Probleme probleme probleme... mare des virus !

Logiciel & apps Logiciel Général
43

S’il vous plait je voudrai une reponse asser vite :confused: sa va faire 2 jour que je nait plus d’antivirus

Cordialement

Wazazuzu

44

Avec le lien d Avira tu prends celui-çi

Télécharger le kit d’installation français
Avira AntiVir Personal - FREE Antivirus, Version 9
date: 2009-09-08, version: 9.0.0.67
Md5: 5f57c07e8dec0fb93a612f708b71031e

==>http://i37.tinypic.com/2rzwf1l.png

fais les étapes 1 à 6 comme d écris et faudrai essayé maintenant de faire Winsockxpfix + ComboFix comme d écris en page 2

45

est pour afficher le contenue de programe files est poste de travail ?

Autre probleme :confused:

Il me dise ( windows) que mon antivirus donc antivir est périmer que faire ?
Edité le 28/10/2009 à 21:37

46

Redémarres ==> clic droit sur l icône en bas en barre de tâches ==>démarrer la mise à jour

47

Sinon probleme conbofix je lance est il me mette sa je fait quoi ?

http://img502.imageshack.us/img502/3337/combofix.png

merci de ta reponse

48

Cliques sur 'non"

49

Voila le rappor combofix :

ComboFix 09-10-23.01 - nathan 28/10/2009 22:14.1.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1611 [GMT 1:00]
Lancé depuis: c:\documents and settings\nathan\Bureau\Wazazuzu.com
AV: AntiVir Desktop On-access scanning disabled (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N’EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\nathan\Mes documents\cc_20091027_121656.reg
c:\documents and settings\nathan\Mes documents\cc_20091027_161616.reg
c:\documents and settings\nathan\Mes documents\cc_20091027_182105.reg
c:\documents and settings\nathan\Mes documents\cc_20091027_205223.reg
c:\documents and settings\nathan\Mes documents\cc_20091028_100215.reg
c:\program files\BigSeekPro Toolbar\tbHElper.dll
c:\windows\system32\10836840.dll
c:\windows\system32\3703318.dll
c:\windows\system32\7965948.dll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_OREANS32
-------\Service_oreans32

((((((((((((((((((((((((((((( Fichiers créés du 2009-09-28 au 2009-10-28 ))))))))))))))))))))))))))))))))))))
.

2009-10-28 20:32 . 2009-03-30 09:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-10-28 20:32 . 2009-02-13 11:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-10-28 20:32 . 2009-07-28 15:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-10-28 20:32 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-10-28 20:32 . 2009-10-28 20:32 -------- d-----w- c:\program files\Avira
2009-10-28 20:32 . 2009-10-28 20:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-10-27 17:29 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-27 17:29 . 2009-10-27 17:29 -------- d-----w- c:\program files\Malwarebytes’ Anti-Malware
2009-10-27 17:29 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-27 11:08 . 2009-10-27 11:10 235848 ----a-w- C:\BdUninstallTool2009.10.27-12.08.43.reg
2009-10-27 08:08 . 2009-10-27 08:08 -------- d-----w- c:\program files\CCleaner
2009-10-26 19:00 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\319b3cbc.dll
2009-10-24 09:28 . 2009-10-24 09:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Toolbar4
2009-10-24 09:28 . 2009-10-28 21:18 -------- d-----w- c:\program files\BigSeekPro Toolbar
2009-10-24 09:28 . 2009-10-24 09:28 -------- d-----w- c:\program files\HyCam2
2009-10-24 08:14 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\24c87be.dll
2009-10-24 08:14 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\1b62e530.dll
2009-10-23 14:54 . 2009-10-27 14:14 -------- d-----w- c:\documents and settings\nathan\Application Data\gtk-2.0
2009-10-23 14:54 . 2009-10-23 14:54 -------- d-----w- c:\documents and settings\nathan.thumbnails
2009-10-23 13:54 . 2009-10-27 14:59 -------- d-----w- c:\documents and settings\nathan.gimp-2.6
2009-10-23 13:54 . 2009-10-23 13:54 -------- d-----w- c:\program files\GIMP-2.0
2009-10-23 09:15 . 2009-10-23 09:16 -------- d-----w- C:\rsit
2009-10-21 13:11 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\23766a8.dll
2009-10-20 15:54 . 2009-10-20 15:54 -------- d-----w- c:\documents and settings\nathan\Application Data\Malwarebytes
2009-10-20 15:54 . 2009-10-20 15:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-20 11:50 . 2009-10-20 11:50 -------- d-----w- c:\windows\system32\wbem\Repository
2009-10-19 18:32 . 2009-10-27 19:05 -------- d-----w- c:\documents and settings\nathan\Application Data\Cool Record Edit Pro
2009-10-19 18:27 . 2009-10-19 18:27 -------- d-sh–w- c:\documents and settings\LocalService\IETldCache
2009-10-19 18:25 . 2009-10-19 18:25 -------- d-----w- c:\documents and settings\nathan\Application Data\Free Sound Recorder
2009-10-19 18:23 . 2005-05-18 09:52 1212416 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2009-10-19 18:23 . 2005-05-17 10:37 1986560 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2009-10-19 18:23 . 2005-04-25 11:01 458752 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2009-10-19 18:23 . 2005-04-25 11:01 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2009-10-19 18:23 . 2005-04-15 10:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2009-10-19 18:23 . 2005-04-04 15:21 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2009-10-19 18:23 . 2005-03-28 13:54 479232 ----a-w- c:\windows\system32\NCTAudioVisualization2.dll
2009-10-19 18:23 . 2005-03-28 13:52 417792 ----a-w- c:\windows\system32\NCTTextToAudio2.dll
2009-10-19 18:23 . 2005-02-24 09:51 348160 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2009-10-19 18:23 . 2004-11-04 11:31 835584 ----a-w- c:\windows\system32\NCTAudioCDGrabber2.dll
2009-10-19 18:23 . 2009-10-19 18:23 -------- d-----w- c:\program files\Free Sound Recorder
2009-10-19 18:11 . 2009-10-19 18:22 -------- d-----w- c:\documents and settings\All Users\Application Data\River Past G5
2009-10-19 18:11 . 2009-10-19 18:11 -------- d-----w- c:\program files\River Past
2009-10-19 18:11 . 2009-10-19 18:11 -------- d-----w- c:\documents and settings\nathan\Application Data\River Past G5
2009-10-18 19:41 . 2009-10-18 19:42 -------- d-----w- C:\RAM Cheat
2009-10-18 19:39 . 2009-10-19 18:22 -------- d-----w- c:\program files\Nouvelle Cible Studio
2009-10-18 11:00 . 2009-10-18 11:01 -------- d-----w- c:\program files\AC Tool
2009-10-17 12:17 . 2009-10-17 12:22 -------- d-----w- c:\documents and settings\nathan\Application Data\Audacity
2009-10-15 20:51 . 2009-10-15 21:26 -------- d-----w- c:\program files\sks32
2009-10-15 09:30 . 2009-10-15 09:43 -------- d-----w- c:\documents and settings\nathan\Local Settings\Application Data\Temporary Projects
2009-10-14 19:15 . 2009-10-14 19:15 -------- d-sh–w- c:\documents and settings\nathan\PrivacIE
2009-10-14 18:46 . 2009-10-14 18:46 -------- d-sh–w- c:\documents and settings\NetworkService\IETldCache
2009-10-14 18:46 . 2009-10-14 18:46 -------- d-sh–w- c:\documents and settings\nathan\IETldCache
2009-10-14 18:22 . 2009-08-29 07:56 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-10-14 18:22 . 2009-08-29 07:56 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-10-14 18:22 . 2009-08-29 07:56 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-10-14 18:22 . 2009-08-29 07:56 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-10-14 18:22 . 2009-08-29 07:56 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-10-14 18:22 . 2009-08-29 07:56 11069440 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-10-14 18:22 . 2009-10-14 18:22 -------- d-----w- c:\windows\ie8updates
2009-10-14 18:22 . 2009-08-07 08:48 100352 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-10-14 18:19 . 2009-10-14 18:20 -------- dc-h–w- c:\windows\ie8
2009-10-14 12:33 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\41e898c.dll
2009-10-14 12:33 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\21b1f2c.dll
2009-10-14 10:01 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\2c34fbdc.dll
2009-10-14 10:01 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\1ccfd7.dll
2009-10-13 20:35 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\db0d71b.dll
2009-10-13 20:35 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\11cd07a0.dll
2009-10-13 20:05 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\e3bc5d8.dll
2009-10-13 20:05 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\3c44bbd.dll
2009-10-13 19:40 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\e68fda4.dll
2009-10-13 19:40 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\24b1eeae.dll
2009-10-13 17:13 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\bd26c4.dll
2009-10-13 17:13 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\52c481e.dll
2009-10-13 16:55 . 2009-10-13 16:55 33824 ----a-w- c:\windows\system32\drivers\oreans32.sys
2009-10-13 11:48 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\1d5e5b34.dll
2009-10-13 11:41 . 2009-10-13 11:41 -------- d-----w- c:\program files\Axon Data
2009-10-13 09:51 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\81f7f86.dll
2009-10-13 09:51 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\2b068d0.dll
2009-10-13 09:44 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\20067df.dll
2009-10-13 09:44 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\1c82b7c6.dll
2009-10-12 20:44 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\cd47d7e.dll
2009-10-12 20:44 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\21e71f6.dll
2009-10-12 20:43 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\1eae2acc.dll
2009-10-12 20:43 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\114ddc9c.dll
2009-10-12 18:42 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\dede378.dll
2009-10-12 18:42 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\74c9a8.dll
2009-10-12 16:33 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\31449aa9.dll
2009-10-12 16:33 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\1f15fc92.dll
2009-10-12 15:22 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\30bc5680.dll
2009-10-12 15:22 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\1865311e.dll
2009-10-12 14:40 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\ed2f31.dll
2009-10-12 14:40 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\100020a2.dll
2009-10-12 14:35 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\29f0db2e.dll
2009-10-12 12:26 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\32aef38.dll
2009-10-12 11:07 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\863f026.dll
2009-10-12 11:07 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\1b7ab94.dll
2009-10-12 10:42 . 2008-04-13 17:33 82432 —h-tw- c:\windows\system32\c04b3e6.dll
2009-10-11 20:35 . 2009-10-11 20:35 -------- d-----w- c:\documents and settings\nathan\Application Data\DofusOnline.D3C9F6CBD45122AC696063EA7CD9E35E7469708A.1
2009-10-11 20:05 . 2009-10-11 20:05 -------- d-----w- c:\program files\Dofus 2 Online
2009-10-11 20:05 . 2009-10-11 20:05 -------- d-----w- c:\program files\Fichiers communs\Adobe AIR
2009-10-09 17:33 . 2009-10-20 16:22 -------- d-----w- c:\program files\iTALC
2009-10-09 17:32 . 2009-10-09 18:01 -------- d-----w- c:\documents and settings\nathan\Application Data\iTALC
2009-10-07 14:03 . 2009-10-07 14:03 -------- d-----w- c:\program files\Fichiers communs\Merge Modules
2009-10-07 07:22 . 2009-10-07 07:22 -------- d-----w- c:\documents and settings\nathan\Local Settings\Application Data\assembly
2009-10-07 07:09 . 2009-10-07 07:09 -------- d-----w- c:\program files\Microsoft SQL Server
2009-10-07 07:09 . 2009-10-08 21:36 -------- d-----w- c:\program files\Microsoft Silverlight
2009-10-07 07:08 . 2009-10-07 07:08 -------- d-----w- c:\program files\Microsoft Synchronization Services
2009-10-07 07:07 . 2009-10-07 07:07 -------- d-----w- c:\documents and settings\nathan\Local Settings\Application Data\Microsoft Help
2009-10-07 07:05 . 2009-10-07 07:05 -------- d-----w- c:\program files\Microsoft.NET
2009-10-07 07:05 . 2009-10-07 14:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-07 07:05 . 2009-10-07 14:06 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2009-10-07 07:04 . 2009-10-07 07:04 -------- d-----w- c:\program files\Microsoft SDKs
2009-10-07 07:04 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-10-06 20:32 . 2009-10-06 20:35 -------- d-----w- c:\documents and settings\nathan\Local Settings\Application Data\Adobe
2009-10-05 14:18 . 2009-10-05 14:18 56 —ha-w- c:\windows\system32\ezsidmv.dat
2009-10-05 14:18 . 2009-10-25 15:01 -------- d-----w- c:\documents and settings\nathan\Application Data\skypePM
2009-10-05 14:13 . 2009-10-25 17:15 -------- d-----w- c:\documents and settings\nathan\Application Data\Skype
2009-10-05 14:12 . 2009-10-05 14:12 -------- d-----w- c:\program files\Fichiers communs\Skype
2009-10-05 14:12 . 2009-10-05 14:13 -------- d-----r- c:\program files\Skype
2009-10-05 14:12 . 2009-10-05 14:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-10-01 17:35 . 2009-10-02 19:26 -------- d-----w- c:\program files\Trainer Maker Kit
2009-09-30 11:26 . 2009-10-20 14:09 -------- d-----w- c:\program files\Save Flash
2009-09-29 08:07 . 2009-10-24 13:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-09-29 08:07 . 2009-10-14 18:02 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-29 07:22 . 2009-10-08 10:45 -------- d-----w- c:\program files\Workspace Macro Pro 6.5

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-27 21:36 . 2009-08-24 11:58 -------- d-----w- c:\documents and settings\nathan\Application Data\DNA
2009-10-27 17:24 . 2009-08-24 11:58 -------- d-----w- c:\program files\DNA
2009-10-27 15:12 . 2009-08-23 18:13 -------- d-----w- c:\program files\Cheat Engine
2009-10-27 11:06 . 2009-08-27 23:48 81984 ----a-w- c:\windows\system32\bdod.bin
2009-10-25 08:01 . 2001-09-28 11:00 80508 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-25 08:01 . 2001-09-28 11:00 500454 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-16 19:45 . 2009-09-20 11:26 -------- d-----w- c:\program files\Metin2_France
2009-10-15 08:17 . 2009-08-21 21:51 -------- d-----w- c:\documents and settings\All Users\Application Data\2DBoy
2009-10-09 18:07 . 2009-08-19 20:24 14072 ----a-w- c:\documents and settings\nathan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-07 13:35 . 2009-09-20 07:08 -------- d-----w- c:\program files\Steam
2009-10-07 13:34 . 2009-09-08 15:16 -------- d-----w- c:\program files\001
2009-10-06 20:34 . 2009-08-22 12:20 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-10-03 06:54 . 2009-09-04 15:14 -------- d-----w- c:\program files\GamersFirst
2009-10-02 17:54 . 2009-08-28 11:36 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2009-09-29 13:34 . 2009-08-24 06:46 -------- d-----w- c:\program files\Dofus
2009-09-29 09:18 . 2009-09-19 18:40 38 ----a-w- c:\documents and settings\nathan\jagex_runescape_preferences.dat
2009-09-29 09:18 . 2009-09-19 18:40 45 ----a-w- c:\documents and settings\nathan\jagex_runescape_preferences2.dat
2009-09-25 17:21 . 2009-09-25 17:21 0 ----a-w- c:\windows\system32\wsbl.dat
2009-09-25 17:21 . 2009-09-25 17:21 0 ----a-w- c:\windows\system32\ph_white.dat
2009-09-25 17:21 . 2009-09-25 17:21 0 ----a-w- c:\windows\system32\ph_summ.dat
2009-09-25 17:21 . 2009-09-25 17:21 0 ----a-w- c:\windows\system32\ph_black.dat
2009-09-25 17:21 . 2009-09-25 17:21 0 ----a-w- c:\windows\system32\pcwords2.dat
2009-09-25 17:21 . 2009-09-25 17:21 0 ----a-w- c:\windows\system32\pcwords.dat
2009-09-25 06:46 . 2009-09-03 17:53 -------- d-----w- c:\program files\Fichiers communs\Akamai
2009-09-25 05:36 . 2009-09-25 05:36 81920 ------w- c:\windows\system32\ieencode.dll
2009-09-24 15:43 . 2009-08-20 15:52 -------- d-----w- c:\documents and settings\nathan\Application Data\SlimBrowser
2009-09-20 20:22 . 2009-09-20 20:22 -------- d-----w- c:\program files\MSBuild
2009-09-20 20:22 . 2009-09-20 20:22 -------- d-----w- c:\program files\Reference Assemblies
2009-09-19 18:38 . 2009-09-19 18:38 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-19 18:38 . 2009-09-19 18:38 -------- d-----w- c:\program files\Java
2009-09-17 19:28 . 2009-08-22 11:47 -------- d-----w- c:\documents and settings\nathan\Application Data\Spore
2009-09-16 13:58 . 2009-09-16 11:46 -------- d-----w- c:\program files\Fichiers communs\Blizzard Entertainment
2009-09-14 10:00 . 2009-09-14 09:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NexonEU
2009-09-14 08:46 . 2009-09-14 08:46 421888 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2009-09-13 16:25 . 2009-09-13 16:25 -------- d-----w- c:\documents and settings\All Users\Application Data\NexonUS
2009-09-13 09:08 . 2009-09-13 09:08 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files
2009-09-13 09:08 . 2009-09-13 09:08 -------- d-----w- c:\program files\Pando Networks
2009-09-12 19:16 . 2009-09-12 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-09-11 14:18 . 2004-08-19 14:09 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:04 . 2004-08-19 14:09 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-03 20:23 . 2009-09-03 20:23 -------- d-----w- c:\program files\Eidos Interactive
2009-09-03 20:17 . 2009-09-03 19:40 96 —ha-w- c:\windows\system32\HsInfo.dat
2009-09-03 17:32 . 2009-09-03 17:30 -------- d-----w- c:\program files\Windows Live
2009-09-03 17:31 . 2009-09-03 17:31 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-09-03 17:30 . 2009-09-03 17:30 -------- d-----w- c:\program files\Microsoft
2009-09-03 17:30 . 2009-09-03 17:30 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-03 17:23 . 2009-09-03 17:23 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-09-03 15:07 . 2009-08-19 20:22 -------- d–h--w- c:\program files\InstallShield Installation Information
2009-08-29 07:56 . 2004-08-19 14:09 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-28 11:42 . 2009-08-28 11:42 4 ----a-w- c:\windows\system32\aspdict-en.dat
2009-08-28 11:42 . 2009-08-28 11:42 16 ----a-w- c:\windows\system32\asdict.dat
2009-08-26 08:01 . 2004-08-19 14:09 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-21 22:21 . 2009-08-21 22:21 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-08-20 16:08 . 2009-08-20 16:06 4212 —h–w- c:\windows\system32\zllictbl.dat
2009-08-19 17:04 . 2009-08-19 17:04 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-08-06 17:24 . 2009-08-19 17:05 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 17:24 . 2009-08-19 17:05 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 17:24 . 2009-08-19 17:05 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 17:24 . 2008-10-16 12:09 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 17:24 . 2008-10-16 12:09 44768 ----a-w- c:\windows\system32\wups2(2).dll
2009-08-06 17:24 . 2009-08-19 17:05 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 17:24 . 2004-08-19 14:09 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 17:23 . 2009-08-19 17:05 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 17:23 . 2009-09-04 14:32 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 17:23 . 2009-09-04 14:32 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 17:23 . 2009-08-19 17:05 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:00 . 2004-08-19 14:09 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 20:58 . 2004-08-19 14:04 2191232 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 17:28 . 2004-08-19 16:04 2068096 ----a-w- c:\windows\system32\ntkrnlpa.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“msnmsgr”=“c:\program files\Windows Live\Messenger\msnmsgr.exe” [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“nwiz”=“c:\program files\NVIDIA Corporation\nView\nwiz.exe” [2009-07-08 1657376]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2009-07-14 13877248]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2009-07-14 86016]
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe” [2009-09-19 149280]
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2009-02-27 35696]
“Malwarebytes Anti-Malware (reboot)”=“c:\program files\Malwarebytes’ Anti-Malware\mbam.exe” [2009-09-10 1312080]
“avgnt”=“c:\program files\Avira\AntiVir Desktop\avgnt.exe” [2009-03-02 209153]
“SoundMan”=“SOUNDMAN.EXE” - c:\windows\soundman.exe [2006-08-03 577536]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-13 15360]

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“c:\Program Files\DNA\btdna.exe”=
“c:\Program Files\Messenger\msmsgs.exe”=
“c:\Program Files\Windows Live\Messenger\wlcsdk.exe”=
“c:\Program Files\Windows Live\Messenger\msnmsgr.exe”=
“c:\Program Files\Windows Live\Sync\WindowsLiveSync.exe”=
“c:\Program Files\Pando Networks\Media Booster\PMB.exe”=
“c:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe”=
“c:\nexon\Combat Arms\Engine.exe”= c:\nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
“c:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe”=
“c:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe”=
“c:\Program Files\Steam\SteamApps\bestounet88\counter-strike source\hl2.exe”=
“c:\Program Files\Metin2_France\metin2.bin”=
“c:\Program Files\Steam\SteamApps\bestounet88\half-life 2 deathmatch\hl2.exe”=
“c:\Program Files\iTALC\ica.exe”=
“c:\Program Files\Skype\Phone\Skype.exe”=

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“57493:TCP”= 57493:TCP:Pando Media Booster
“57493:UDP”= 57493:UDP:Pando Media Booster

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [28/10/2009 21:32 108289]
R2 icas;iTALC Client;c:\program files\iTALC\ica.exe [09/10/2009 18:34 844800]
S3 DBKDRVR54;DBKDRVR54;c:\program files\Cheat Engine\dbk32.sys [20/09/2009 09:36 36096]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier ‘Tâches planifiées’

2009-10-28 c:\windows\Tasks\WGASetup.job

  • c:\windows\system32\KB905474\wgasetup.exe [2009-08-25 20:18]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = www.google.com…
    mStart Page = www.bigseekpro.com…
    FF - ProfilePath - c:\documents and settings\nathan\Application Data\Mozilla\Firefox\Profiles\jgq821ft.default
    FF - component: c:\program files\Mozilla Firefox\extensions{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
    FF - plugin: c:\documents and settings\All Users\Application Data\NexonEU\NGM\npNxGameeu.dll
    FF - plugin: c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
    FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2009-10-28 22:20
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés …

Recherche d’éléments en démarrage automatique cachés …

Recherche de fichiers cachés …

Scan terminé avec succès
Fichiers cachés: 0

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASFWHide]
“ImagePath”="??\c:\docume~1\nathan\LOCALS~1\Temp\ASFWHide"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

              • ‘explorer.exe’(320)
                c:\windows\system32\msi.dll
                c:\windows\system32\eappprxy.dll
                c:\windows\system32\webcheck.dll
                .
                ------------------------ Autres processus actifs ------------------------
                .
                c:\windows\system32\nvsvc32.exe
                c:\wazazuzu\CF417.exe
                c:\windows\system32\RUNDLL32.EXE
                c:\program files\Avira\AntiVir Desktop\avguard.exe
                c:\program files\Java\jre6\bin\jqs.exe
                c:\windows\system32\wscntfy.exe
                c:\wazazuzu\PEV.cfxxe
                .

.
Heure de fin: 2009-10-28 22:23 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-10-28 21:23

Avant-CF: 4 959 764 480 octets libres
Après-CF: 4 852 760 576 octets libres

    • End Of File - - 7D2C7D28609A361815A616058E393607

Voila j’attend une reponse

50

Voila… j’attend quoi faire car sa va faire plus de 2-3 jour que je nait plus de nouvelle

51

Salut wazazuzu

Passe Ccleaner Registre et aussi==> 2 fois nettoyeur

redémarres ton Pc

ensuite

Rends toi ici ==> Eset Online scanner (Eset-Nod32)

Uniquement avec Explorer

==> Eset Online scanner

Il faut utiliser Internet Explorer pour pouvoir le lancer (Contrôles ActiveX).

Coches la case: Yes, I accept the Terms of use puis cliques sur Start.

Installes les contrôles Active X proposés.

Choisis et coches les actions de nettoyage:

A la fin de l analyse colle le rapport : C:\Program Files\EsetOnlineScanner\log.txt

a la fin de l analyse

coches la case =>Désinstaller l application à la fermeture

http://i33.tinypic.com/if3f2x.png

poste le rapport généré

et poste un nouveau log RSIT

@+ cricri58

52

Pour ESET…Il n’y a pas le: log.txt par contre l’analyse a reveler 2 variante de win32 qui on était netoyer est un keylogger ^^ nettoyer aussi

Est RSIT Le voila :

Logfile of random’s system information tool 1.06 (written by random/random)
Run by nathan at 2009-11-02 13:10:14
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 4 GB (13%) free of 30 GB
Total RAM: 2047 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:10:24, on 02/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\iTALC\ica.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\nathan\Bureau\RSIT.exe
C:\Documents and Settings\nathan\Bureau\HijackThis\nathan.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.bigseekpro.com…
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\BigSeekPro Toolbar\tbcore3.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: BigSeekPro Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\BigSeekPro Toolbar\tbcore3.dll
O4 - HKLM…\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [Malwarebytes Anti-Malware (reboot)] “C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKLM…\Run: [avgnt] “C:\Program Files\Avira\AntiVir Desktop\avgnt.exe” /min
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - download.eset.com…
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: iTALC Client (icas) - Unknown owner - C:\Program Files\iTALC\ica.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


End of file - 5394 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-19 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
XBTBPos00 Class - C:\Program Files\BigSeekPro Toolbar\tbcore3.dll [2009-09-01 2723328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4064EA35-578D-4073-A834-C96D82CBCF40} - &Save Flash - C:\Program Files\Save Flash\SaveFlash.dll [2009-01-19 1105920]
{1BB22D38-A411-4B13-A746-C2A4F4EC7344} - BigSeekPro Toolbar - C:\Program Files\BigSeekPro Toolbar\tbcore3.dll [2009-09-01 2723328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“SoundMan”=C:\WINDOWS\SOUNDMAN.EXE [2006-08-03 577536]
“nwiz”=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-07-08 1657376]
“NvCplDaemon”=C:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248]
“NvMediaCenter”=C:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016]
“SunJavaUpdateSched”=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-19 149280]
“Adobe Reader Speed Launcher”=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
“Malwarebytes Anti-Malware (reboot)”=C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe [2009-09-10 1312080]
“avgnt”=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“ctfmon.exe”=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=323
“NoDriveAutoRun”=67108863
“NoDrives”=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“HonorAutoRunSetting”=
“NoDriveAutoRun”=
“NoDriveTypeAutoRun”=
“NoDrives”=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“C:\Program Files\DNA\btdna.exe”=“C:\Program Files\DNA\btdna.exe::Enabled:DNA"
“C:\Program Files\Messenger\msmsgs.exe”="C:\Program Files\Messenger\msmsgs.exe::Enabled:Windows Messenger”
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”=“C:\Program Files\Windows Live\Messenger\wlcsdk.exe::Enabled:Windows Live Call"
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger”
“C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe”=“C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe::Enabled:Windows Live FolderShare"
“C:\Program Files\Pando Networks\Media Booster\PMB.exe”="C:\Program Files\Pando Networks\Media Booster\PMB.exe::Enabled:Pando Media Booster”
“C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe”=“C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe::Enabled:Nexon Game Manager"
“C:\Nexon\Combat Arms\Engine.exe”=“C:\Nexon\Combat Arms\Engine.exe:Enabled:Engine.exe"
“C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe”="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe::Enabled:NEXON_EU_Downloader_Engine”
“C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe”="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe::Enabled:Nexon Game Manager”
“C:\Program Files\Steam\SteamApps\bestounet88\counter-strike source\hl2.exe”=“C:\Program Files\Steam\SteamApps\bestounet88\counter-strike source\hl2.exe::Enabled:hl2"
“C:\Program Files\Metin2_France\metin2.bin”="C:\Program Files\Metin2_France\metin2.bin::Enabled:metin2”
“C:\Program Files\Steam\SteamApps\bestounet88\half-life 2 deathmatch\hl2.exe”=“C:\Program Files\Steam\SteamApps\bestounet88\half-life 2 deathmatch\hl2.exe::Enabled:hl2"
“C:\Program Files\iTALC\ica.exe”="C:\Program Files\iTALC\ica.exe::Enabled:iTALC Client Application (ICA)”
“C:\Program Files\Skype\Phone\Skype.exe”=“C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype”

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”=“C:\Program Files\Windows Live\Messenger\wlcsdk.exe::Enabled:Windows Live Call"
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger”
“C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe”=“C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe::Enabled:Windows Live FolderShare"
“C:\Program Files\Pando Networks\Media Booster\PMB.exe”="C:\Program Files\Pando Networks\Media Booster\PMB.exe::Enabled:Pando Media Booster”
“C:\Nexon\Combat Arms\CombatArms.exe”=“C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe”
“C:\Nexon\Combat Arms\Engine.exe”=“C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe”
“C:\Nexon\Combat Arms EU\CombatArms.exe”=“C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe”
“C:\Nexon\Combat Arms EU\Engine.exe”=“C:\Nexon\Combat Arms EU\Engine.exe:Enabled:Engine.exe"
“C:\Program Files\iTALC\ica.exe”="C:\Program Files\iTALC\ica.exe::Enabled:iTALC Client Application (ICA)”

======List of files/folders created in the last 1 months======

2009-11-02 11:41:07 ----D---- C:\WINDOWS\LastGood
2009-11-02 09:44:13 ----D---- C:\Program Files\ESET
2009-10-31 00:40:43 ----D---- C:\Program Files\MSXML 4.0
2009-10-29 14:44:01 ----D---- C:\Documents and Settings\nathan\Application Data\Nero
2009-10-29 14:32:44 ----D---- C:\Program Files\Nero
2009-10-29 14:32:30 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2009-10-29 14:32:29 ----D---- C:\Program Files\Fichiers communs\Nero
2009-10-28 22:23:58 ----A---- C:\ComboFix.txt
2009-10-28 21:49:45 ----A---- C:\WINDOWS\zip.exe
2009-10-28 21:49:45 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-10-28 21:49:45 ----A---- C:\WINDOWS\SWSC.exe
2009-10-28 21:49:45 ----A---- C:\WINDOWS\SWREG.exe
2009-10-28 21:49:45 ----A---- C:\WINDOWS\sed.exe
2009-10-28 21:49:45 ----A---- C:\WINDOWS\PEV.exe
2009-10-28 21:49:45 ----A---- C:\WINDOWS\NIRCMD.exe
2009-10-28 21:49:45 ----A---- C:\WINDOWS\grep.exe
2009-10-28 21:32:54 ----D---- C:\Program Files\Avira
2009-10-28 21:32:54 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-10-27 18:29:39 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2009-10-27 09:08:27 ----D---- C:\Program Files\CCleaner
2009-10-26 20:00:32 ----HT---- C:\WINDOWS\system32\319b3cbc.dll
2009-10-26 15:14:51 ----D---- C:\WINDOWS\ERDNT
2009-10-26 14:43:26 ----D---- C:\Qoobox
2009-10-24 10:28:33 ----D---- C:\Documents and Settings\All Users\Application Data\Toolbar4
2009-10-24 10:28:32 ----D---- C:\Program Files\BigSeekPro Toolbar
2009-10-24 10:28:13 ----D---- C:\Program Files\HyCam2
2009-10-24 09:14:40 ----HT---- C:\WINDOWS\system32\24c87be.dll
2009-10-24 09:14:40 ----HT---- C:\WINDOWS\system32\1b62e530.dll
2009-10-23 15:54:59 ----D---- C:\Documents and Settings\nathan\Application Data\gtk-2.0
2009-10-23 14:54:24 ----D---- C:\Program Files\GIMP-2.0
2009-10-23 10:15:52 ----D---- C:\rsit
2009-10-21 14:11:00 ----HT---- C:\WINDOWS\system32\23766a8.dll
2009-10-20 16:54:36 ----D---- C:\Documents and Settings\nathan\Application Data\Malwarebytes
2009-10-20 16:54:32 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-19 19:32:22 ----D---- C:\Documents and Settings\nathan\Application Data\Cool Record Edit Pro
2009-10-19 19:25:33 ----D---- C:\Documents and Settings\nathan\Application Data\Free Sound Recorder
2009-10-19 19:23:13 ----A---- C:\WINDOWS\system32\NCTWMAFile2.dll
2009-10-19 19:23:13 ----A---- C:\WINDOWS\system32\NCTTextToAudio2.dll
2009-10-19 19:23:13 ----A---- C:\WINDOWS\system32\NCTAudioVisualization2.dll
2009-10-19 19:23:13 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2009-10-19 19:23:13 ----A---- C:\WINDOWS\system32\NCTAudioRecord2.dll
2009-10-19 19:23:13 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2009-10-19 19:23:13 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2009-10-19 19:23:13 ----A---- C:\WINDOWS\system32\NCTAudioFile2.dll
2009-10-19 19:23:13 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2009-10-19 19:23:13 ----A---- C:\WINDOWS\system32\NCTAudioCDGrabber2.dll
2009-10-19 19:23:12 ----D---- C:\Program Files\Free Sound Recorder
2009-10-19 19:11:24 ----D---- C:\Program Files\River Past
2009-10-19 19:11:24 ----D---- C:\Documents and Settings\nathan\Application Data\River Past G5
2009-10-19 19:11:24 ----D---- C:\Documents and Settings\All Users\Application Data\River Past G5
2009-10-18 20:41:07 ----D---- C:\RAM Cheat
2009-10-18 20:39:28 ----D---- C:\Program Files\Nouvelle Cible Studio
2009-10-18 12:00:42 ----D---- C:\Program Files\AC Tool
2009-10-17 13:17:02 ----D---- C:\Documents and Settings\nathan\Application Data\Audacity
2009-10-15 21:51:27 ----D---- C:\Program Files\sks32
2009-10-14 19:25:46 ----HDC---- C:\WINDOWS$NtUninstallKB974455$
2009-10-14 19:25:39 ----HDC---- C:\WINDOWS$NtUninstallKB958869$
2009-10-14 19:23:36 ----HDC---- C:\WINDOWS$NtUninstallKB969059$
2009-10-14 19:22:34 ----D---- C:\WINDOWS\ie8updates
2009-10-14 19:21:00 ----D---- C:\WINDOWS\WBEM
2009-10-14 19:19:11 ----HDC---- C:\WINDOWS\ie8
2009-10-14 19:14:33 ----A---- C:\WINDOWS\system32\MRT.exe
2009-10-14 19:12:53 ----HDC---- C:\WINDOWS$NtUninstallKB954155_WM9$
2009-10-14 19:12:44 ----HDC---- C:\WINDOWS$NtUninstallKB974112$
2009-10-14 19:12:29 ----HDC---- C:\WINDOWS$NtUninstallKB975025$
2009-10-14 19:12:14 ----HDC---- C:\WINDOWS$NtUninstallKB974571$
2009-10-14 19:11:44 ----HDC---- C:\WINDOWS$NtUninstallKB971486$
2009-10-14 19:11:07 ----HDC---- C:\WINDOWS$NtUninstallKB973525$
2009-10-14 19:10:52 ----HDC---- C:\WINDOWS$NtUninstallKB975467$
2009-10-14 13:33:15 ----HT---- C:\WINDOWS\system32\41e898c.dll
2009-10-14 13:33:15 ----HT---- C:\WINDOWS\system32\21b1f2c.dll
2009-10-14 11:01:01 ----HT---- C:\WINDOWS\system32\2c34fbdc.dll
2009-10-14 11:01:01 ----HT---- C:\WINDOWS\system32\1ccfd7.dll
2009-10-13 21:35:59 ----HT---- C:\WINDOWS\system32\db0d71b.dll
2009-10-13 21:35:59 ----HT---- C:\WINDOWS\system32\11cd07a0.dll
2009-10-13 21:05:43 ----HT---- C:\WINDOWS\system32\e3bc5d8.dll
2009-10-13 21:05:43 ----HT---- C:\WINDOWS\system32\3c44bbd.dll
2009-10-13 20:40:08 ----HT---- C:\WINDOWS\system32\e68fda4.dll
2009-10-13 20:40:08 ----HT---- C:\WINDOWS\system32\24b1eeae.dll
2009-10-13 18:13:58 ----HT---- C:\WINDOWS\system32\bd26c4.dll
2009-10-13 18:13:58 ----HT---- C:\WINDOWS\system32\52c481e.dll
2009-10-13 12:48:35 ----HT---- C:\WINDOWS\system32\1d5e5b34.dll
2009-10-13 12:41:06 ----D---- C:\Program Files\Axon Data
2009-10-13 10:51:01 ----HT---- C:\WINDOWS\system32\81f7f86.dll
2009-10-13 10:51:01 ----HT---- C:\WINDOWS\system32\2b068d0.dll
2009-10-13 10:44:18 ----HT---- C:\WINDOWS\system32\20067df.dll
2009-10-13 10:44:18 ----HT---- C:\WINDOWS\system32\1c82b7c6.dll
2009-10-12 21:44:37 ----HT---- C:\WINDOWS\system32\cd47d7e.dll
2009-10-12 21:44:37 ----HT---- C:\WINDOWS\system32\21e71f6.dll
2009-10-12 21:43:56 ----HT---- C:\WINDOWS\system32\1eae2acc.dll
2009-10-12 21:43:56 ----HT---- C:\WINDOWS\system32\114ddc9c.dll
2009-10-12 19:42:25 ----HT---- C:\WINDOWS\system32\dede378.dll
2009-10-12 19:42:25 ----HT---- C:\WINDOWS\system32\74c9a8.dll
2009-10-12 17:33:57 ----HT---- C:\WINDOWS\system32\31449aa9.dll
2009-10-12 17:33:57 ----HT---- C:\WINDOWS\system32\1f15fc92.dll
2009-10-12 16:22:53 ----HT---- C:\WINDOWS\system32\30bc5680.dll
2009-10-12 16:22:53 ----HT---- C:\WINDOWS\system32\1865311e.dll
2009-10-12 15:40:36 ----HT---- C:\WINDOWS\system32\ed2f31.dll
2009-10-12 15:40:35 ----HT---- C:\WINDOWS\system32\100020a2.dll
2009-10-12 15:35:09 ----HT---- C:\WINDOWS\system32\29f0db2e.dll
2009-10-12 13:26:08 ----HT---- C:\WINDOWS\system32\32aef38.dll
2009-10-12 12:07:15 ----HT---- C:\WINDOWS\system32\863f026.dll
2009-10-12 12:07:15 ----HT---- C:\WINDOWS\system32\1b7ab94.dll
2009-10-12 11:42:41 ----HT---- C:\WINDOWS\system32\c04b3e6.dll
2009-10-11 21:35:26 ----D---- C:\Documents and Settings\nathan\Application Data\DofusOnline.D3C9F6CBD45122AC696063EA7CD9E35E7469708A.1
2009-10-11 21:05:29 ----D---- C:\Program Files\Dofus 2 Online
2009-10-11 21:05:24 ----D---- C:\Program Files\Fichiers communs\Adobe AIR
2009-10-09 18:33:51 ----D---- C:\Program Files\iTALC
2009-10-09 18:32:26 ----D---- C:\Documents and Settings\nathan\Application Data\iTALC
2009-10-07 15:03:27 ----D---- C:\Program Files\Fichiers communs\Merge Modules
2009-10-07 08:09:38 ----HDC---- C:\WINDOWS$NtUninstallKB942288-v3$
2009-10-07 08:09:13 ----D---- C:\Program Files\Microsoft SQL Server
2009-10-07 08:09:08 ----D---- C:\Program Files\Microsoft Silverlight
2009-10-07 08:08:57 ----D---- C:\Program Files\Microsoft Synchronization Services
2009-10-07 08:05:06 ----D---- C:\Program Files\Microsoft.NET
2009-10-07 08:05:05 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2009-10-07 08:05:05 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-10-07 08:04:36 ----D---- C:\Program Files\Microsoft SDKs
2009-10-07 08:04:22 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-10-07 08:04:16 ----HDC---- C:\WINDOWS$NtUninstallXPSEPSCLP$
2009-10-06 21:34:06 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-06 21:33:52 ----D---- C:\Program Files\Adobe
2009-10-06 14:23:37 ----A---- C:\WINDOWS\w32dasm8.ini
2009-10-05 15:18:08 ----D---- C:\Documents and Settings\nathan\Application Data\skypePM
2009-10-05 15:13:30 ----D---- C:\Documents and Settings\nathan\Application Data\Skype
2009-10-05 15:12:54 ----D---- C:\Program Files\Fichiers communs\Skype
2009-10-05 15:12:50 ----RD---- C:\Program Files\Skype
2009-10-05 15:12:45 ----D---- C:\Documents and Settings\All Users\Application Data\Skype

======List of files/folders modified in the last 1 months======

2009-11-02 13:10:24 ----D---- C:\WINDOWS\Prefetch
2009-11-02 12:21:02 ----D---- C:\Program Files\Trainer Maker Kit
2009-11-02 11:47:27 ----D---- C:\WINDOWS\Temp
2009-11-02 11:41:07 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-02 11:41:07 ----D---- C:\WINDOWS
2009-11-02 10:24:08 ----D---- C:\WINDOWS\system32\drivers
2009-11-02 09:44:13 ----RD---- C:\Program Files
2009-11-02 09:41:30 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-02 00:08:24 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-10-31 00:40:45 ----SHD---- C:\WINDOWS\Installer
2009-10-31 00:40:44 ----D---- C:\WINDOWS\WinSxS
2009-10-31 00:40:44 ----D---- C:\WINDOWS\system32
2009-10-29 20:07:16 ----D---- C:\Program Files\Mozilla Firefox
2009-10-29 14:32:29 ----D---- C:\Program Files\Fichiers communs
2009-10-28 22:20:27 ----A---- C:\WINDOWS\system.ini
2009-10-28 22:18:41 ----D---- C:\WINDOWS\system32\config
2009-10-28 22:17:02 ----D---- C:\WINDOWS\AppPatch
2009-10-28 21:33:07 ----HD---- C:\WINDOWS\inf
2009-10-27 22:36:46 ----D---- C:\Documents and Settings\nathan\Application Data\DNA
2009-10-27 18:24:00 ----D---- C:\Program Files\DNA
2009-10-27 16:12:59 ----D---- C:\Program Files\Cheat Engine
2009-10-25 09:01:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-24 14:10:42 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-10-20 18:44:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-20 15:09:51 ----D---- C:\Program Files\Save Flash
2009-10-20 12:53:38 ----D---- C:\WINDOWS\system32\CatRoot
2009-10-20 12:50:11 ----D---- C:\WINDOWS\system32\wbem
2009-10-20 12:50:10 ----D---- C:\WINDOWS\Registration
2009-10-20 12:49:17 ----D---- C:\WINDOWS\system32\Restore
2009-10-20 09:56:24 ----D---- C:\WINDOWS\Help
2009-10-17 07:51:19 ----HD---- C:\WINDOWS$hf_mig$
2009-10-16 20:45:17 ----D---- C:\Program Files\Metin2_France
2009-10-15 09:17:53 ----D---- C:\Documents and Settings\All Users\Application Data\2DBoy
2009-10-15 08:35:10 ----D---- C:\WINDOWS\system
2009-10-14 20:26:44 ----D---- C:\WINDOWS\Debug
2009-10-14 19:54:00 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-14 19:53:55 ----RSD---- C:\WINDOWS\assembly
2009-10-14 19:46:02 ----D---- C:\WINDOWS\system32\fr-fr
2009-10-14 19:46:02 ----D---- C:\Program Files\Internet Explorer
2009-10-14 19:20:53 ----D---- C:\WINDOWS\Media
2009-10-14 19:02:28 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-10-11 21:05:28 ----D---- C:\Documents and Settings\nathan\Application Data\Adobe
2009-10-09 19:02:25 ----RSD---- C:\WINDOWS\Fonts
2009-10-08 11:45:18 ----D---- C:\Program Files\Workspace Macro Pro 6.5
2009-10-07 15:07:15 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-10-07 15:05:00 ----SD---- C:\Documents and Settings\nathan\Application Data\Microsoft
2009-10-07 15:05:00 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-07 14:35:51 ----D---- C:\Program Files\Steam
2009-10-07 14:34:05 ----D---- C:\Program Files\001
2009-10-06 21:34:20 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-10-03 08:10:58 ----D---- C:\WINDOWS\system32\DirectX
2009-10-03 07:54:24 ----D---- C:\Program Files\GamersFirst

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; ??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R1 oreans32;oreans32; ??\C:\WINDOWS\system32\drivers\oreans32.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-06 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-06 12928]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d’hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-01-09 236544]
S3 ASFWHide;ASFWHide; ??\C:\DOCUME~1\nathan\LOCALS~1\Temp\ASFWHide []
S3 catchme;catchme; ??\C:\Wazazuzu\catchme.sys []
S3 DBKDRVR54;DBKDRVR54; ??\C:\Program Files\Cheat Engine\dbk32.sys []
S3 EagleNT;EagleNT; ??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 icas;iTALC Client; C:\Program Files\iTALC\ica.exe [2008-07-23 844800]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-19 153376]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004]
S3 aspnet_state;Service d’état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Voila =) :arf:
Edité le 02/11/2009 à 13:11

53

salut

tu as rajouté une Toolbar ==>BigSeekPro Toolbar tu te cherche tes ennuis toi même

Juste pour voir peut être rien

1)Désactive ton Antivirus et antispyware avant le scan

Télécharge Toolbar-S&D (de la Team IDN) sur ton Bureau.

==>Toolbar-S&D (de la Team IDN)

==>Double clique l’icône ToolBar S&D sur le bureau
==>Sous Vista, faire un clic droit et “Exécuter en tant qu’administrateur” (Elévation des privilèges), puis -> Continuer.
==>Choisi F pour français et valide
==>Au menu principal de ToolBar S&D choisi l’option 1 (Recherche)
==>Le menu Démarrer et les icônes vont disparaîtrent, c’est normal
==>La recherche s’effectue, cela peut prendre plusieurs minutes, ne touche à rien.
==>Une fois l’analyse terminée, le rapport de recherche s’ouvre dans le Bloc-Note. (Dans le cas où le rapport ne s’ouvre pas, ce dernier se trouve sur C:\TB.txt)

cricri58

PS ==> réactives ton Antivirus aprés
54

Je nait pas vraiment compris " je cherche mes ennuie moi meme " est que doit-je faire du rapport ?

55

J aimerai voir le rapport de Toolbar S&D

56

Voila le rapport toolbar

-----------\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon™ 64 Processor 3500+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : nathan ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.32 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:5 Go)
D:\ (Local Disk) - NTFS - Total:82 Go (Free:75 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)

“C:\ToolBar SD” ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 03/11/2009|12:12 )

-----------\ Recherche de Fichiers / Dossiers …

-----------\ Extensions

(nathan) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
(nathan) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar

-----------\ […\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“Local Page”=“C:\WINDOWS\system32\blank.htm”
“Start Page”=“http://www.google.com/
“Search Page”=“http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
“Local Page”=“C:\WINDOWS\system32\blank.htm”
“Start Page”=“http://www.bigseekpro.com/hypercam/{B5EAB3FD-2CB6-4786-BF8E-BD4ECE509FFC}
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896

--------------------\ Recherche d’autres infections

--------------------\ Cracks & Keygens …

C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\Maps\Vitious\ObjectLightMap\v_crack_1661_4943.dds
C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\Maps\Vitious\ObjectLightMap\v_crack_2516_4941.dds
C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\StaticMesh\StandardMesh\v_crack.smf
C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\Texture\FM003\Decal_crack01_FM003.dds
C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\Texture\FM003\Decal_crack02_FM003.dds
C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\Texture\FM003\Decal_crack03_FM003.dds
C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\Texture\FMX01\D_Crackwall01.dds
C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\Texture\Santo\Decal_crack01_FM003.dds

1 - “C:\ToolBar SD\TB_1.txt” - 03/11/2009|12:12 - Option : [1]

-----------\ Fin du rapport a 12:12:48,76

:confused:

PS: Si apret m’avoir aider sur ce post tu pourais aller voir sur mon nouveau post ( Problème jeux en lignes ) se serait simpa se nait pas tres compliquer est sa me serait utile
Edité le 03/11/2009 à 12:16

57

re

Relances Toolbar en Mode2 et poste le rapport

58

Voila le rapport

-----------\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon™ 64 Processor 3500+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : nathan ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.32 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:5 Go)
D:\ (Local Disk) - NTFS - Total:82 Go (Free:75 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)

“C:\ToolBar SD” ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 03/11/2009|12:18 )

-----------\ Recherche de Fichiers / Dossiers …

-----------\ Extensions

(nathan) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
(nathan) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar

-----------\ […\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“Local Page”=“C:\WINDOWS\system32\blank.htm”
“Start Page”=“http://www.google.com/
“Search Page”=“http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
“Local Page”=“C:\WINDOWS\system32\blank.htm”
“Start Page”=“http://www.msn.com/
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896

--------------------\ Recherche d’autres infections

--------------------\ Cracks & Keygens …

C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\Maps\Vitious\ObjectLightMap\v_crack_1661_4943.dds
C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\Maps\Vitious\ObjectLightMap\v_crack_2516_4941.dds
C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\StaticMesh\StandardMesh\v_crack.smf
C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\Texture\FM003\Decal_crack01_FM003.dds
C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\Texture\FM003\Decal_crack02_FM003.dds
C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\Texture\FM003\Decal_crack03_FM003.dds
C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\Texture\FMX01\D_Crackwall01.dds
C:\DOCUME~1\nathan\Bureau\nathan\Jeux\GamersFirst\War Rock\Texture\Santo\Decal_crack01_FM003.dds

1 - “C:\ToolBar SD\TB_1.txt” - 03/11/2009|12:12 - Option : [1]
2 - “C:\ToolBar SD\TB_2.txt” - 03/11/2009|12:19 - Option : [2]

-----------\ Fin du rapport a 12:19:00,98

59

re

je pensais que tu avis installé une Toolbar de m@rde

fais ceci

Lances Hijackthis

VISTA: Clic droit sur Hijackthis/exécuter en tant qu’administrateur!

Cliques sur ==> Do a System Scan Only

coches ces Lignes

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - download.eset.com

Fermes tes autres applications sauf ==> hijackthis ( bien sûr )

et Cliques sur ==> Fix Checked

et reviens

60

Voila c’est fait :smiley:

61

Re

Désactives ton antivirus

Télécharge OTM de OldTimer sur le bureau :

==>OTM de OldTimer

Double-clique sur OTM.exe sur le bureau

—> sous VISTA: clic droit: exécuter en temps qu’administrateur.

  • Assure toi que la case Unregister Dll’s and Ocx’s soit bien cochée

  • Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste Instructions for Items to be Moved

  • Clique sur MoveIt! pour lancer la suppression.
  • Ferme OTM

Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.

Poste le rapport de OTM qui se trouve dans C:_OTM\MovedFiles.

Réactives ton antivirus

ensuite

  1. Télécharges ToolsCleaner! de A.Rothstein pour enlever les programmes utilisés pendant la procédure.

==>ToolsCleaner2

==> Enregistres ToolsCleaner2.exe sur le Bureau.
Sous Vista,Clic-droit > Exécuter en tant qu’ Administrateur
==> Double-cliquer dessus, puis cliques sur Recherche --> Le programme va chercher les utilitaires installés
------> Il se peut que la fenêtre devienne blanche pendant le scan, c’est normal !
==> Copier-coller le contenu du rapport qui apparait dans la fenêtre blanche.

62

Escuse moi mais tu a du louper une etape …

Je lance OTM.exe est je fait quoi apret :confused: ?

PS: Puit-je avoir ton adresse MSN car je voudrai te parler de quelque chose mais pas sur le forum :confused:

Est qui pourrait etre d’une grande aide

( un peut ma vie privée …)
Edité le 06/11/2009 à 21:40