[RESOLU] Gros Probleme ( drsmarload ,Search bar )

En cherchant un peu j ai trouver une page firefox dans Local Settings qui se nomme Bartar jsais pas trop cque c est et j arrive pas a le supprimer

Bonjour,

Télécharge combofix.exe (par sUBs) sur ton Bureau

Double clique combofix.exe.

Tape sur la touche Y (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Soufian - 06-10-18 13:49:57,89 Service Pack 1
ComboFix 06.10.16 - Running from: "C:\Documents and Settings\Soufian\Bureau"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\keyboard1.dat


((((((((((((((((((((((((((((((( Files Created from 2006-09-18 to 2006-10-18 ))))))))))))))))))))))))))))))))))


2006-10-18 13:25 110,592 -r-hs---- C:\WINDOWS\win32logon.exe
2006-10-17 14:46 21,760 --a------ C:\WINDOWS\system32\drivers\USBSTOR.SYS
2006-10-17 14:45 8,760 --a------ C:\WINDOWS\system32\x.exe
2006-10-16 17:41 45,525 --a------ C:\WINDOWS\system32\lgiptbci.dll
2006-10-15 12:09 110,592 -r-hs---- C:\WINDOWS\win32bootconfig.exe
2006-10-15 12:09 110,592 --a------ C:\WINDOWS\system32\eraseme_48585.exe
2006-10-14 21:15 45,525 --a------ C:\WINDOWS\system32\euqhmhep.dll
2006-10-14 15:43 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2006-10-14 15:05 45,525 --a------ C:\WINDOWS\system32\ukjcplxv.dll
2006-10-14 14:15 76,800 --a------ C:\WINDOWS\system32\eraseme_68500.exe
2006-10-13 17:05 76,288 -r-hs---- C:\WINDOWS\system32\lsscs.exe
2006-10-09 18:51 45,525 --a------ C:\WINDOWS\system32\nnixkuej.dll
2006-10-09 16:39 372 --a------ C:\WINDOWS\pwr.exe
2006-10-09 16:39 16,384 --a------ C:\WINDOWS\dov9.exe
2006-10-08 21:36 45,525 --a------ C:\WINDOWS\system32\fkhpqmvn.dll
2006-10-04 18:26 86,036 --a------ C:\WINDOWS\system32\oibtvlvc.dll
2006-10-03 14:55 20,480 --a------ C:\WINDOWS\system32\hidserv.dll
2006-10-03 14:54 14,080 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2006-10-02 20:30 45,525 --a------ C:\WINDOWS\system32\bjtofaeh.dll
2006-10-02 17:31 60,416 --a------ C:\WINDOWS\ALCFDRTM.EXE
2006-10-01 18:18 45,525 --a------ C:\WINDOWS\system32\pfdmmanw.dll
2006-10-01 13:40 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2006-09-30 20:38 40,973 ---hs---- C:\WINDOWS\system32\fccawtr.dll
2006-09-30 20:38 40,973 ---hs---- C:\WINDOWS\system32\awtuust.dll
2006-09-30 20:12 45,525 --a------ C:\WINDOWS\system32\kjpegqdt.dll
2006-09-30 19:48 40,973 ---hs---- C:\WINDOWS\system32\gebbxyy.dll
2006-09-30 19:13 40,973 ---hs---- C:\WINDOWS\system32\efccaab.dll
2006-09-30 19:02 40,973 ---hs---- C:\WINDOWS\system32\hggghhf.dll
2006-09-30 18:57 76,800 -r-hs---- C:\WINDOWS\system32\lsyss.exe
2006-09-30 18:55 40,973 ---hs---- C:\WINDOWS\system32\wvutspn.dll
2006-09-30 18:49 477 ---hs---- C:\WINDOWS\system32\efhkj.ini2
2006-09-30 12:27 40,973 ---hs---- C:\WINDOWS\system32\awttutu.dll
2006-09-30 11:35 40,973 ---hs---- C:\WINDOWS\system32\gebbyvu.dll
2006-09-29 21:37 86,068 --a------ C:\WINDOWS\system32\aaqmclfb.dll
2006-09-29 21:37 45,525 --a------ C:\WINDOWS\system32\sswrbgnx.dll
2006-09-29 21:36 735,274 ---hs---- C:\WINDOWS\system32\efhkj.bak2
2006-09-29 21:36 143,380 --a------ C:\WINDOWS\system32\yumudxvi.exe
2006-09-29 19:24 180,224 --a------ C:\WINDOWS\system32\plscder.exe
2006-09-29 18:38 40,973 ---hs---- C:\WINDOWS\system32\khfdcdb.dll
2006-09-29 17:06 40,973 ---hs---- C:\WINDOWS\system32\ddcbayw.dll
2006-09-29 17:01 40,973 ---hs---- C:\WINDOWS\system32\jkklljh.dll
2006-09-22 17:07 178,408 --a------ C:\WINDOWS\system32\muweb.dll
2006-09-22 17:07 128,744 --a------ C:\WINDOWS\system32\mucltui.dll
2006-09-21 21:22 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2006-09-21 21:22 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2006-09-21 21:22 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe
2006-09-21 21:22 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2006-09-21 21:22 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2006-09-21 21:22 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2006-09-21 21:22 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2006-09-21 20:25 310,272 --a------ C:\WINDOWS\system32\winhttp.dll
2006-09-21 20:25 223,232 --a------ C:\WINDOWS\system32\qmgr.dll
2006-09-21 20:25 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2006-09-21 20:23 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-09-21 20:19 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2006-09-21 20:19 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2006-09-21 20:08 75,544 --a------ C:\WINDOWS\system32\cdm.dll
2006-09-21 20:08 467,224 --a------ C:\WINDOWS\system32\wuapi.dll
2006-09-21 20:08 41,240 --a------ C:\WINDOWS\system32\wups.dll
2006-09-21 20:08 198,424 --a------ C:\WINDOWS\system32\iuengine.dll
2006-09-21 20:08 195,352 --a------ C:\WINDOWS\system32\wuaueng1.dll
2006-09-21 20:08 175,896 --a------ C:\WINDOWS\system32\wuauclt1.exe
2006-09-21 20:08 128,792 --a------ C:\WINDOWS\system32\wucltui.dll
2006-09-21 20:08 125,720 --a------ C:\WINDOWS\system32\wuauclt.exe
2006-09-21 20:08 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll
2006-09-21 19:49 77,440 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2006-09-21 19:49 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2006-09-21 19:49 50,048 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2006-09-21 19:49 5,888 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2006-09-21 19:49 2,816 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2006-09-21 19:49 159,360 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2006-09-21 19:49 142,208 --a------ C:\WINDOWS\system32\drivers\aec.sys
2006-09-21 19:48 9,856 --a------ C:\WINDOWS\system32\drivers\gameenum.sys
2006-09-21 19:48 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2006-09-21 19:48 57,728 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2006-09-21 19:48 56,832 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2006-09-21 19:48 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2006-09-21 19:48 2,944 --a------ C:\WINDOWS\system32\drivers\msmpu401.sys
2006-09-21 19:47 70,144 --a------ C:\WINDOWS\system32\usbui.dll
2006-09-21 19:46 86,044 --a------ C:\WINDOWS\system32\dgsetup.dll
2006-09-21 19:46 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2006-09-21 19:46 73,216 --a------ C:\WINDOWS\system32\storprop.dll
2006-09-21 19:46 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2006-09-21 19:46 67,584 --a------ C:\WINDOWS\NOTEPAD.EXE
2006-09-21 19:46 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2006-09-21 19:46 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2006-09-21 19:46 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2006-09-21 19:46 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2006-09-21 19:46 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2006-09-21 19:46 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2006-09-21 19:46 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2006-09-21 19:46 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2006-09-21 19:46 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2006-09-21 19:46 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2006-09-21 19:46 6,656 --a------ C:\WINDOWS\system32\batt.dll
2006-09-21 19:46 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2006-09-21 19:46 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2006-09-21 19:46 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2006-09-21 19:46 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2006-09-21 19:46 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2006-09-21 19:46 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2006-09-21 19:46 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdycc.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbduzb.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdur.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdtat.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdru1.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdru.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdkaz.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdbu.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdblr.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2006-09-21 19:46 5,632 -ra------ C:\WINDOWS\system32\kbdaze.dll
2006-09-21 19:46 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2006-09-21 19:46 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2006-09-21 19:46 15,872 --a------ C:\WINDOWS\TASKMAN.EXE
2006-09-21 19:46 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2006-09-21 19:46 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2006-09-21 19:46 10,496 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2006-09-21 19:43 73,728 --a------ C:\WINDOWS\system32\Oemdspif.dll
2006-09-21 19:43 601,760 --a------ C:\WINDOWS\system32\ativvaxx.dll
2006-09-21 19:43 6,680,576 --a------ C:\WINDOWS\system32\atioglx1.dll
2006-09-21 19:43 53,248 --a------ C:\WINDOWS\system32\ATIDDC.DLL
2006-09-21 19:43 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe
2006-09-21 19:43 46,080 --a------ C:\WINDOWS\system32\ati2evxx.dll
2006-09-21 19:43 40,960 --a------ C:\WINDOWS\system32\drivers\ati2erec.dll
2006-09-21 19:43 4,841,472 --a------ C:\WINDOWS\system32\atioglxx.dll
2006-09-21 19:43 39,936 --a------ C:\WINDOWS\system32\ati2edxx.dll
2006-09-21 19:43 376,832 --a------ C:\WINDOWS\system32\ati2evxx.exe
2006-09-21 19:43 307,200 -ra------ C:\WINDOWS\system32\atiiiexx.dll
2006-09-21 19:43 258,048 --a------ C:\WINDOWS\system32\ATIDEMGR.dll
2006-09-21 19:43 25,088 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
2006-09-21 19:43 241,664 --a------ C:\WINDOWS\system32\ati2dvag.dll
2006-09-21 19:43 233,472 --a------ C:\WINDOWS\system32\ati2cqag.dll
2006-09-21 19:43 2,433,152 --a------ C:\WINDOWS\system32\ati3duag.dll
2006-09-21 19:43 17,408 --a------ C:\WINDOWS\system32\atitvo32.dll
2006-09-21 19:43 147,456 --a------ C:\WINDOWS\system32\atikvmag.dll
2006-09-21 19:43 106,496 --a------ C:\WINDOWS\system32\atipdlxx.dll
2006-09-21 19:43 1,351,680 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2006-09-21 19:31 50,688 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2006-09-21 19:28 90,112 --a------ C:\WINDOWS\system32\AMEUninst2000.exe
2006-09-21 19:28 81,920 --a------ C:\WINDOWS\system32\NotifyPhoneBook.exe
2006-09-21 19:28 65,536 --a------ C:\WINDOWS\system32\RasXP.exe
2006-09-21 19:28 6,511 --a------ C:\WINDOWS\system32\drivers\StrFilter.sys
2006-09-21 19:28 45,056 --a------ C:\WINDOWS\system32\InstallHardware.exe
2006-09-21 19:28 45,056 --a------ C:\WINDOWS\system32\GainSettings.exe
2006-09-21 19:28 36,864 --a------ C:\WINDOWS\system32\Ras2000.exe
2006-09-21 19:28 36,864 --a------ C:\WINDOWS\system32\CustomizeNdisParams.exe
2006-09-21 19:28 36,864 --a------ C:\WINDOWS\system32\AMEInstall.exe
2006-09-21 19:28 36,864 --------- C:\WINDOWS\system32\Api32.dll
2006-09-21 19:28 323,584 --------- C:\WINDOWS\system32\MultLang.dll
2006-09-21 19:28 32,768 --a------ C:\WINDOWS\system32\SetIpConfig2000Xp.exe
2006-09-21 19:28 32,768 --a------ C:\WINDOWS\system32\RemDial.exe
2006-09-21 19:28 28,672 --a------ C:\WINDOWS\system32\RShort2k.exe
2006-09-21 19:28 28,672 --a------ C:\WINDOWS\system32\RemoveElan.exe
2006-09-21 19:28 28,672 --a------ C:\WINDOWS\system32\PnpFix.exe
2006-09-21 19:28 28,672 --a------ C:\WINDOWS\system32\AMELaunchUninst.exe
2006-09-21 19:28 24,576 --a------ C:\WINDOWS\system32\AMECSARemove.exe
2006-09-21 19:28 24,576 --------- C:\WINDOWS\system32\RenCSA.exe
2006-09-21 19:28 24,576 --------- C:\WINDOWS\system32\DelCSA.exe
2006-09-21 19:28 204,800 --------- C:\WINDOWS\system32\WaitMsg.exe
2006-09-21 19:28 12,507 --------- C:\WINDOWS\system32\Snetcfg.exe
2006-09-21 19:28 118,391 --a------ C:\WINDOWS\system32\drivers\ameatmpc.sys
2006-09-21 19:28 118,391 --------- C:\WINDOWS\system32\ameatmpc.sys
2006-09-21 19:28 110,592 --------- C:\WINDOWS\system32\Utility.exe
2006-09-21 19:28 106,496 --------- C:\WINDOWS\system32\Cleanup.exe
2006-09-21 19:25 57,344 --a------ C:\WINDOWS\system32\csnpstd.dll
2006-09-21 19:25 53,248 --a------ C:\WINDOWS\system32\dsnpstd.dll
2006-09-21 19:25 40,960 --a------ C:\WINDOWS\vsnpstd.exe
2006-09-21 19:25 40,960 --a------ C:\WINDOWS\CleanDev.exe
2006-09-21 19:25 36,864 --a------ C:\WINDOWS\system32\vsnpstd.dll
2006-09-21 19:25 299,776 --a------ C:\WINDOWS\system32\drivers\snpstd.sys
2006-09-21 19:25 245,408 --a------ C:\WINDOWS\Unicows.dll
2006-09-21 19:22 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys
2006-09-21 19:22 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
2006-09-21 19:22 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2006-09-21 19:22 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys
2006-09-21 19:22 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
2006-09-21 19:22 46,592 --a------ C:\WINDOWS\system32\dxdllreg.exe
2006-09-21 19:22 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
2006-09-21 19:22 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll
2006-09-21 19:22 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys
2006-09-21 19:22 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys
2006-09-21 19:22 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys
2006-09-21 19:22 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys
2006-09-21 19:22 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys
2006-09-21 19:22 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys
2006-09-21 19:22 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys
2006-09-21 19:22 10,496 --a------ C:\WINDOWS\system32\drivers\dxapi.sys
2006-09-21 19:22 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys
2006-09-21 19:22 1,769,472 --a------ C:\WINDOWS\system32\dxdiagn.dll
2006-09-21 19:22 1,703,936 --a------ C:\WINDOWS\system32\d3d9.dll
2006-09-21 19:21 65,536 --a------ C:\WINDOWS\system32\ATKOGL.dll
2006-09-21 19:21 45,056 --a------ C:\WINDOWS\system32\asrussian.dll
2006-09-21 19:21 45,056 --a------ C:\WINDOWS\system32\askorean.dll
2006-09-21 19:21 45,056 --a------ C:\WINDOWS\system32\asjapan.dll
2006-09-21 19:21 45,056 --a------ C:\WINDOWS\system32\asgerman.dll
2006-09-21 19:21 45,056 --a------ C:\WINDOWS\system32\asfrench.dll
2006-09-21 19:21 45,056 --a------ C:\WINDOWS\system32\aseng.dll
2006-09-21 19:21 45,056 --a------ C:\WINDOWS\system32\ASCHT.dll
2006-09-21 19:21 45,056 --a------ C:\WINDOWS\system32\aschs.dll
2006-09-21 19:21 253,952 --a------ C:\WINDOWS\ATKKBService.exe
2006-09-21 19:21 23,040 --a------ C:\WINDOWS\system32\drivers\atkkbnt.sys
2006-09-21 19:21 2,019,840 --a------ C:\WINDOWS\system32\ATKOSDX.dll
2006-09-21 19:21 198,752 --a------ C:\WINDOWS\system32\ATKDISP.dll
2006-09-21 19:21 12,288 --a------ C:\WINDOWS\system32\ATKOSDMini.DLL
2006-09-21 19:21 1,975,936 --a------ C:\WINDOWS\system32\drivers\Bravo.sys
2006-09-21 19:21 1,617,920 --a------ C:\WINDOWS\system32\ATKDispCPL.dll
2006-09-21 19:17 11,264 -r------- C:\WINDOWS\system32\drivers\EIO.sys
2006-09-21 19:16 962,612 --a------ C:\WINDOWS\system32\mfc42d.dll
2006-09-21 19:16 434,252 --a------ C:\WINDOWS\system32\MSVCRTD.DLL
2006-09-21 19:14 845,968 C:\WINDOWS\system32AI - Series.scr
2006-09-21 19:09 99,840 --a------ C:\WINDOWS\system32\dmsynth.dll
2006-09-21 19:09 94,720 --a------ C:\WINDOWS\system32\dmusic.dll
2006-09-21 19:09 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll
2006-09-21 19:09 794,624 --a------ C:\WINDOWS\system32\dxdiag.exe
2006-09-21 19:09 791,040 --a------ C:\WINDOWS\system32\d3dim700.dll
2006-09-21 19:09 77,824 --a------ C:\WINDOWS\system32\gcdef.dll
2006-09-21 19:09 77,312 --a------ C:\WINDOWS\system32\dmscript.dll
2006-09-21 19:09 734,208 --a------ C:\WINDOWS\system32\qedwipes.dll
2006-09-21 19:09 67,072 --a------ C:\WINDOWS\system32\dsdmoprp.dll
2006-09-21 19:09 63,488 --a------ C:\WINDOWS\system32\amstream.dll
2006-09-21 19:09 595,456 --a------ C:\WINDOWS\system32\dx7vb.dll
2006-09-21 19:09 590,336 --a------ C:\WINDOWS\system32\d3dramp.dll
2006-09-21 19:09 58,368 --a------ C:\WINDOWS\system32\dpvsetup.exe
2006-09-21 19:09 57,344 --a------ C:\WINDOWS\system32\dmcompos.dll
2006-09-21 19:09 56,320 --a------ C:\WINDOWS\system32\dpnhupnp.dll
2006-09-21 19:09 513,024 --a------ C:\WINDOWS\system32\qedit.dll
2006-09-21 19:09 51,712 --a------ C:\WINDOWS\system32\devenum.dll
2006-09-21 19:09 49,664 --a------ C:\WINDOWS\system32\dpwsockx.dll
2006-09-21 19:09 47,616 --a------ C:\WINDOWS\system32\d3dxof.dll
2006-09-21 19:09 46,592 --a------ C:\WINDOWS\system32\wstdecod.dll
2006-09-21 19:09 44,032 --a------ C:\WINDOWS\system32\dimap.dll
2006-09-21 19:09 436,224 --a------ C:\WINDOWS\system32\d3dim.dll
2006-09-21 19:09 395,264 --a------ C:\WINDOWS\system32\diactfrm.dll
2006-09-21 19:09 38,400 --a------ C:\WINDOWS\system32\dpnlobby.dll
2006-09-21 19:09 358,400 --a------ C:\WINDOWS\system32\qdvd.dll
2006-09-21 19:09 350,208 --a------ C:\WINDOWS\system32\d3drm.dll
2006-09-21 19:09 34,816 --a------ C:\WINDOWS\system32\d3dpmesh.dll
2006-09-21 19:09 338,944 --a------ C:\WINDOWS\system32\dsound.dll
2006-09-21 19:09 33,280 --a------ C:\WINDOWS\system32\mciqtz32.dll
2006-09-21 19:09 31,744 --a------ C:\WINDOWS\system32\pid.dll
2006-09-21 19:09 31,744 --a------ C:\WINDOWS\system32\dmloader.dll
2006-09-21 19:09 3,840 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2006-09-21 19:09 29,696 --a------ C:\WINDOWS\system32\dpnhpast.dll
2006-09-21 19:09 266,752 --a------ C:\WINDOWS\system32\qdv.dll
2006-09-21 19:09 26,112 --a------ C:\WINDOWS\system32\dpnaddr.dll
2006-09-21 19:09 26,112 --a------ C:\WINDOWS\system32\dplaysvr.exe
2006-09-21 19:09 26,112 --a------ C:\WINDOWS\system32\dmband.dll
2006-09-21 19:09 253,440 --a------ C:\WINDOWS\system32\ddraw.dll
2006-09-21 19:09 24,064 --a------ C:\WINDOWS\system32\dpvacm.dll
2006-09-21 19:09 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll
2006-09-21 19:09 212,992 --a------ C:\WINDOWS\system32\dplayx.dll
2006-09-21 19:09 21,504 --a------ C:\WINDOWS\system32\dpmodemx.dll
2006-09-21 19:09 207,360 --a------ C:\WINDOWS\system32\dpvoice.dll
2006-09-21 19:09 193,536 --a------ C:\WINDOWS\system32\mswebdvd.dll
2006-09-21 19:09 184,832 --a------ C:\WINDOWS\system32\qcap.dll
2006-09-21 19:09 18,944 --a------ C:\WINDOWS\system32\dpnsvr.exe
2006-09-21 19:09 175,104 --a------ C:\WINDOWS\system32\dinput8.dll
2006-09-21 19:09 172,544 --a------ C:\WINDOWS\system32\dmime.dll
2006-09-21 19:09 165,888 --a------ C:\WINDOWS\system32\dsdmo.dll
2006-09-21 19:09 16,896 --a------ C:\WINDOWS\system32\dswave.dll
2006-09-21 19:09 16,384 --a------ C:\WINDOWS\system32\msyuv.dll
2006-09-21 19:09 158,208 --a------ C:\WINDOWS\system32\dinput.dll
2006-09-21 19:09 156,672 --a------ C:\WINDOWS\system32\dpnet.dll
2006-09-21 19:09 12,288 --a------ C:\WINDOWS\system32\encapi.dll
2006-09-21 19:09 113,152 --a------ C:\WINDOWS\system32\dpvvox.dll
2006-09-21 19:09 110,080 --a------ C:\WINDOWS\system32\dmstyle.dll
2006-09-21 19:09 11,264 --a------ C:\WINDOWS\system32\msdmo.dll
2006-09-21 19:09 1,293,824 --a------ C:\WINDOWS\system32\dsound3d.dll
2006-09-21 19:09 1,225,216 --a------ C:\WINDOWS\system32\msvidctl.dll
2006-09-21 19:09 1,185,792 --a------ C:\WINDOWS\system32\dx8vb.dll
2006-09-21 19:09 1,180,672 --a------ C:\WINDOWS\system32\d3d8.dll
2006-09-21 19:09 1,148,928 --a------ C:\WINDOWS\system32\quartz.dll
2006-09-21 19:08 5,120 --a------ C:\WINDOWS\system32\drivers\AsInsHelp64.sys
2006-09-21 19:08 4,962 -ra------ C:\WINDOWS\system32\drivers\AsIO.sys
2006-09-21 19:08 306,688 --a------ C:\WINDOWS\IsUninst.exe
2006-09-21 19:08 3,328 --a------ C:\WINDOWS\system32\drivers\AsInsHelp32.sys
2006-09-21 19:08 24,576 -ra------ C:\WINDOWS\system32\AsIO.dll
2006-09-21 19:07 43,008 --a------ C:\WINDOWS\system32\drivers\AmdK8.sys
2006-09-21 19:06 9,324,032 --a------ C:\WINDOWS\system32\RTLCPL.EXE
2006-09-21 19:06 77,824 --a------ C:\WINDOWS\SOUNDMAN.EXE
2006-09-21 19:06 57,856 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2006-09-21 19:06 44,416 --a------ C:\WINDOWS\system32\drivers\stream.sys
2006-09-21 19:06 40,960 --------- C:\WINDOWS\system32\ChCfg.exe
2006-09-21 19:06 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2006-09-21 19:06 294,912 --------- C:\WINDOWS\alcupd.exe
2006-09-21 19:06 200,704 --------- C:\WINDOWS\alcrmv.exe
2006-09-21 19:06 2,317,504 --a------ C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2006-09-21 19:06 192,512 --------- C:\WINDOWS\RtlExUpd.dll
2006-09-21 19:06 156,672 --a------ C:\WINDOWS\system32\RTLCPAPI.dll
2006-09-21 19:06 134,272 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2006-09-21 19:04 454,656 --a------ C:\WINDOWS\system32\CapabilityTable.exe
2006-09-21 19:04 100,096 -ra------ C:\WINDOWS\system32\drivers\NVTCP.SYS
2006-09-21 19:03 92,800 -ra------ C:\WINDOWS\system32\drivers\nvata.sys
2006-09-21 19:03 9,728 -ra------ C:\WINDOWS\system32\bdco1ins.dll
2006-09-21 19:03 9,728 -ra------ C:\WINDOWS\system32\bdco1.dll
2006-09-21 19:03 63,360 --a------ C:\WINDOWS\system32\drivers\pci.sys
2006-09-21 19:03 5,810 -ra------ C:\WINDOWS\system32\drivers\ASACPI.sys
2006-09-21 19:03 33,536 -ra------ C:\WINDOWS\system32\drivers\NVENETFD.sys
2006-09-21 19:03 32,256 -ra------ C:\WINDOWS\system32\nvconrm.dll
2006-09-21 19:03 300,032 -ra------ C:\WINDOWS\system32\idecoi.dll
2006-09-21 19:03 261,888 -ra------ C:\WINDOWS\system32\drivers\nvnrm.sys
2006-09-21 19:03 208,256 -ra------ C:\WINDOWS\system32\drivers\nvsnpu.sys
2006-09-21 19:03 201,728 -ra------ C:\WINDOWS\system32\fdco1ins.dll
2006-09-21 19:03 201,728 -ra------ C:\WINDOWS\system32\fdco1.dll
2006-09-21 19:03 176,128 -ra------ C:\WINDOWS\system32\nvusmb.exe
2006-09-21 19:03 176,128 --a------ C:\WINDOWS\system32\nvunrm.exe
2006-09-21 19:03 176,128 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2006-09-21 19:03 12,928 -ra------ C:\WINDOWS\system32\drivers\nvnetbus.sys
2006-09-21 19:02 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2006-09-21 18:56 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2006-09-21 18:56 0 -rahs---- C:\MSDOS.SYS
2006-09-21 18:56 0 -rahs---- C:\IO.SYS
2006-09-21 18:56 0 --a------ C:\CONFIG.SYS
2006-09-21 18:56 0 --a------ C:\AUTOEXEC.BAT
2006-09-21 18:54 9,728 --a------ C:\WINDOWS\system32\mstinit.exe
2006-09-21 18:54 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2006-09-21 18:54 81,408 --a------ C:\WINDOWS\system32\msoert2.dll
2006-09-21 18:54 73,728 --a------ C:\WINDOWS\system32\ils.dll
2006-09-21 18:54 72,192 --a------ C:\WINDOWS\system32\acctres.dll
2006-09-21 18:54 69,632 --a------ C:\WINDOWS\system32\icwdial.dll
2006-09-21 18:54 69,376 --a------ C:\WINDOWS\system32\drivers\sr.sys
2006-09-21 18:54 65,536 --a------ C:\WINDOWS\system32\msconf.dll
2006-09-21 18:54 63,488 --a------ C:\WINDOWS\system32\srclient.dll
2006-09-21 18:54 61,440 --a------ C:\WINDOWS\system32\icwphbk.dll
2006-09-21 18:54 587,776 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-09-21 18:54 50,176 --a------ C:\WINDOWS\system32\inetres.dll
2006-09-21 18:54 40,960 --a------ C:\WINDOWS\system32\safrslv.dll
2006-09-21 18:54 39,424 --a------ C:\WINDOWS\system32\safrcdlg.dll
2006-09-21 18:54 33,792 --a------ C:\WINDOWS\system32\racpldlg.dll
2006-09-21 18:54 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2006-09-21 18:54 32,256 --a------ C:\WINDOWS\system32\mnmdd.dll
2006-09-21 18:54 28,672 --a------ C:\WINDOWS\system32\isrdbg32.dll
2006-09-21 18:54 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2006-09-21 18:54 26,624 --a------ C:\WINDOWS\system32\safrdm.dll
2006-09-21 18:54 256,512 --a------ C:\WINDOWS\system32\mstask.dll
2006-09-21 18:54 24,576 --a------ C:\WINDOWS\system32\nmmkcert.dll
2006-09-21 18:54 228,864 --a------ C:\WINDOWS\system32\srrstr.dll
2006-09-21 18:54 228,864 --a------ C:\WINDOWS\system32\msoeacct.dll
2006-09-21 18:54 161,280 --a------ C:\WINDOWS\system32\schedsvc.dll
2006-09-21 18:54 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2006-09-21 18:54 159,232 --a------ C:\WINDOWS\system32\srsvc.dll
2006-09-21 18:54 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2006-09-21 18:54 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2006-09-21 18:52 9,728 --a------ C:\WINDOWS\system32\xolehlp.dll
2006-09-21 18:52 9,216 --a------ C:\WINDOWS\system32\wuauserv.dll
2006-09-21 18:52 9,216 --a------ C:\WINDOWS\system32\icaapi.dll
2006-09-21 18:52 88,576 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2006-09-21 18:52 869,376 --a------ C:\WINDOWS\system32\msdtctm.dll
2006-09-21 18:52 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2006-09-21 18:52 83,968 --a------ C:\WINDOWS\system32\mtxoci.dll
2006-09-21 18:52 82,432 --a------ C:\WINDOWS\system32\comrepl.dll
2006-09-21 18:52 80,896 --a------ C:\WINDOWS\system32\charmap.exe
2006-09-21 18:52 75,912 --a------ C:\WINDOWS\system32\rdpwsx.dll
2006-09-21 18:52 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2006-09-21 18:52 634,880 --a------ C:\WINDOWS\system32\getuname.dll
2006-09-21 18:52 61,952 --a------ C:\WINDOWS\system32\rdshost.exe
2006-09-21 18:52 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2006-09-21 18:52 598,016 --a------ C:\WINDOWS\system32\mstscax.dll
2006-09-21 18:52 582,656 --a------ C:\WINDOWS\system32\catsrvut.dll
2006-09-21 18:52 57,856 --a------ C:\WINDOWS\system32\remotepg.dll
2006-09-21 18:52 57,856 --a------ C:\WINDOWS\system32\licwmi.dll
2006-09-21 18:52 57,344 --a------ C:\WINDOWS\system32\sol.exe
2006-09-21 18:52 56,832 --a------ C:\WINDOWS\system32\colbact.dll
2006-09-21 18:52 55,808 --a------ C:\WINDOWS\system32\freecell.exe
2006-09-21 18:52 54,784 --a------ C:\WINDOWS\system32\msdtclog.dll
2006-09-21 18:52 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2006-09-21 18:52 534,528 --a------ C:\WINDOWS\system32\spider.exe
2006-09-21 18:52 53,248 --a------ C:\WINDOWS\system32\servdeps.dll
2006-09-21 18:52 5,632 --a------ C:\WINDOWS\system32\write.exe
2006-09-21 18:52 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2006-09-21 18:52 497,152 --a------ C:\WINDOWS\system32\hypertrm.dll
2006-09-21 18:52 495,616 --a------ C:\WINDOWS\system32\comuid.dll
2006-09-21 18:52 468,480 --a------ C:\WINDOWS\system32\clbcatq.dll
2006-09-21 18:52 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2006-09-21 18:52 44,032 --a------ C:\WINDOWS\system32\rdpclip.exe
2006-09-21 18:52 40,960 --a------ C:\WINDOWS\system32\tscupgrd.exe
2006-09-21 18:52 4,608 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2006-09-21 18:52 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2006-09-21 18:52 393,216 --a------ C:\WINDOWS\system32\mstsc.exe
2006-09-21 18:52 38,024 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2006-09-21 18:52 359,936 --a------ C:\WINDOWS\system32\msdtcprx.dll
2006-09-21 18:52 35,840 --a------ C:\WINDOWS\system32\winchat.exe
2006-09-21 18:52 344,576 --a------ C:\WINDOWS\system32\mspaint.exe
2006-09-21 18:52 33,792 --a------ C:\WINDOWS\system32\regini.exe
2006-09-21 18:52 33,280 --a------ C:\WINDOWS\system32\cfgbkend.dll
2006-09-21 18:52 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2006-09-21 18:52 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2006-09-21 18:52 232,960 --a------ C:\WINDOWS\system32\avtapi.dll
2006-09-21 18:52 22,528 --a------ C:\WINDOWS\system32\qwinsta.exe
2006-09-21 18:52 22,528 --a------ C:\WINDOWS\system32\msg.exe
2006-09-21 18:52 215,040 --a------ C:\WINDOWS\system32\catsrv.dll
2006-09-21 18:52 202,752 --a------ C:\WINDOWS\system32\termsrv.dll
2006-09-21 18:52 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2006-09-21 18:52 20,232 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2006-09-21 18:52 19,456 --a------ C:\WINDOWS\system32\qprocess.exe
2006-09-21 18:52 185,344 --a------ C:\WINDOWS\system32\accwiz.exe
2006-09-21 18:52 182,400 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2006-09-21 18:52 180,736 --a------ C:\WINDOWS\system32\cmprops.dll
2006-09-21 18:52 17,408 --a------ C:\WINDOWS\system32\tsshutdn.exe
2006-09-21 18:52 17,408 --a------ C:\WINDOWS\system32\qappsrv.exe
2006-09-21 18:52 16,896 --a------ C:\WINDOWS\system32\tskill.exe
2006-09-21 18:52 16,896 --a------ C:\WINDOWS\system32\mmfutil.dll
2006-09-21 18:52 16,384 --a------ C:\WINDOWS\system32\rwinsta.exe
2006-09-21 18:52 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2006-09-21 18:52 151,040 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2006-09-21 18:52 15,872 --a------ C:\WINDOWS\system32\logoff.exe
2006-09-21 18:52 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2006-09-21 18:52 15,360 --a------ C:\WINDOWS\system32\tscon.exe
2006-09-21 18:52 15,360 --a------ C:\WINDOWS\system32\shadow.exe
2006-09-21 18:52 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2006-09-21 18:52 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2006-09-21 18:52 14,848 --a------ C:\WINDOWS\system32\rdpsnd.dll
2006-09-21 18:52 139,264 --a------ C:\WINDOWS\system32\sndvol32.exe
2006-09-21 18:52 135,680 --a------ C:\WINDOWS\system32\rdchost.dll
2006-09-21 18:52 130,560 --a------ C:\WINDOWS\system32\sessmgr.exe
2006-09-21 18:52 128,000 --a------ C:\WINDOWS\system32\mshearts.exe
2006-09-21 18:52 125,952 --a------ C:\WINDOWS\system32\sndrec32.exe
2006-09-21 18:52 12,288 --a------ C:\WINDOWS\system32\rdsaddin.exe
2006-09-21 18:52 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2006-09-21 18:52 118,272 --a------ C:\WINDOWS\system32\mplay32.exe
2006-09-21 18:52 115,976 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2006-09-21 18:52 115,200 --a------ C:\WINDOWS\system32\calc.exe
2006-09-21 18:52 11,144 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2006-09-21 18:52 100,864 --a------ C:\WINDOWS\system32\clbcatex.dll
2006-09-21 18:52 100,352 --a------ C:\WINDOWS\system32\clipbrd.exe
2006-09-21 18:52 10,240 --a------ C:\WINDOWS\system32\reset.exe
2006-09-21 18:52 1,263 --a------ C:\WINDOWS\system32\usrlogon.cmd
2006-09-21 18:52 1,172,992 --a------ C:\WINDOWS\system32\comsvcs.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-10-18 13:48 -------- d-------- C:\Program Files\Mozilla Firefox
2006-10-18 13:34 -------- d-------- C:\Program Files\Fichiers communs\iS3
2006-10-18 13:34 -------- d-------- C:\Program Files\Fichiers communs
2006-10-14 20:28 -------- d-------- C:\Program Files\MSN Messenger
2006-10-14 20:28 -------- d-------- C:\Program Files\Messenger Plus! Live
2006-10-14 20:22 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared
2006-10-14 15:43 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-14 15:43 -------- d-------- C:\Program Files\Custom-Strike
2006-10-14 14:35 -------- d-------- C:\Documents and Settings\Soufian\Application Data\Sun
2006-10-14 14:32 -------- d-------- C:\Program Files\Java
2006-10-14 14:20 -------- d-------- C:\Program Files\Fichiers communs\Java
2006-10-09 19:14 -------- d-------- C:\Program Files\Slayers Online
2006-10-08 13:38 -------- d-------- C:\Program Files\Yahoo!
2006-10-04 17:27 -------- d---s---- C:\Documents and Settings\Soufian\Application Data\Microsoft
2006-10-02 19:06 -------- d-------- C:\Program Files\Mozilla Thunderbird
2006-10-02 18:45 -------- d-------- C:\Program Files\TrackMania Nations ESWC
2006-09-24 19:36 -------- d-------- C:\Documents and Settings\Soufian\Application Data\Adobe
2006-09-23 13:22 -------- d-------- C:\Program Files\Riva
2006-09-23 13:22 -------- d-------- C:\Program Files\Fichiers communs\SWF Studio
2006-09-23 13:05 -------- d-------- C:\Program Files\YouTUBE (TM) movie downloader
2006-09-23 11:54 -------- d-------- C:\Program Files\Valve
2006-09-22 21:13 -------- d-------- C:\Documents and Settings\Soufian\Application Data\Thunderbird
2006-09-22 21:13 -------- d-------- C:\Documents and Settings\Soufian\Application Data\Talkback
2006-09-22 21:13 -------- d-------- C:\Documents and Settings\Soufian\Application Data\Mozilla
2006-09-22 20:23 -------- d-------- C:\Program Files\Windows Media Player
2006-09-22 17:07 -------- d-------- C:\Program Files\Windows Live Toolbar
2006-09-22 16:54 -------- d-------- C:\Documents and Settings\Soufian\Application Data\Macromedia
2006-09-21 21:30 -------- d-------- C:\Program Files\CCleaner
2006-09-21 21:28 -------- d-------- C:\Program Files\Google
2006-09-21 21:28 -------- d-------- C:\Documents and Settings\Soufian\Application Data\Google
2006-09-21 21:22 -------- d-------- C:\Program Files\Alwil Software
2006-09-21 21:06 -------- d-------- C:\Documents and Settings\Soufian\Application Data\vlc
2006-09-21 20:45 -------- d-------- C:\Program Files\xp-AntiSpy
2006-09-21 20:43 -------- d-------- C:\Program Files\Lavasoft
2006-09-21 20:43 -------- d-------- C:\Documents and Settings\Soufian\Application Data\Lavasoft
2006-09-21 20:36 -------- d-------- C:\Program Files\Shareaza
2006-09-21 20:36 -------- d-------- C:\Documents and Settings\Soufian\Application Data\Shareaza
2006-09-21 20:34 -------- d-------- C:\Program Files\7-Zip
2006-09-21 20:05 -------- d--h----- C:\Program Files\WindowsUpdate
2006-09-21 19:46 62 --ahs---- C:\Documents and Settings\Soufian\Application Data\desktop.ini
2006-09-21 19:46 -------- d-------- C:\Program Files\Fichiers communs\SpeechEngines
2006-09-21 19:46 -------- d-------- C:\Program Files\Fichiers communs\ODBC
2006-09-21 19:45 -------- d-------- C:\Program Files\ATI Technologies
2006-09-21 19:33 -------- d-------- C:\Documents and Settings\Soufian\Application Data\ATI
2006-09-21 19:24 -------- d-------- C:\Program Files\ASUS
2006-09-21 19:22 -------- d-------- C:\Program Files\My Company Name
2006-09-21 19:18 -------- d-------- C:\Program Files\Internet Explorer
2006-09-21 19:14 845968 --a------ C:\WINDOWS\system32\AI - Series.scr
2006-09-21 19:14 -------- d-------- C:\Program Files\Winbond Electronics Corp
2006-09-21 19:14 -------- d-------- C:\Program Files\AI - Series
2006-09-21 19:13 -------- d-------- C:\Program Files\Fichiers communs\Adobe
2006-09-21 19:12 -------- d-------- C:\Program Files\Adobe
2006-09-21 19:07 -------- d-------- C:\Program Files\NVIDIA Corporation
2006-09-21 19:07 -------- d-------- C:\Program Files\AMD
2006-09-21 19:06 -------- d-------- C:\Program Files\Realtek Sound Manager
2006-09-21 19:06 -------- d-------- C:\Program Files\Fichiers communs\InstallShield
2006-09-21 19:06 -------- d-------- C:\Program Files\AvRack
2006-09-21 19:00 -------- d--h----- C:\Program Files\Uninstall Information
2006-09-21 19:00 -------- d-------- C:\Documents and Settings\Soufian\Application Data\Identities
2006-09-21 18:56 -------- d-------- C:\Program Files\xerox
2006-09-21 18:56 -------- d-------- C:\Program Files\microsoft frontpage
2006-09-21 18:55 -------- d-------- C:\Program Files\Services en ligne
2006-09-21 18:54 -------- d-------- C:\Program Files\Outlook Express
2006-09-21 18:54 -------- d-------- C:\Program Files\NetMeeting
2006-09-21 18:54 -------- d-------- C:\Program Files\Movie Maker
2006-09-21 18:54 -------- d-------- C:\Program Files\Fichiers communs\System
2006-09-21 18:54 -------- d-------- C:\Program Files\Fichiers communs\Services
2006-09-21 18:54 -------- d-------- C:\Program Files\Fichiers communs\MSSoap
2006-09-21 18:53 -------- d-------- C:\Program Files\MSN
2006-09-21 18:53 -------- d-------- C:\Program Files\Messenger
2006-09-21 18:53 -------- d-------- C:\Program Files\ComPlus Applications
2006-09-21 18:52 -------- d-------- C:\Program Files\Windows NT
2006-09-21 18:52 -------- d-------- C:\Program Files\MSN Gaming Zone
2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"nTrayFw"="C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\bin\\nTrayFw.exe"
"SoundMan"="SOUNDMAN.EXE"
"AME_CSA"="rundll32 amecsa.cpl,RUN_DLL"
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,e6,00,00,00,00,00,00,00,9a,03,00,00,42,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{68676EFE-9B30-4EBD-B842-7ED9B3460C53}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job

Completion time: 06-10-18 13:50:22.60
C:\ComboFix.txt ... 06-10-18 13:50

Re,

Pas mal d'infections...

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

Double-clique VundoFix.exe afin de le lancer

Clique sur le bouton Scan for Vundo

Lorsque le scan est complété, clique sur le bouton Remove Vundo

Une invite te demandera si tu veux supprimer les fichiers, clique YES

Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers

Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

VundoFix V6.2.6

Checking Java version...

Java version is 1.5.0.6

Scan started at 14:19:23 18/10/2006

Listing files found while scanning....

C:\WINDOWS\system32\aaqmclfb.dll
C:\WINDOWS\system32\awttutu.dll
C:\WINDOWS\system32\awtuust.dll
C:\WINDOWS\system32\bjtofaeh.dll
C:\WINDOWS\system32\ddcbayw.dll
C:\WINDOWS\system32\efccaab.dll
C:\WINDOWS\system32\euqhmhep.dll
C:\WINDOWS\system32\fccawtr.dll
C:\WINDOWS\system32\fkhpqmvn.dll
C:\WINDOWS\system32\gebbxyy.dll
C:\WINDOWS\system32\gebbyvu.dll
C:\WINDOWS\system32\hggghhf.dll
C:\WINDOWS\system32\jkklljh.dll
C:\WINDOWS\system32\khfdcdb.dll
C:\WINDOWS\system32\kjpegqdt.dll
C:\WINDOWS\system32\lgiptbci.dll
C:\WINDOWS\system32\nnixkuej.dll
C:\WINDOWS\system32\oibtvlvc.dll
C:\WINDOWS\system32\pfdmmanw.dll
C:\WINDOWS\system32\sswrbgnx.dll
C:\WINDOWS\system32\ukjcplxv.dll
C:\WINDOWS\system32\wvutspn.dll
C:\WINDOWS\system32\yumudxvi.exe

Beginning removal...

Attempting to delete C:\WINDOWS\system32\aaqmclfb.dll
C:\WINDOWS\system32\aaqmclfb.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\awttutu.dll
C:\WINDOWS\system32\awttutu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\awtuust.dll
C:\WINDOWS\system32\awtuust.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\bjtofaeh.dll
C:\WINDOWS\system32\bjtofaeh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ddcbayw.dll
C:\WINDOWS\system32\ddcbayw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\efccaab.dll
C:\WINDOWS\system32\efccaab.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\euqhmhep.dll
C:\WINDOWS\system32\euqhmhep.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\fccawtr.dll
C:\WINDOWS\system32\fccawtr.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\fkhpqmvn.dll
C:\WINDOWS\system32\fkhpqmvn.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\gebbxyy.dll
C:\WINDOWS\system32\gebbxyy.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\gebbyvu.dll
C:\WINDOWS\system32\gebbyvu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hggghhf.dll
C:\WINDOWS\system32\hggghhf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkklljh.dll
C:\WINDOWS\system32\jkklljh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\khfdcdb.dll
C:\WINDOWS\system32\khfdcdb.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\kjpegqdt.dll
C:\WINDOWS\system32\kjpegqdt.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lgiptbci.dll
C:\WINDOWS\system32\lgiptbci.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nnixkuej.dll
C:\WINDOWS\system32\nnixkuej.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\oibtvlvc.dll
C:\WINDOWS\system32\oibtvlvc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\pfdmmanw.dll
C:\WINDOWS\system32\pfdmmanw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\sswrbgnx.dll
C:\WINDOWS\system32\sswrbgnx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ukjcplxv.dll
C:\WINDOWS\system32\ukjcplxv.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\wvutspn.dll
C:\WINDOWS\system32\wvutspn.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\yumudxvi.exe
C:\WINDOWS\system32\yumudxvi.exe Has been deleted!

Performing Repairs to the registry.
Done!

Logfile of HijackThis v1.99.1
Scan saved at 14:27:06, on 18/10/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\win32logon.exe
C:\WINDOWS\system32\lsscs.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\NotifyPhoneBook.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Documents and Settings\Soufian\Bureau\HijackThis.exe

O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {239531CD-64F9-4D67-A785-586B8E5DDCAA} - C:\WINDOWS\System32\jkhfe.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {68676EFE-9B30-4EBD-B842-7ED9B3460C53} - C:\WINDOWS\system32\fccddaa.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?3f7cdffe98c74a61a8e33682698132cb
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?3f7cdffe98c74a61a8e33682698132cb
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F538BFC7-2218-4DBA-AF8E-E56B397CB85A}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Win32 Login Service (Win32 Login) - Unknown owner - C:\WINDOWS\win32logon.exe
O23 - Service: Window Plugin Service - Unknown owner - C:\WINDOWS\system32\lsscs.exe

Jamais vu un rapport Vundofix aussi long ^^

C:\WINDOWS\win32logon.exe
C:\WINDOWS\system32\lsscs.exe
-> sure à 99.999999...% que se sont des infections
Mais il manque 0.000....1% donc on vérifie.



Va sur le site de VirusTotal
Clique sur Parcourir... puis ouvre:

C:\WINDOWS\win32logon.exe
C:\WINDOWS\system32\lsscs.exe

Clique ensuite sur Send
Poste le rapport en fin d'analyse.

Si tu vois ce message:
" Your file " ***.*** " is queued in position: ***. Estimated start time is between *** and *** minutes. "
Il te faudra patienter.

Complete scanning result of "win32logon.exe_", received in VirusTotal at 10.18.2006, 14:42:31 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.30 10.18.2006 HEUR/Crypted
Authentium 4.93.8 10.18.2006 no virus found
Avast 4.7.892.0 10.18.2006 no virus found
AVG 386 10.18.2006 no virus found
BitDefender 7.2 10.18.2006 DeepScan:Generic.Sdbot.9A4D0F66
CAT-QuickHeal 8.00 10.17.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 10.18.2006 no virus found
DrWeb 4.33 10.18.2006 no virus found
eTrust-InoculateIT 23.73.25 10.18.2006 no virus found
eTrust-Vet 30.3.3141 10.18.2006 no virus found
Ewido 4.0 10.18.2006 no virus found
Fortinet 2.82.0.0 10.18.2006 suspicious
F-Prot 3.16f 10.18.2006 no virus found
F-Prot4 4.2.1.29 10.17.2006 no virus found
Ikarus 0.2.65.0 10.18.2006 no virus found
Kaspersky 4.0.2.24 10.18.2006 Backdoor.Win32.SdBot.xd
McAfee 4875 10.17.2006 no virus found
Microsoft 1.1603 10.18.2006 no virus found
NOD32v2 1.1809 10.18.2006 no virus found
Norman 5.80.02 10.18.2006 no virus found
Panda 9.0.0.4 10.17.2006 Suspicious file
Sophos 4.10.0 10.15.2006 Mal/Packer
TheHacker 6.0.1.100 10.18.2006 no virus found
UNA 1.83 10.17.2006 no virus found
VBA32 3.11.1 10.17.2006 no virus found
VirusBuster 4.3.7:9 10.17.2006 no virus found

Aditional Information
File size: 110592 bytes
MD5: b143e0343d9951ff44dd21733e58ab41
SHA1: a5e07e43384e2a26761e0d473c87c43eb36ed3d1
packers: Enigma

Complete scanning result of "lsscs.exe_", received in VirusTotal at 10.18.2006, 14:45:56 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.30 10.18.2006 TR/Packed.CryptExe
Authentium 4.93.8 10.18.2006 no virus found
Avast 4.7.892.0 10.18.2006 no virus found
AVG 386 10.18.2006 Win32/CryptExe
BitDefender 7.2 10.18.2006 GenPack:Generic.Sdbot.3169B48D
CAT-QuickHeal 8.00 10.17.2006 no virus found
ClamAV devel-20060426 10.18.2006 no virus found
DrWeb 4.33 10.18.2006 Win32.HLLW.MyBot
eTrust-InoculateIT 23.73.25 10.18.2006 no virus found
eTrust-Vet 30.3.3141 10.18.2006 no virus found
Ewido 4.0 10.18.2006 no virus found
Fortinet 2.82.0.0 10.18.2006 suspicious
F-Prot 3.16f 10.18.2006 no virus found
F-Prot4 4.2.1.29 10.17.2006 generic
Ikarus 0.2.65.0 10.18.2006 no virus found
Kaspersky 4.0.2.24 10.18.2006 Backdoor.Win32.SdBot.qv
McAfee 4875 10.17.2006 W32/Sdbot.worm.gen.ai
Microsoft 1.1603 10.18.2006 no virus found
NOD32v2 1.1809 10.18.2006 a variant of IRC/SdBot
Norman 5.80.02 10.18.2006 W32/Malware.BSU
Panda 9.0.0.4 10.17.2006 W32/Sdbot.INK.worm
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.100 10.18.2006 no virus found
UNA 1.83 10.17.2006 no virus found
VBA32 3.11.1 10.17.2006 suspected of Backdoor.xBot.1 (paranoid heuristics)
VirusBuster 4.3.7:9 10.17.2006 Worm.SdBot.EEB

Aditional Information
File size: 76288 bytes
MD5: b1c72073adf99808face0fd83e34b421
SHA1: cf633f59e52b7fac85ec2a35f74d481a0ffa9183
packers: EXECryptor

J'avais raison...youpi !

----------
-> Démarrer
-> Exécuter...
Tape Services.msc puis valide
Double clique sur " Win32 Login Service "
Type de démarrage : " Désactiver "
Clique en bas sur " Arrêter "
Valide les changements.
Fais pareil avec :
Window Plugin Service
-----
Ouvre Hijackthis puis:
-> Open the Misc Tools Section
-> Delete an NT Service
Tape " Win32 Login " puis valide.
Fais pareil avec :
Window Plugin Service
----------

Télécharge puis installe AVG Anti-Spyware (AVG AS)
Une fois AVG AS lancé, clique sur "Mise à jour"
Ferme le programme.

Redémarre en mode sans échec

Supprime :
C:\WINDOWS\win32logon.exe
C:\WINDOWS\system32\lsscs.exe

Relance AVG AS puis choisis l'onglet "Analyse"
Puis l'onglet "Paramètres"
Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

/!\ Si un fichier est infecté en fin d'analyse /!\
Clique sur "Appliquer toutes les actions "

Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.

Redémarre normalement
Copie/Colle le rapport ici.

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 15:27:31 18/10/2006

+ Résultat de l'analyse:



C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0046686.exe -> Adware.Look2Me : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0047689.exe -> Adware.Look2Me : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0048687.exe -> Adware.Look2Me : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0022488.dll -> Adware.Searchcolours : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0022495.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0034475.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP36\A0041504.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0041662.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0042660.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044724.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044730.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044737.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044747.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044754.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045779.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045790.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045792.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045805.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045810.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045814.dll -> Adware.Softomate : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0033456.exe -> Backdoor.SdBot.axn : Nettoyé.
C:\WINDOWS\system32\eraseme_48585.exe -> Backdoor.SdBot.xd : Nettoyé.
C:\WINDOWS\win32bootconfig.exe -> Backdoor.SdBot.xd : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044697.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044713.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044721.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044735.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044742.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044752.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045680.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045690.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045716.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045722.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045728.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045745.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045784.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045786.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045787.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045797.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045799.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045800.exe -> Downloader.Adload.fk : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0022465.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0033465.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0033472.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0034461.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0039479.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP36\A0041479.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0041605.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0041613.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0041681.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0041691.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0042675.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0042679.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0043673.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0043674.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044672.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044673.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045673.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045677.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0046679.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0046684.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0046701.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0046702.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0046722.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0047674.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0047678.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0047687.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0047692.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0048681.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0048685.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0048691.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP39\A0049685.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP39\A0049705.exe -> Downloader.Adload.fu : Nettoyé.
C:\WINDOWS\dov9.exe -> Downloader.Adload.fu : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0033469.exe -> Downloader.Adload.gj : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0034462.exe -> Downloader.Adload.gj : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0039482.exe -> Downloader.Adload.gp : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0039481.exe -> Downloader.Adload.gq : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0039480.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP36\A0041484.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0041610.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0041636.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0041690.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0042680.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0042686.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0042688.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0043677.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044674.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044683.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044692.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044696.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044709.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044710.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044717.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044720.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044728.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044734.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044741.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0044751.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045678.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045689.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045697.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045707.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045710.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045715.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045723.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045727.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045732.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045739.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045744.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045778.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045785.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045798.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045803.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045809.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0045813.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP38\A0046678.exe -> Downloader.Adload.gt : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0033466.exe -> Downloader.Agent.azc : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP35\A0034447.exe -> Downloader.Agent.azc : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP41\A0049828.dll -> Logger.VBStat.e : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP41\A0049831.dll -> Logger.VBStat.e : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP41\A0049833.dll -> Logger.VBStat.e : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP41\A0049839.dll -> Logger.VBStat.e : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP41\A0049840.dll -> Logger.VBStat.e : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP41\A0049841.dll -> Logger.VBStat.e : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP41\A0049843.dll -> Logger.VBStat.e : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP41\A0049844.dll -> Logger.VBStat.e : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP41\A0049845.dll -> Logger.VBStat.e : Nettoyé.
C:\VundoFix Backups\bjtofaeh.dll.bad -> Logger.VBStat.e : Nettoyé.
C:\VundoFix Backups\euqhmhep.dll.bad -> Logger.VBStat.e : Nettoyé.
C:\VundoFix Backups\fkhpqmvn.dll.bad -> Logger.VBStat.e : Nettoyé.
C:\VundoFix Backups\kjpegqdt.dll.bad -> Logger.VBStat.e : Nettoyé.
C:\VundoFix Backups\lgiptbci.dll.bad -> Logger.VBStat.e : Nettoyé.
C:\VundoFix Backups\nnixkuej.dll.bad -> Logger.VBStat.e : Nettoyé.
C:\VundoFix Backups\pfdmmanw.dll.bad -> Logger.VBStat.e : Nettoyé.
C:\VundoFix Backups\sswrbgnx.dll.bad -> Logger.VBStat.e : Nettoyé.
C:\VundoFix Backups\ukjcplxv.dll.bad -> Logger.VBStat.e : Nettoyé.
:mozilla.114:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.36:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.17:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.21:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\cookies-1.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.30:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\7 - Dimanche\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.62:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.9:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\6 - Samedi\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.64:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.134:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.135:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.95:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.96:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.19:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\3 - Mercredi\cookies.txt -> TrackingCookie.Pstats : Nettoyé.
:mozilla.22:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\cookies.txt -> TrackingCookie.Pstats : Nettoyé.
:mozilla.102:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.103:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.104:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.105:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.106:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.107:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.108:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.109:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.110:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.111:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.164:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.165:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.166:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.167:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.168:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.169:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.170:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.171:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.172:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.173:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.195:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.196:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.197:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.66:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.67:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.68:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.29:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.36:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.37:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.38:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.84:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.85:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.86:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.46:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\5 - Vendredi\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.79:C:\Documents and Settings\Soufian\Application Data\Mozilla\Firefox\Profiles\0cef1vfl.default\Backups\4 - Jeudi\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\System Volume Information\_restore{10207D88-E139-4941-8BC8-503B69A8F7A6}\RP41\A0049842.dll -> Trojan.BHO.g : Nettoyé.
C:\VundoFix Backups\oibtvlvc.dll.bad -> Trojan.BHO.g : Nettoyé.


Fin du rapport

Re,

Reposte un rapport Hijackthis stp.

Logfile of HijackThis v1.99.1
Scan saved at 15:39:48, on 18/10/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\NotifyPhoneBook.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Soufian\Bureau\HijackThis.exe

O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {239531CD-64F9-4D67-A785-586B8E5DDCAA} - C:\WINDOWS\System32\jkhfe.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {68676EFE-9B30-4EBD-B842-7ED9B3460C53} - C:\WINDOWS\system32\fccddaa.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?3f7cdffe98c74a61a8e33682698132cb
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?3f7cdffe98c74a61a8e33682698132cb
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F538BFC7-2218-4DBA-AF8E-E56B397CB85A}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Win32 Login Service (Win32 Login) - Unknown owner - C:\WINDOWS\win32logon.exe (file missing)

Re,

- Télécharge Clean.zip (de Malekal),
décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.

Redémarre en mode sans échec

- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :

O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {239531CD-64F9-4D67-A785-586B8E5DDCAA} - C:\WINDOWS\System32\jkhfe.dll (file missing)
O2 - BHO: (no name) - {68676EFE-9B30-4EBD-B842-7ED9B3460C53} - C:\WINDOWS\system32\fccddaa.dll (file missing)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O23 - Service: Win32 Login Service (Win32 Login) - Unknown owner - C:\WINDOWS\win32logon.exe (file missing)

Clique sur Fix checked (en bas à gauche)

- Ouvre le dossier clean qui se trouve sur ton bureau, et double-clic sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laisse la ouverte.

Redémarre normalement

- Le rapport clean : Poste de travail / double clic sur disque C / double-clic sur rapport_clean.txt et copier/coller le contenu ici C:\rapport_clean.txt

- Mets à jour Windows avec Ie

Script clean par Malekal_morte - http://www.malekal.com

Microsoft Windows XP [version 5.1.2600]
Script execute en mode sans echec

*** Suppression de fichiers sur C:

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\i FOUND


*** Suppression des clefs du registre effectuee..

Re,

As tu fait les mises à jour ?
Reposte un rapport Hijackthis.

oui les mises a jour ont ete faite

Logfile of HijackThis v1.99.1
Scan saved at 16:43:15, on 19/10/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Documents and Settings\Soufian\Bureau\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?3f7cdffe98c74a61a8e33682698132cb
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?3f7cdffe98c74a61a8e33682698132cb
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O17 - HKLM\System\CCS\Services\Tcpip\..\{F538BFC7-2218-4DBA-AF8E-E56B397CB85A}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Win32 Login Service (Win32 Login) - Unknown owner - C:\WINDOWS\win32logon.exe (file missing)

Re,

Ouvre Hijackthis puis:
-> Open the Misc Tools Section
-> Delete an NT Service
Tape " Win32 Login " puis valide.

D'autres problemes ?

Non aucun pour l ainstant si ce n est une petite question quelle anti virus me conseille tu parce que avast a ete nul sur ce coup =S
Encore un grand merci et un grand bravo  

Re,

En gratuit-> Antivir
En payant-> Kaspersky/Nod32

Dénonce ton infection (Vundo) pour faire condamner les auteurs, ça serait sympa.
Crée un message pour faire avancer les choses sur Malware-Complaints, nous devons être le plus nombreux possibles, alors rends compte de ton infection.
AIDE : Comment rapporter son infection sur Malware-Complaints ?

Consulte cette page pour éviter que ces problèmes ne réapparaissent pas.