.79' [trojan] a été détecté."

Relance MBAM, va dans Quarantaine et supprime tout.

[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.

Réponds Oui au message d'avertissement pour que ComboFix commence l'analyse de ton PC.

Il va te demander d'installer la console de récupération : accepte.

Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix

Bonsoir, l'exécution et le déroulement de ComFix s'est déroulé avec succès.

Il a repéré la présence de Rootkit, dans C:\WINDOWS\system32\Drivers\sptd.sys

Seulement le rapport est apparu et mon ordinateur a planté, du coup je ne sais pas du tout où se trouve ce rapport.

Le rapport se trouve à la racine de ton disque dur (dans C:\).

Bonjour, merci, voici le rapport (J'ai essayé plusieurs fois de désactivé les Smilies en éditant mais je n'ai pas réussit, j'espère que ça reste quand même compréhensible) :


ComboFix 10-11-01.05 - HP_Administrateur 02/11/2010 21:05:34.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.632 [GMT 1:00]
Lancé depuis: c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\sFX
c:\program files\WinPCap
c:\program files\WinPCap\rpcapd.exe
c:\windows\run.log
c:\windows\ST6UNST.000

Une copie infectée de c:\windows\system32\Drivers\sptd.sys a été trouvée et désinfectée
Copie restaurée à partir de - Kitty ate it  
Une copie infectée de c:\windows\system32\Drivers\sptd.sys a été trouvée et désinfectée
Copie restaurée à partir de - Kitty had a snack  
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-10-02 au 2010-11-02 ))))))))))))))))))))))))))))))))))))
.

2010-11-01 21:06 . 2006-08-01 14:02 49152 ----a-w- c:\windows\system32\ChCfg.exe
2010-11-01 07:15 . 2010-11-01 07:15 -------- d-----w- c:\program files\Lavalys
2010-10-31 11:26 . 2010-10-31 11:26 -------- d-----w- c:\program files\Ad-Remover
2010-10-31 11:19 . 2008-04-14 03:33 116736 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-10-31 11:19 . 2001-08-23 16:47 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-10-31 11:19 . 2008-04-14 03:33 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-10-31 11:19 . 2001-08-23 16:47 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-10-31 11:19 . 2001-08-23 16:47 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-10-31 11:19 . 2001-08-23 16:47 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2010-10-31 11:19 . 2001-08-17 19:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-10-31 11:18 . 2004-08-03 22:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-10-31 11:18 . 2004-08-03 22:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-10-31 11:18 . 2008-04-14 03:33 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
2010-10-31 11:18 . 2008-04-13 19:36 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys
2010-10-31 11:18 . 2004-08-03 22:31 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
2010-10-31 11:16 . 2001-08-17 20:28 604253 ----a-w- c:\windows\system32\dllcache\vmodem.sys
2010-10-31 11:15 . 2001-08-23 16:47 70144 ----a-w- c:\windows\system32\dllcache\umaxu12.dll
2010-10-31 11:14 . 2001-08-23 16:46 43520 ----a-w- c:\windows\system32\dllcache\tp4res.dll
2010-10-31 11:13 . 2001-08-17 21:07 32640 ----a-w- c:\windows\system32\dllcache\symc8xx.sys
2010-10-31 11:12 . 2001-08-23 16:47 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll
2010-10-31 11:11 . 2001-08-23 16:47 45568 ----a-w- c:\windows\system32\dllcache\smb3w.dll
2010-10-31 11:10 . 2001-08-17 19:51 98080 ----a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2010-10-31 11:09 . 2001-08-23 16:46 179264 ----a-w- c:\windows\system32\dllcache\s3sav3d.dll
2010-10-31 11:08 . 2001-08-17 20:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys
2010-10-31 11:07 . 2001-08-17 20:53 7168 ----a-w- c:\windows\system32\dllcache\pnrmc.sys
2010-10-31 11:06 . 2001-08-23 16:47 42496 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll
2010-10-31 11:05 . 2001-08-17 19:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2010-10-31 11:04 . 2001-08-17 19:50 33088 ----a-w- c:\windows\system32\dllcache\n9i128v2.sys
2010-10-31 11:03 . 2001-08-17 20:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
2010-10-31 11:02 . 2001-08-17 19:49 22848 ----a-w- c:\windows\system32\dllcache\lwusbhid.sys
2010-10-31 11:01 . 2001-08-17 20:49 26624 ----a-w- c:\windows\system32\dllcache\irstusb.sys
2010-10-31 11:00 . 2001-08-17 19:12 109085 ----a-w- c:\windows\system32\dllcache\ibmtrp.sys
2010-10-31 10:59 . 2001-08-17 20:52 5760 ----a-w- c:\windows\system32\dllcache\hpt4qic.sys
2010-10-31 10:58 . 2001-08-17 19:15 454912 ----a-w- c:\windows\system32\dllcache\fxusbase.sys
2010-10-31 10:57 . 2001-08-17 19:19 72192 ----a-w- c:\windows\system32\dllcache\es1969.sys
2010-10-31 10:56 . 2008-04-13 19:39 206976 ----a-w- c:\windows\system32\dllcache\dot4.sys
2010-10-31 10:55 . 2004-08-03 22:32 48640 ----a-w- c:\windows\system32\dllcache\cwrwdm.sys
2010-10-31 10:54 . 2001-08-23 16:02 14080 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
2010-10-31 10:53 . 2001-08-17 20:52 22400 ----a-w- c:\windows\system32\dllcache\asc3350p.sys
2010-10-31 10:50 . 2001-08-23 16:46 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-10-29 05:28 . 2010-10-29 05:28 -------- d-----w- C:\dad6f7f8131c70e72f755a
2010-10-29 05:28 . 2010-10-29 05:28 -------- d-----w- C:\d495894268023df576850f2c27
2010-10-28 05:38 . 2010-10-28 05:40 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\TeamViewer
2010-10-28 05:38 . 2010-10-28 05:38 -------- d-----w- c:\program files\TeamViewer
2010-10-28 01:55 . 2010-10-28 01:55 -------- d-----w- C:\51d0ad7516ec80629e91
2010-10-28 01:55 . 2010-10-28 01:55 -------- d-----w- C:\8c9cb3e37601f4bc8865223d93
2010-10-22 05:35 . 1998-06-23 23:00 164144 ----a-w- c:\windows\system32\COMCT232.OCX
2010-10-22 05:35 . 2005-03-11 16:37 1986560 ----a-w- c:\windows\system32\AudFile.dll
2010-10-22 05:35 . 2005-03-10 15:00 454656 ----a-w- c:\windows\system32\AudioRecord.dll
2010-10-22 05:35 . 2005-02-24 14:21 458752 ----a-w- c:\windows\system32\AudPlayer.dll
2010-10-22 05:35 . 2005-02-24 11:11 479232 ----a-w- c:\windows\system32\AudioVisu.dll
2010-10-22 05:35 . 2005-02-24 11:11 1212416 ----a-w- c:\windows\system32\AudioInfos.dll
2010-10-22 05:35 . 2005-02-24 11:10 417792 ----a-w- c:\windows\system32\AudDisplay.dll
2010-10-22 05:35 . 2005-02-24 11:10 2084864 ----a-w- c:\windows\system32\AudDesign.dll
2010-10-22 05:35 . 1998-07-12 22:00 21504 ----a-w- c:\windows\system32\TABCTFR.DLL
2010-10-22 05:35 . 1998-07-12 22:00 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL
2010-10-22 05:35 . 2010-10-22 05:35 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\FreeAudioPack
2010-10-21 21:36 . 2010-10-28 23:40 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\skypePM
2010-10-21 21:29 . 2010-10-21 21:29 -------- d-----w- c:\program files\Fichiers communs\Skype
2010-10-21 21:29 . 2010-10-21 21:30 -------- d-----r- c:\program files\Skype
2010-10-21 21:29 . 2010-11-02 01:09 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Skype
2010-10-21 21:29 . 2010-10-21 21:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-10-21 18:12 . 2010-10-21 18:12 -------- d-----w- c:\documents and settings\NetworkService\Application Data\AdobeUM
2010-10-15 17:53 . 2010-10-15 17:53 -------- d-----w- C:\temp

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-17 13:17 . 2004-08-10 19:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-04-10 17:26 . 2008-12-17 10:02 278528 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-03-28 3325952]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2010-04-28 2633976]
"MailNotifier"="c:\program files\Orange\MailNotifier\MailNotifier.exe" [2009-08-04 684032]
"ManyCam"="c:\program files\ManyCam\Bin\ManyCam.exe" [2010-06-24 1680680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"ftutil2"="ftutil2.dll" [2004-06-07 106496]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 77312]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-01-11 246504]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 57344]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"PCDrProfiler"="" [BU]
"PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2004-12-14 663552]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-01-02 180269]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]
"ORAHSSSessionManager"="c:\program files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe" [2009-08-03 135920]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BDARemote.lnk - c:\program files\USB TV\EM28XX\BDARemote.exe [2010-6-27 81997]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2010-2-22 495432]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Documents and Settings\\HP_Administrateur.NOM-FB9B15D2723\\Bureau\\Left 4 Dead 2\\Left 4 Dead 2.0.0.6 - Full FR - HamachiFrance\\srcds.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Documents and Settings\\HP_Administrateur.NOM-FB9B15D2723\\Bureau\\Left 4 Dead 2\\Left 4 Dead 2.0.0.6 - Full FR - HamachiFrance\\left4dead2.exe"=
"c:\\Program Files\\Orange\\Connexion Internet Orange\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\World of Warcraft\\Repair.exe"=
"c:\\Program Files\\LittleFighter2\\LF2_v2.0a\\lf2.exe"=
"c:\\Program Files\\adslTV\\adsltv.exe"=
"c:\\Program Files\\adslTV\\VLC\\vlc.exe"=
"c:\\Program Files\\Microsoft Games\\Halo Trial\\halo.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [09/06/2010 19:12 691696]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [14/02/2010 18:41 108289]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [02/01/2005 16:47 2799488]
R3 RTL8187B;TG123g USB Wireless Adapter;c:\windows\system32\drivers\RTL8187B.sys [29/07/2010 18:43 264576]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [06/04/2009 12:19 23064]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [01/11/2010 08:15 23152]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [20/06/2005 10:12 215040]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe --> c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [?]
.
Contenu du dossier 'Tâches planifiées'

2010-10-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]

2010-09-15 c:\windows\Tasks\debutDowngrade.job
- c:\program files\NCH Software\Debut\debut.exe [2010-08-11 21:29]

2010-10-03 c:\windows\Tasks\debutShakeIcon.job
- c:\program files\NCH Software\Debut\debut.exe [2010-08-11 21:29]

2010-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-07 23:23]

2010-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-07 23:23]

2010-10-22 c:\windows\Tasks\prismDowngrade.job
- c:\program files\NCH Software\Prism\prism.exe [2010-08-11 21:14]

2010-10-22 c:\windows\Tasks\prismShakeIcon.job
- c:\program files\NCH Software\Prism\prism.exe [2010-08-11 21:14]
.
.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = hxxp://configuration.adsl/
IE: &Traduire à partir de l'anglais - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Pages liées - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Pages similaires - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Recherche &Google - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: Version de la page actuelle disponible dans le cache Google - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} - hxxp://webtv.guidetv.orange.fr/resources/OCS_9418.cab
.
- - - - ORPHELINS SUPPRIMES - - - -

AddRemove-Audacity 1.3 Beta (Unicode)_is1 - c:\program files\Audacity 1.3 Beta (Unicode)\unins000.exe
AddRemove-CounterStrike 1.6 from VSI (Version 1.02) - c:\progra~1\Valve\CSTRIK~1.6\UNWISE.EXE
AddRemove-Halo - c:\program files\Microsoft Games\Halo\UNINSTAL.EXE
AddRemove-100%Naruto v2.5 - c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Bureau\Uninstal.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-02 21:24
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3250823AS rev.3.03 -> \Device\Ide\IdePort0

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x86E4FEC5]<<
_asm { PUSH EBP; MOV EBP, ESP; SUB ESP, 0x1c; PUSH EBX; PUSH ESI; MOV DWORD [EBP-0x4], 0x85f15872; SUB DWORD [EBP-0x4], 0x85f1512e; PUSH EDI; CALL 0xffffffffffffdf33; }
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x86EBFAB8]
3 CLASSPNP[0xF7530FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000075[0x86EC7F18]
5 ACPI[0xF729B620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x86F32D98]
[0x86F2F240] -> IRP_MJ_CREATE -> 0x86E4FEC5
kernel: MBR read successfully
_asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x5c; }
detected hooks:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskST3250823AS_____________________________3.03____#5&1e0f25ad&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
\Driver\atapi DriverStartIo -> 0x86E4FAEA
user & kernel MBR OK
sectors 488397166 (+255): user != kernel
Warning: possible TDL3 rootkit infection !

Filesystem trace:
called modules: ntkrnlpa.exe hal.dll fltmgr.sys avgntflt.sys bb-run.sys sr.sys >>UNKNOWN [0x86FD41F8]<<
_asm { MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX; PUSH 0x86fd4008; MOV EAX, 0xf72edd40; CALL EAX; }
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x86281D28]
3 fltmgr[0xF70F2E95] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x86E31E80]
5 bb-run[0xF75447E1] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x86F2CB38]
7 sr[0xF70E2870] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x86F32020]
\FileSystem\Ntfs[0x86E2F4B0] -> IRP_MJ_CREATE -> 0x86FD41F8

Registry trace:
called modules: ntkrnlpa.exe spor.sys hal.dll >>UNKNOWN [0x86F878B0]<<
_asm { PUSH EBP; MOV EBP, ESP; JMP 0xfffffffff9633bd7; }

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f8,d7,a2,76,23,8d,5d,4f,9e,44,a6,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f8,d7,a2,76,23,8d,5d,4f,9e,44,a6,\

[HKEY_USERS\S-1-5-21-1383797886-225924082-2662260845-1007\Software\SecuROM\License information*]
"datasecu"=hex 2,38,21,1f,2a,0a,96,e7,cb,24,40,1a,07,6d,22,7f,94,e8,bf,02,fc,
5b,40,be,e4,78,0e,1c,41,41,f9,15,78,ac,57,0c,11,50,6e,a9,a4,f3,bf,e8,1b,33,\
"rkeysecu"=hex:4e,6f,39,48,07,71,f3,1f,b2,25,fa,e1,27,d2,09,aa

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(728)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3780)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\arservice.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\wscntfy.exe
c:\windows\ARPWRMSG.EXE
c:\program files\ATI Technologies\ATI.ACE\CLI.EXE
c:\windows\SOUNDMAN.EXE
c:\program files\Orange\Connexion Internet Orange\Launcher\Launcher.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\ATI Technologies\ATI.ACE\cli.exe
c:\program files\Inventel\Gateway\wlancfg.exe
.
**************************************************************************
.
Heure de fin: 2010-11-02 21:34:46 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-11-02 20:34
ComboFix2.txt 2009-05-01 22:41
ComboFix3.txt 2009-04-28 18:52

Avant-CF: 7 417 741 312 octets libres
Après-CF: 9 357 025 280 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=,1,2,3,4
- - End Of File - - 6733C6B3EE89BE531635E6418F5F8512

RE, je viens de recevoir cette alerte d'Antivir à l'instant :

"Dans le fichier 'C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP285\A0321583.dll'
un virus ou un programme indésirable 'TR/Alureon.EC.79' [trojan] a été détecté."

Tu as toujours des soucis ?

Bonsoir, en fait j'ai eu ça récemment :

"Dans le fichier 'C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP285\A0321583.dll'
un virus ou un programme indésirable 'TR/Alureon.EC.79' [trojan] a été détecté."

Et je n'ai rien en quarantaine.

Par ailleurs j'ai toujours l'erreur Généric Host Process for Win32.

--> http://www.commentcamarche.net/faq/18103-supprimer-le-r...

Fais la manip' avec TDSSKiller.