J'ai attraper un virus ou un ver qui a bloque mon bureau

Apple-Chocolat · Août 16, 2008, 12:06

Salut, pourrais-tu coller le rapport ?
Être infécté c’est comme une maladie, il peux y avoir une rechute… Il faut surveiller cela de près!

cricri58 · Août 16, 2008, 1:27

D accord avec guigui14100
soit Avira Antivir Personal edition ou AVG antivirus Free Edition
ou tu investi Kaspersky,Avira Prenium,etc…;,mais pitié plus Avast du moins pour le MOMENT !!
:hello:

farid0123456 · Août 16, 2008, 1:59

bonjour, a tous , g passer hijacks,et voila le rapport,si quelqu’un peut decoder,et m’aider,sa serait kool

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:57:26, on 16/08/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\WINDOWS\system32\lphcpbvj0erfl.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\tavgbqdw.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\tavgbqdw.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {96EA7110-C0E2-44BF-94B1-03133A29521C} - C:\WINDOWS\system32\yayxyxyY.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {F1A97355-EA48-4031-8ADC-BBBF444E4958} - C:\WINDOWS\system32\urqNDVml.dll (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM…\Run: [NvCplDaemon] “RUNDLL32.EXE” C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] “nwiz.exe” /install
O4 - HKLM…\Run: [SkyTel] SkyTel.EXE
O4 - HKLM…\Run: [EPSON Stylus DX3800 Series] “C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE” /P26 “EPSON Stylus DX3800 Series” /O6 “USB001” /M “Stylus DX3800”
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [NvMediaCenter] “RUNDLL32.EXE” C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [XboxStat] “c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe” silentrun
O4 - HKLM…\Run: [DXM6Patch_9904] “C:\WINDOWS\p_9904.exe” /Q:A
O4 - HKLM…\Run: [NeroFilterCheck] “C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe”
O4 - HKLM…\Run: [lphcpbvj0erfl] C:\WINDOWS\system32\lphcpbvj0erfl.exe
O4 - HKLM…\Run: [SMrhctbvj0erfl] C:\Program Files\rhctbvj0erfl\rhctbvj0erfl.exe
O4 - HKLM…\Run: [avgnt] “C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe” /min
O4 - HKLM…\Run: [Creative WebCam Tray] “C:\Program Files\Creative\Shared Files\CAMTRAY.EXE”
O4 - HKLM…\RunOnce: [Spybot - Search & Destroy] “C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe” /autocheck
O4 - HKCU…\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe”
O4 - HKCU…\Run: [MsnMsgr] “C:\Program Files\MSN Messenger\MsnMsgr.Exe” /background
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [smartdbchk] C:\WINDOWS\system32\kxcpctcx.exe
O4 - HKCU…\Run: [wininfo] C:\WINDOWS\system32\tavgbqdw.exe
O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU…\Run: [Sony Ericsson PC Suite] “C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe” /systray /nologon
O4 - HKCU…\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun
O4 - HKCU…\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM…\Policies\Explorer\Run: [XIjbUSWwQs] C:\Documents and Settings\All Users\Application Data\idqhmfal\yzefmxur.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE…
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - appldnld.apple.com.edgesuite.net…
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - www.bitdefender.fr…
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - www.update.microsoft.com…
O16 - DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} (SpinTop Games Launcher) - www.gamenext.fr…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - www.gamenext.fr…
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - dlm.tools.akamai.com…
O20 - Winlogon Notify: yayxyxyY - yayxyxyY.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal ? Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal ? Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

–
End of file - 10041 bytes

farid0123456 · Août 16, 2008, 2:23

avast, n’est pas bien,??? pourquoi???

guigui14100 · Août 16, 2008, 5:55

Va voir ceci forum.malekal.com…

A tu fait un scan avec MBAM?

Désactive ton antivirus
Fait un scan avec combofix
Laisse le travailler et colle le rapport

Apple-Chocolat · Août 17, 2008, 3:30

[b]Bonjour, merci de fixer les lignes suspectes suivantes et exécuter le scan ComboFix comme te la dit guigui14100 :

C:\WINDOWS\system32\lphcpbvj0erfl.exe
C:\WINDOWS\system32\tavgbqdw.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\tavgbqdw.exe
O2 - BHO: (no name) - {96EA7110-C0E2-44BF-94B1-03133A29521C} - C:\WINDOWS\system32\yayxyxyY.dll (file missing)
O2 - BHO: (no name) - {F1A97355-EA48-4031-8ADC-BBBF444E4958} - C:\WINDOWS\system32\urqNDVml.dll (file missing)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM…\Run: [DXM6Patch_9904] “C:\WINDOWS\p_9904.exe” /Q:A
O4 - HKLM…\Run: [lphcpbvj0erfl] C:\WINDOWS\system32\lphcpbvj0erfl.exe
O4 - HKLM…\Run: [SMrhctbvj0erfl] C:\Program Files\rhctbvj0erfl\rhctbvj0erfl.exe
O4 - HKCU…\Run: [smartdbchk] C:\WINDOWS\system32\kxcpctcx.exe
O4 - HKCU…\Run: [wininfo] C:\WINDOWS\system32\tavgbqdw.exe
O4 - HKLM…\Policies\Explorer\Run: [XIjbUSWwQs] C:\Documents and Settings\All Users\Application Data\idqhmfal\yzefmxur.exe
O4 - Startup: PowerReg Scheduler.exe
O16 - DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} (SpinTop Games Launcher) - www.gamenext.fr…
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - www.gamenext.fr…
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - dlm.tools.akamai.com…
O20 - Winlogon Notify: yayxyxyY - yayxyxyY.dll (file missing)[/b]
Edité le 17/08/2008 à 19:56

farid0123456 · Août 20, 2008, 6:23

bonjour,a tous
g un probleme ,g un malware smitfraud-c, j’ai passer plusieurs logiciel ki le trouve qui le supprime,mais il est toujours la ,
comment faire pour le virer definitivement,et g un message genre erreur windows ki dit troyen avec un nom different, a chaque fois ke j eme connecte. merci

guigui14100 · Août 20, 2008, 6:25

Salut

Repost un log hijackthis

Refait un scan avec MBAM (aprés mise a jour)

cricri58 · Août 20, 2008, 6:38

Plus D Efficacité en mode sans Echec Bien sur

:hello:

guigui14100 · Août 20, 2008, 6:47

+1 cela va de soi
[spoiler]Joublie toujours de le précisé, je l’ai bien mis sur mon topic [/spoiler]

cricri58 · Août 20, 2008, 6:54

:super:
:hello:

:hello:

[/spoiler]

farid0123456 · Août 20, 2008, 8:21

voila le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:10:40, on 20/08/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\tavgbqdw.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {96EA7110-C0E2-44BF-94B1-03133A29521C} - (no file)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM…\Run: [NvCplDaemon] “RUNDLL32.EXE” C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] “nwiz.exe” /install
O4 - HKLM…\Run: [SkyTel] SkyTel.EXE
O4 - HKLM…\Run: [EPSON Stylus DX3800 Series] “C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE” /P26 “EPSON Stylus DX3800 Series” /O6 “USB001” /M “Stylus DX3800”
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [NvMediaCenter] “RUNDLL32.EXE” C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [XboxStat] “c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe” silentrun
O4 - HKLM…\Run: [DXM6Patch_9904] “C:\WINDOWS\p_9904.exe” /Q:A
O4 - HKLM…\Run: [NeroFilterCheck] “C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe”
O4 - HKLM…\Run: [avgnt] “C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe” /min
O4 - HKLM…\Run: [Creative WebCam Tray] “C:\Program Files\Creative\Shared Files\CAMTRAY.EXE”
O4 - HKLM…\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM…\RunOnce: [SpybotDeletingA2817] command /c del “C:\WINDOWS\SchedLgU.Txt”
O4 - HKLM…\RunOnce: [SpybotDeletingC5057] cmd /c del “C:\WINDOWS\SchedLgU.Txt”
O4 - HKCU…\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe”
O4 - HKCU…\Run: [MsnMsgr] “C:\Program Files\MSN Messenger\MsnMsgr.Exe” /background
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [wininfo] C:\WINDOWS\system32\tavgbqdw.exe
O4 - HKCU…\Run: [Sony Ericsson PC Suite] “C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe” /systray /nologon
O4 - HKCU…\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun
O4 - HKCU…\Run: [smartdbchk] C:\WINDOWS\system32\kxcpctcx.exe
O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU…\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU…\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU…\RunOnce: [SpybotDeletingB7294] command /c del “C:\WINDOWS\SchedLgU.Txt”
O4 - HKCU…\RunOnce: [SpybotDeletingD2356] cmd /c del “C:\WINDOWS\SchedLgU.Txt”
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE…
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - appldnld.apple.com.edgesuite.net…
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - www.bitdefender.fr…
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - www.update.microsoft.com…
O16 - DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} (SpinTop Games Launcher) - www.gamenext.fr…
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - support.f-secure.com…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - www.gamenext.fr…
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - dlm.tools.akamai.com…
O20 - Winlogon Notify: !SASWinLogon - C:\WINDOWS
O23 - Service: Avira AntiVir Personal ? Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal ? Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

–
End of file - 9825 bytes

rapport avec hijaks en mode sans echec Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:19:35, on 20/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {96EA7110-C0E2-44BF-94B1-03133A29521C} - (no file)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM…\Run: [NvCplDaemon] “RUNDLL32.EXE” C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] “nwiz.exe” /install
O4 - HKLM…\Run: [SkyTel] SkyTel.EXE
O4 - HKLM…\Run: [EPSON Stylus DX3800 Series] “C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE” /P26 “EPSON Stylus DX3800 Series” /O6 “USB001” /M “Stylus DX3800”
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [NvMediaCenter] “RUNDLL32.EXE” C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [XboxStat] “c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe” silentrun
O4 - HKLM…\Run: [DXM6Patch_9904] “C:\WINDOWS\p_9904.exe” /Q:A
O4 - HKLM…\Run: [NeroFilterCheck] “C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe”
O4 - HKLM…\Run: [avgnt] “C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe” /min
O4 - HKLM…\Run: [Creative WebCam Tray] “C:\Program Files\Creative\Shared Files\CAMTRAY.EXE”
O4 - HKLM…\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM…\RunOnce: [SpybotDeletingA2817] command /c del “C:\WINDOWS\SchedLgU.Txt”
O4 - HKLM…\RunOnce: [SpybotDeletingC5057] cmd /c del “C:\WINDOWS\SchedLgU.Txt”
O4 - HKCU…\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe”
O4 - HKCU…\Run: [MsnMsgr] “C:\Program Files\MSN Messenger\MsnMsgr.Exe” /background
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [wininfo] C:\WINDOWS\system32\tavgbqdw.exe
O4 - HKCU…\Run: [Sony Ericsson PC Suite] “C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe” /systray /nologon
O4 - HKCU…\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun
O4 - HKCU…\Run: [smartdbchk] C:\WINDOWS\system32\kxcpctcx.exe
O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU…\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU…\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU…\RunOnce: [SpybotDeletingB7294] command /c del “C:\WINDOWS\SchedLgU.Txt”
O4 - HKCU…\RunOnce: [SpybotDeletingD2356] cmd /c del “C:\WINDOWS\SchedLgU.Txt”
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE…
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - appldnld.apple.com.edgesuite.net…
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - www.bitdefender.fr…
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - www.update.microsoft.com…
O16 - DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} (SpinTop Games Launcher) - www.gamenext.fr…
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - support.f-secure.com…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - www.gamenext.fr…
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - dlm.tools.akamai.com…
O20 - Winlogon Notify: !SASWinLogon - C:\WINDOWS
O23 - Service: Avira AntiVir Personal ? Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal ? Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

–
End of file - 8837 bytes

guigui14100 · Août 20, 2008, 8:26

Utilise combofix

O4 - HKCU…\Run: [wininfo] C:\WINDOWS\system32\tavgbqdw.exe
O4 - HKCU…\Run: [smartdbchk] C:\WINDOWS\system32\kxcpctcx.exe
O4 - HKLM…\Run: [DXM6Patch_9904] “C:\WINDOWS\p_9904.exe” /Q:A

Upload c’est ficiher sur virus total et colle le rapport

cricri58 · Août 20, 2008, 8:47

salut
O2 - BHO: (no name) - {96EA7110-C0E2-44BF-94B1-03133A29521C} - (no file)
O4 - Startup: PowerReg Scheduler.exe
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - dlm.tools.akamai.com…

???,!!!

:hello:

farid0123456 · Août 20, 2008, 10:47

merci,je viens d’enlever ce ke tu m’as dis koi ,sa marche

le message revient toujours
Edité le 20/08/2008 à 22:49

farid0123456 · Août 20, 2008, 11:02

voila le rapport de combofix

ComboFix 08-08-19.03 - admin 2008-08-20 22:51:05.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.710 [GMT 2:00]
Endroit: C:\Documents and Settings\admin\Bureau\pilo\ComboFix.exe

Création d’un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N’EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\actskn43.ocx
C:\WINDOWS\system32\lmVDNqru.ini
C:\WINDOWS\system32\lmVDNqru.ini2
C:\WINDOWS\system32\xyyccpwp.ini

.
((((((((((((((((((((((((((((( Fichiers cr??s 2008-07-20 to 2008-08-20 ))))))))))))))))))))))))))))))))))))
.

2008-08-18 23:31 . 1999-12-17 08:13 86,016 --a------ C:\WINDOWS\unvise32.exe
2008-08-18 19:36 . 2008-08-18 19:36 d-------- C:\Program Files\Fisher-Price
2008-08-18 19:25 . 2008-08-18 19:26 d-------- C:\Program Files\Malwarebytes’ Anti-Malware
2008-08-18 19:25 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-18 19:25 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-18 11:39 . 2008-08-18 11:39 250 --a------ C:\WINDOWS\gmer.ini
2008-08-17 15:03 . 2008-08-19 20:53 d-------- C:\Program Files\Trojan Remover
2008-08-17 15:03 . 2008-08-17 15:03 d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2008-08-17 15:03 . 2008-08-17 15:03 d-------- C:\Documents and Settings\admin\Application Data\Simply Super Software
2008-08-17 14:50 . 2008-08-20 18:31 317 --a------ C:\WINDOWS\wininit.ini
2008-08-17 13:15 . 2006-05-25 14:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2008-08-17 13:15 . 2003-02-02 19:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-08-17 13:15 . 2005-08-26 00:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2008-08-17 13:15 . 2006-06-19 12:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
2008-08-17 12:26 . 2008-08-20 18:04 d-------- C:\Program Files\Spybot - Search & Destroy
2008-08-16 18:10 . 2008-08-16 18:10 d-------- C:\Documents and Settings\LocalService\Mes documents
2008-08-16 17:36 . 2001-07-28 13:50 265,753 --a------ C:\WINDOWS\system32\AS-Exp2.ocx
2008-08-16 17:36 . 2001-04-20 02:28 28,672 --a------ C:\WINDOWS\system32\systray.ocx
2008-08-16 17:15 . 2004-03-08 23:00 131,856 --a------ C:\WINDOWS\system32\MSADODC.ocx
2008-08-16 17:15 . 2001-03-28 22:02 89,088 --a------ C:\WINDOWS\system32\ProgressBar4.ocx
2008-08-16 17:03 . 2007-06-11 22:04 2,267,368 --a------ C:\WINDOWS\system32\Flash.ocx
2008-08-16 17:03 . 2003-11-19 14:59 512,688 --a------ C:\WINDOWS\system32\XceedCry.dll
2008-08-16 17:03 . 2004-05-11 10:56 423,784 --a------ C:\WINDOWS\system32\XceedBkp.dll
2008-08-16 17:03 . 2004-01-09 11:54 188,416 --a------ C:\WINDOWS\system32\actsplash.ocx
2008-08-16 17:03 . 2000-07-15 06:00 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL
2008-08-16 17:03 . 1999-01-26 20:36 11,012 --a------ C:\WINDOWS\system32\threadapi.tlb
2008-08-16 14:03 . 2008-08-20 15:21 d-------- C:\Program Files\SUPERAntiSpyware
2008-08-16 14:03 . 2008-08-16 14:03 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-08-16 14:03 . 2008-08-20 15:21 d-------- C:\Documents and Settings\admin\Application Data\SUPERAntiSpyware.com
2008-08-16 11:31 . 2008-08-16 11:31 164 --a------ C:\install.dat
2008-08-15 21:49 . 2008-08-15 21:49 d-------- C:\Program Files\Avira
2008-08-15 21:49 . 2008-08-15 21:49 d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-08-15 21:43 . 2008-08-15 21:46 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-15 21:29 . 2008-08-16 17:41 d-------- C:\WINDOWS\BDOSCAN8
2008-08-15 20:42 . 2008-08-15 20:42 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-08-15 19:02 . 2008-08-15 19:02 77,824 --a------ C:\WINDOWS\system32\tavgbqdw.exe
2008-08-15 16:27 . 2008-08-15 16:27 d-------- C:\Program Files\Trend Micro
2008-08-15 16:26 . 2008-08-15 16:26 d-------- C:\Program Files\Navilog1
2008-08-15 16:25 . 2008-08-15 16:25 d-------- C:\Documents and Settings\admin\Application Data\Malwarebytes
2008-08-15 16:24 . 2008-08-15 16:24 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-15 12:38 . 2007-08-17 20:12 d–h----- C:\Documents and Settings\Administrateur\Voisinage r?seau
2008-08-15 12:38 . 2007-08-17 20:12 d–h----- C:\Documents and Settings\Administrateur\Voisinage d’impression
2008-08-15 12:38 . 2007-08-17 20:02 d–h----- C:\Documents and Settings\Administrateur\Mod?les
2008-08-15 12:38 . 2007-08-17 20:12 d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-08-15 12:38 . 2007-08-17 20:12 dr------- C:\Documents and Settings\Administrateur\Menu D?marrer
2008-08-15 12:38 . 2007-08-17 20:12 d-------- C:\Documents and Settings\Administrateur\Favoris
2008-08-15 12:38 . 2008-08-15 20:42 d-------- C:\Documents and Settings\Administrateur\Bureau
2008-08-15 12:38 . 2008-08-15 23:04 d-------- C:\Documents and Settings\Administrateur
2008-08-15 12:26 . 2008-08-15 23:07 d-------- C:\Documents and Settings\All Users\Application Data\idqhmfal
2008-08-15 10:24 . 2008-08-15 10:24 196,988 --a------ C:\Program Files\Fichiers communs\2.reg
2008-08-13 22:19 . 2008-05-01 16:36 331,776 -----c— C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-13 22:13 . 2008-04-11 21:05 691,712 -----c— C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-08-13 15:54 . 2008-08-13 15:54 d-------- C:\Program Files\SEGA
2008-08-13 14:13 . 2008-08-13 14:13 d-------- C:\Program Files\Windows Media Connect 2
2008-08-13 14:11 . 2008-08-13 14:12 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-08-13 14:10 . 2008-08-13 14:11 d-------- C:[u]0[/u]9f569775ff8eb71efac
2008-08-13 12:19 . 2008-08-13 15:37 177,676 --a------ C:\Program Files\Fichiers communs\tanik.reg
2008-08-10 10:46 . 2008-08-10 23:53 d-------- C:\Program Files\DAEMON Tools Lite
2008-08-10 10:43 . 2008-08-10 10:54 d-------- C:\Program Files\Simulateur de conduite 3D
2008-08-07 16:11 . 2008-08-07 16:11 dr-h----- C:\Documents and Settings\admin\Application Data\SecuROM
2008-08-07 16:11 . 2008-08-13 16:07 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-08-07 16:03 . 2008-08-07 16:03 d-------- C:\Documents and Settings\admin\Application Data\gnupg
2008-08-06 19:35 . 721,465,344 C:\Space_Adventure_COBRA-The_Film-French-[1995]~[¸1982].avi
2008-08-03 22:17 . 2008-08-03 22:17 20,016 --------- C:\WINDOWS\system32\drivers\pxhelp20.sys
2008-08-03 11:55 . 2008-08-04 23:23 d-------- C:\Program Files\Avanquest update
2008-08-03 11:55 . 2008-08-03 11:55 d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software
2008-08-03 11:55 . 2007-12-10 15:22 110,120 --a------ C:\WINDOWS\system32\drivers\s3017unic.sys
2008-08-03 11:55 . 2007-12-10 15:22 104,616 --a------ C:\WINDOWS\system32\drivers\s3017mgmt.sys
2008-08-03 11:55 . 2007-12-10 15:22 25,512 --a------ C:\WINDOWS\system32\drivers\s3017nd5.sys
2008-08-03 11:55 . 2007-12-10 15:22 10,792 --a------ C:\WINDOWS\system32\drivers\s3017cr.sys
2008-08-03 11:54 . 2008-08-03 11:54 d-------- C:\Program Files\Sony Ericsson
2008-08-03 11:54 . 2008-08-03 11:54 d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-08-03 11:54 . 2008-08-03 11:54 d-------- C:\Documents and Settings\admin\Application Data\InstallShield
2008-08-03 11:52 . 2007-12-10 15:22 100,648 -ra------ C:\WINDOWS\system32\drivers\s3017obex.sys
2008-08-01 13:39 . 2001-08-23 17:47 99,840 --a------ C:\WINDOWS\system32\srusd.dll
2008-08-01 13:39 . 2001-08-23 17:47 99,840 --a–c— C:\WINDOWS\system32\dllcache\srusd.dll
2008-08-01 13:39 . 2001-08-23 17:47 72,192 --a------ C:\WINDOWS\system32\fnfilter.dll
2008-08-01 13:39 . 2001-08-23 17:47 72,192 --a–c— C:\WINDOWS\system32\dllcache\fnfilter.dll
2008-08-01 13:39 . 2001-08-23 17:20 6,912 --a------ C:\WINDOWS\system32\drivers\serscan.sys
2008-08-01 13:39 . 2001-08-23 17:20 6,912 --a–c— C:\WINDOWS\system32\dllcache\serscan.sys
2008-08-01 12:41 . 2005-09-15 12:15 860,160 -ra------ C:\WINDOWS\system32\mcs_dec2.ax
2008-08-01 12:41 . 2005-08-22 13:11 700,416 -ra------ C:\WINDOWS\system32\mcs_cor1.dll
2008-08-01 12:41 . 2005-09-15 10:16 249,856 -ra------ C:\WINDOWS\system32\mcs_cor2.dll
2008-08-01 12:41 . 2005-08-22 13:12 147,456 -ra------ C:\WINDOWS\system32\mcs_vfw.dll
2008-08-01 12:41 . 2005-08-22 13:13 4,385 -ra------ C:\WINDOWS\system32\install.inf
2008-08-01 12:36 . 2005-06-21 01:08 58,880 -ra------ C:\WINDOWS\system32\drivers\CamAv.sys
2008-08-01 12:36 . 2005-07-20 02:23 11,648 -ra------ C:\WINDOWS\system32\drivers\CamFlt.sys
2008-08-01 12:30 . 2008-08-01 12:30 d-------- C:\Program Files\Fichiers communs\Ulead Systems
2008-08-01 12:24 . 2008-08-01 13:46 d-------- C:\WINDOWS\system32\NtmsData
2008-08-01 12:23 . 1998-11-18 16:33 144,384 --a------ C:\WINDOWS\system32\Iacenc.dll
2008-08-01 12:23 . 1997-06-13 08:56 56,832 --a------ C:\WINDOWS\system32\Iyvu9_32.dll
2008-07-31 15:39 . 2008-07-31 15:39 30,144 --a------ C:\Documents and Settings\admin\Application Data\GDIPFONTCACHEV1.DAT
2008-07-28 17:51 . 2008-08-11 17:43 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-07-28 17:51 . 2008-07-28 17:51 22,328 --a------ C:\Documents and Settings\admin\Application Data\PnkBstrK.sys
2008-07-28 17:50 . 2008-08-13 14:11 d-------- C:\WINDOWS\system32\LogFiles
2008-07-28 17:50 . 2008-08-11 17:42 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-07-28 17:50 . 2008-07-28 19:26 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-07-28 17:50 . 2008-07-28 17:50 319 --a------ C:\WINDOWS\game.ini
2008-07-28 17:42 . 2008-07-28 17:42 d-------- C:\Program Files\Activision
2008-07-28 16:09 . 2008-07-28 16:09 d-------- C:\Program Files\Microprose
2008-07-25 15:14 . 2008-07-25 15:14 d-------- C:\Program Files\Casse-Briques
2008-07-25 14:39 . 2008-07-29 21:20 336 --a------ C:\WINDOWS\INSECTE.JEU
2008-07-24 15:32 . 2008-07-24 15:32 1,137,769 --a------ C:\GTB.cab
2008-07-23 19:09 . 1998-09-02 10:02 194,320 --a------ C:\WINDOWS\system32\qcut.dll
2008-07-23 19:09 . 1998-08-27 06:51 182,032 --a------ C:\WINDOWS\system32\dxtmsft3.dll
2008-07-23 19:09 . 1998-08-20 13:02 140,800 --a------ C:\WINDOWS\system32\tm20dec.ax
2008-07-23 19:09 . 1998-09-02 10:28 63,488 --a------ C:\WINDOWS\system32\unam4ie.exe
2008-07-23 19:09 . 1998-09-02 10:28 38,160 --a------ C:\WINDOWS\system32\LMRTREND.dll
2008-07-23 19:09 . 1998-08-17 11:21 11,776 --a------ C:\WINDOWS\system32\mciqtz.drv
2008-07-23 19:09 . 1998-08-17 11:21 10,240 --a------ C:\WINDOWS\system32\vidx16.dll
2008-07-23 19:09 . 1998-08-17 11:21 5,672 --a------ C:\WINDOWS\system32\quartz.vxd
2008-07-20 11:06 . 2008-07-20 11:06 d-------- C:\Program Files\Microsoft Xbox 360 Accessories
2008-07-20 11:06 . 2007-02-26 18:15 1,421,216 --a------ C:\WINDOWS\system32\WdfCoInstaller01001.dll
2008-07-20 11:06 . 2007-02-26 18:15 61,984 --a------ C:\WINDOWS\system32\drivers\xusb21.sys
2008-07-20 11:06 . 2008-07-20 11:06 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01001_Coinstaller_Critical.Wdf
2008-07-20 11:06 . 2008-07-20 11:06 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_xusb21_01001.Wdf

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-20 20:50 --------- d-----w C:\Documents and Settings\admin\Application Data\Azureus
2008-08-20 16:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-19 18:54 --------- d—a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-16 15:03 --------- d-----w C:\Program Files\Lavasoft
2008-08-16 14:52 --------- d–h--w C:\Program Files\InstallShield Installation Information
2008-08-15 18:03 --------- d-----w C:\Program Files\SuperCopier2
2008-08-15 12:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\GamesBar
2008-08-13 12:39 --------- d-----w C:\Program Files\L’Amerzone
2008-08-10 08:46 --------- d-----w C:\Program Files\DAEMON Tools Toolbar
2008-08-01 11:29 --------- d-----w C:\Program Files\Ulead Systems
2008-08-01 10:42 --------- d-----w C:\Program Files\Creative
2008-08-01 10:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-08-01 10:23 --------- d-----w C:\Program Files\Intel
2008-07-30 10:17 --------- d-----w C:\Program Files\Azureus
2008-07-22 11:54 --------- d-----w C:\Program Files\AskTBar
2008-07-21 17:10 --------- d-----w C:\Program Files\Papyrus
2008-07-19 21:44 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-07-19 21:44 --------- d-----w C:\Documents and Settings\admin\Application Data\DAEMON Tools
2008-07-19 10:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Codemasters
2008-07-18 19:20 --------- d-----w C:\Program Files\MSN Messenger
2008-07-18 18:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus
2008-07-18 12:17 --------- d-----w C:\Program Files\Google
2008-07-18 12:01 --------- d-----w C:\Program Files\Java
2008-07-17 17:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-07-17 16:52 --------- d-----w C:\Program Files\MSECache
2008-07-17 12:08 --------- d-----w C:\Documents and Settings\admin\Application Data\Balloon Express
2008-07-11 10:57 --------- d-----w C:\Program Files\Common Files
2008-07-04 15:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ludia
2008-07-04 15:57 --------- d-----w C:\Documents and Settings\admin\Application Data\Ludia
2008-06-30 19:50 --------- d-----w C:\Program Files\Gamenext
2008-06-25 08:01 --------- d-----w C:\Program Files\Red Orb
2008-06-24 18:35 --------- d-----w C:\Documents and Settings\admin\Application Data\MysteryStudio
2008-06-20 18:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\MythPeople
2008-06-20 18:00 --------- d-----w C:\Program Files\Zylom Games
2008-06-20 15:20 --------- d-----w C:\Program Files\Core Design
2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-03-09 05:25 236 ----a-w C:\Program Files\Fichiers communs\dx.reg
2008-02-27 15:12 0 ----a-w C:\Program Files\temp01
1998-08-24 10:09 10,000 ----a-w C:\WINDOWS\inf\unregpn.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les ?l?ments vides & les ?l?ments initiaux l?gitimes ne sont pas list?s
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe” [2007-06-27 19:03 152872]
“MsnMsgr”=“C:\Program Files\MSN Messenger\MsnMsgr.Exe” [2007-01-19 12:55 5674352]
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2008-04-14 04:33 15360]
“wininfo”=“C:\WINDOWS\system32\tavgbqdw.exe” [2008-08-15 19:02 77824]
“Sony Ericsson PC Suite”=“C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe” [2008-02-20 17:19 360448]
“DAEMON Tools Lite”=“C:\Program Files\DAEMON Tools Lite\daemon.exe” [2008-07-24 17:02 490952]
“SpybotSD TeaTimer”=“C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe” [2008-08-18 18:41 1832272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“NvCplDaemon”=“C:\WINDOWS\system32\NvCpl.dll” [2008-05-16 14:01 13529088]
“EPSON Stylus DX3800 Series”=“C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE” [2005-02-08 06:00 98304]
“SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe” [2008-06-10 04:27 144784]
“Adobe Reader Speed Launcher”=“C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [2008-01-11 22:16 39792]
“NvMediaCenter”=“C:\WINDOWS\system32\NvMcTray.dll” [2008-05-16 14:01 86016]
“XboxStat”=“c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe” [2007-09-26 18:05 734264]
“DXM6Patch_9904”=“C:\WINDOWS\p_9904.exe” [1999-07-27 17:42 946448]
“NeroFilterCheck”=“C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe” [2007-03-01 15:57 153136]
“avgnt”=“C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe” [2008-08-18 19:26 266497]
“Creative WebCam Tray”=“C:\Program Files\Creative\Shared Files\CAMTRAY.EXE” [2004-07-30 11:04 245760]
“TrojanScanner”=“C:\Program Files\Trojan Remover\Trjscan.exe” [2008-08-17 15:24 909904]
“nwiz”=“nwiz.exe” [2008-05-16 14:01 1630208 C:\WINDOWS\system32\nwiz.exe]
“SkyTel”=“SkyTel.EXE” [2007-04-13 09:36 1822720 C:\WINDOWS\SkyTel.exe]
“RTHDCPL”=“RTHDCPL.EXE” [2007-04-12 11:33 16132608 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE” [2008-04-14 04:33 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“vidc.ffds”= C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
“vidc.wmv3”= C:\PROGRA~1\COMBIN~1\Filters\wmv9vcm.dll
“VIDC.ACDV”= ACDV.dll
“VIDC.VDOM”= vdowave.drv
“msacm.dvacm”= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
“vidc.SEDG”= mcs_vfw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
“O&O Defrag”=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
“AntiVirusDisableNotify”=dword:00000001
“UpdatesDisableNotify”=dword:00000001

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“C:\WINDOWS\system32\dpvsetup.exe”=
“C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe”=
“C:\Program Files\MSN Messenger\msnmsgr.exe”=
“C:\Program Files\MSN Messenger\livecall.exe”=
“C:\WINDOWS\system32\PnkBstrA.exe”=
“C:\WINDOWS\system32\PnkBstrB.exe”=
“C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe”=
“C:\Program Files\SEGA\Beijing 2008\Beijing.exe”=
“C:\Program Files\Azureus\Azureus.exe”=

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“1276:UDP”= 1276:UDP:Windows Media Format SDK (wmplayer.exe)
“1277:UDP”= 1277:UDP:Windows Media Format SDK (wmplayer.exe)

S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);C:\WINDOWS\system32\DRIVERS\s3017bus.sys [2007-12-10 15:22]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15:22]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s3017mdm.sys [2007-12-10 15:22]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s3017mgmt.sys [2007-12-10 15:22]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);C:\WINDOWS\system32\DRIVERS\s3017nd5.sys [2007-12-10 15:22]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s3017obex.sys [2007-12-10 15:22]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);C:\WINDOWS\system32\DRIVERS\s3017unic.sys [2007-12-10 15:22]
.
Contenu du dossier ‘Scheduled Tasks/T?ches planifi?es’

2008-03-12 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 15:57]
.
- - - ORPHANS REMOVED - - - -

BHO-{96EA7110-C0E2-44BF-94B1-03133A29521C} - (no file)
HKCU-Run-smartdbchk - C:\WINDOWS\system32\kxcpctcx.exe
HKCU-Run-swg - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKCU-Run-SUPERAntiSpyware - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Notify-!SASWinLogon - (no file)

.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = www.google.fr…
R0 -: HKCU-Main,SearchMigratedDefaultURL = search.live.com…
R1 -: HKCU-Internet Settings,ProxyOverride = *.local
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - www.bitdefender.fr…
C:\WINDOWS\Downloaded Program Files\oscan8.inf
C:\WINDOWS\bdoscandellang.ini
C:\WINDOWS\bdoscandel.exe
C:\WINDOWS\Downloaded Program Files\live.ini
C:\WINDOWS\Downloaded Program Files\scanoptions.tsi
C:\WINDOWS\Downloaded Program Files\lang.ini
C:\WINDOWS\Downloaded Program Files\ipsupd.dll
C:\WINDOWS\Downloaded Program Files\bdupd.dll
C:\WINDOWS\Downloaded Program Files\libfn.dll
C:\WINDOWS\Downloaded Program Files\bdcore.dll
C:\WINDOWS\Downloaded Program Files\oscan8.ocx

O16 -: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} - www.gamenext.fr…
C:\WINDOWS\Downloaded Program Files\SpinTopGamesLauncher.inf
C:\WINDOWS\Downloaded Program Files\SpinTopGamesLauncher.dll

O16 -: {E1342154-4889-42B5-BEF6-19237577048F} - www.gamenext.fr…
C:\WINDOWS\Downloaded Program Files\Oberongamesloader.inf
C:\WINDOWS\Downloaded Program Files\Oberongamesloader.dll
.

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2008-08-20 22:55:32
Windows 5.1.2600 Service Pack 3 NTFS

Balayage processus cach?s …

Balayage cach? autostart entries …

Balayage des fichiers cach?s …

Scan termin? avec succ?s
Les fichiers cach?s: 0

.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
.

.
Temps d’accomplissement: 2008-08-20 23:00:46 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-20 21:00:43

Pre-Run: 129,084,649,472 octets libres
Post-Run: 129,104,891,904 octets libres

306 — E O F — 2008-08-14 21:11:27

guigui14100 · Août 20, 2008, 11:17

C:\WINDOWS\system32\actskn43.ocx
C:\WINDOWS\system32\lmVDNqru.ini
C:\WINDOWS\system32\xyyccpwp.ini
C:\WINDOWS\system32\AS-Exp2.ocx
C:\WINDOWS\system32\systray.ocx
C:\WINDOWS\system32\MSADODC.ocx
C:\WINDOWS\system32\ProgressBar4.ocx
C:\WINDOWS\system32\XceedCry.dll
C:\WINDOWS\system32\XceedBkp.dll
C:\WINDOWS\system32\actsplash.ocx
C:\WINDOWS\system32\threadapi.tlb
C:\install.dat
C:\WINDOWS\system32\tavgbqdw.exe
C:\Program Files\Fichiers communs\2.reg
C:\WINDOWS\system32\dllcache\msadce.dll
C:\WINDOWS\system32\dllcache\inetcomm.dll
C:\Program Files\Fichiers communs\tanik.reg
C:\WINDOWS\system32\drivers\s3017unic.sys
C:\WINDOWS\system32\drivers\s3017mgmt.sys
C:\WINDOWS\system32\drivers\s3017nd5.sys
C:\WINDOWS\system32\drivers\s3017cr.sys
C:\WINDOWS\system32\drivers\s3017obex.sys
C:\WINDOWS\system32\srusd.dll
C:\WINDOWS\system32\dllcache\srusd.dll
C:\WINDOWS\system32\fnfilter.dll
C:\WINDOWS\system32\dllcache\fnfilter.dll
C:\WINDOWS\system32\mcs_dec2.ax
C:\WINDOWS\system32\mcs_cor1.dll
C:\WINDOWS\system32\mcs_cor2.dll
C:\WINDOWS\system32\mcs_vfw.dll
C:\WINDOWS\system32\install.inf
C:\WINDOWS\system32\drivers\CamAv.sys
C:\WINDOWS\system32\drivers\CamFlt.sys
C:\WINDOWS\system32\Iacenc.dll
C:\WINDOWS\game.ini
C:\WINDOWS\INSECTE.JEU
C:\GTB.cab
C:\WINDOWS\system32\WdfCoInstaller01001.dll
C:\WINDOWS\system32\drivers\xusb21.sys
C:\Program Files\Fichiers communs\dx.reg
C:\Program Files\temp01
C:\WINDOWS\system32\tavgbqdw.exe
C:\WINDOWS\p_9904.exe
C:\WINDOWS\system32\kxcpctcx.exe
C:\WINDOWS\Downloaded Program Files\lang.ini
C:\WINDOWS\Downloaded Program Files\SpinTopGamesLauncher.inf
C:\WINDOWS\Downloaded Program Files\SpinTopGamesLauncher.dll
C:\WINDOWS\Downloaded Program Files\Oberongamesloader.inf
C:\WINDOWS\Downloaded Program Files\Oberongamesloader.dll

Upload c’est fichier sur virustotal et post le rapport moi je vai commencé a créer un script de désinfection (dsl yen a bocoup)

Edit: voici le lien
Edité le 21/08/2008 à 20:13

farid0123456 · Août 20, 2008, 11:36

ok,merci,c kool ,j’espere ke sa sera bon,ce message devient lourd, merci

ckool,merci,j'espere que sera bon ce message commence a prendre le tete , merci

farid0123456 · Août 21, 2008, 6:41

merci,j’attends de tes nouvelles

guigui14100 · Août 21, 2008, 8:14

Tu as pas fais sa www.clubic.com…