Helppppp ! ! ! C:\WINDOWS\retadpu1000627.exe\[UPX

Un bonjour ?

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

Double-clique VundoFix.exe afin de le lancer

Clique sur le bouton Scan for Vundo

Lorsque le scan est complété, clique sur le bouton Remove Vundo

Une invite te demandera si tu veux supprimer les fichiers, clique YES

Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers

Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

Oui désolée....

Bonjour à tout le monde et merci pour votre aide, je vais exécuter ça, angel dark.

Merci à toi

undoFix V6.5.1

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Scan started at 14:20:29 23/06/2007

Listing files found while scanning....

C:\WINDOWS\system32\qrqss.bak1
C:\WINDOWS\system32\qrqss.ini
C:\WINDOWS\system32\ssqrq.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\qrqss.bak1
C:\WINDOWS\system32\qrqss.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\qrqss.ini
C:\WINDOWS\system32\qrqss.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ssqrq.dll
C:\WINDOWS\system32\ssqrq.dll Has been deleted!

Performing Repairs to the registry.
Done!

Logfile of HijackThis v1.99.1
Scan saved at 14:32:15, on 23/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\ATI-CPanel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Documents and Settings\Yas\services.exe
C:\Program Files\MSN Messenger\msnmgr.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\QuickZip\QuickZip.exe
C:\DOCUME~1\Yas\LOCALS~1\Temp\QZTEMP\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.7sur7.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: (no name) - {D681F814-A3C3-4379-B4A1-2730F64272BA} - C:\WINDOWS\system32\ssqrq.dll (file missing)
O2 - BHO: (no name) - {DC192567-65F9-4AB6-ADB7-E13575F81726} - C:\WINDOWS\system32\cbxwttu.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [MPTBox] C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/...
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.ca...
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC75BB6A-5412-4FF6-B1CC-8B0EF667C79F}: NameServer = 212.68.193.110
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: cbxwttu - C:\WINDOWS\SYSTEM32\cbxwttu.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

Re,

S'il vous plaît, aller ici pour uploader un fichier douteux pour analyse.

"Your Username:" - Entrez votre pseudo sur ce forum

"Topic Where File Was Requested:" - Copiez-collez le lien vers cette discussion

"File(s) To Submit:" - Bouton "Parcourir..." pour naviguer vers ce nom de fichier : C:\WINDOWS\SYSTEM32\cbxwttu.dll

"Comments Or Further Info:" - Mentionnez s'il vous plaît que je vous ai demandé d'uploader ce fichier

Cliquez sur Send File

&

Télécharge combofix.exe (par sUBs) sur ton Bureau.

Double clique combofix.exe.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Voili voulou


ComboFix 07-06-21.3 - C:\Documents and Settings\Yas\Mes documents\Mes fichiers re‡us\ComboFix.exe
"Yas" - 2007-06-23 14:45:00 - Service Pack 2 NTFS


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\internet optimizer
C:\WINDOWS\system32\icons
C:\WINDOWS\system32\icons\ben.ico
C:\WINDOWS\system32\icons\ben2.ico
C:\WINDOWS\system32\icons\ben3.ico
C:\WINDOWS\system32\icons\ben4.ico
C:\WINDOWS\system32\icons\ben5.ico
C:\WINDOWS\system32\msxml3a.dll


((((((((((((((((((((((((( Files Created from 2007-05-23 to 2007-06-23 )))))))))))))))))))))))))))))))


2007-06-23 14:46 31,254 --a------ C:\WINDOWS\system32\rqrrqon.dll
2007-06-23 14:43 31,254 --a------ C:\WINDOWS\system32\yayxuro.dll
2007-06-23 14:39 31,254 --a------ C:\WINDOWS\system32\awtssqr.dll
2007-06-23 14:38 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-23 14:36 31,254 --a------ C:\WINDOWS\system32\hggfgda.dll
2007-06-23 14:33 31,254 --a------ C:\WINDOWS\system32\ljjghgg.dll
2007-06-23 14:29 31,254 --a------ C:\WINDOWS\system32\efcbyxu.dll
2007-06-23 14:24 31,254 --a------ C:\WINDOWS\system32\wvurqrq.dll
2007-06-23 14:22 31,254 --a------ C:\WINDOWS\system32\efccyvs.dll
2007-06-23 14:20 31,254 --a------ C:\WINDOWS\system32\xxyxxya.dll
2007-06-23 14:20 <REP> d-------- C:\VundoFix Backups
2007-06-23 14:19 31,254 --a------ C:\WINDOWS\system32\wvuuuuv.dll
2007-06-23 14:17 31,254 --a------ C:\WINDOWS\system32\tuvurqp.dll
2007-06-23 14:15 31,254 --a------ C:\WINDOWS\system32\ssqqopm.dll
2007-06-23 14:13 31,254 --a------ C:\WINDOWS\system32\ddccday.dll
2007-06-23 14:12 31,254 --a------ C:\WINDOWS\system32\wvuvuus.dll
2007-06-23 14:10 71,906 --a------ C:\WINDOWS\system32\mon.exe
2007-06-23 14:10 31,254 --a------ C:\WINDOWS\system32\hgggefe.dll
2007-06-23 14:09 31,254 --a------ C:\WINDOWS\system32\mljgdcd.dll
2007-06-23 13:59 31,254 --a------ C:\WINDOWS\system32\ssqpnkh.dll
2007-06-23 13:56 31,254 --a------ C:\WINDOWS\system32\cbxwvwx.dll
2007-06-23 13:51 31,254 --a------ C:\WINDOWS\system32\iifgddd.dll
2007-06-23 13:48 31,254 --a------ C:\WINDOWS\system32\rqrqpnm.dll
2007-06-23 13:44 31,254 --a------ C:\WINDOWS\system32\fccbcaa.dll
2007-06-23 13:41 31,254 --a------ C:\WINDOWS\system32\rqrpnkl.dll
2007-06-23 13:38 31,254 --a------ C:\WINDOWS\system32\yayvwus.dll
2007-06-23 13:34 31,254 --a------ C:\WINDOWS\system32\ddcdcya.dll
2007-06-23 13:31 31,254 --a------ C:\WINDOWS\system32\iifffge.dll
2007-06-23 13:28 31,254 --a------ C:\WINDOWS\system32\vtuursq.dll
2007-06-23 13:27 71,906 --a------ C:\DOCUME~1\Yas\mon.exe
2007-06-23 13:27 240,022 --a------ C:\DOCUME~1\Yas\services.exe
2007-06-23 11:48 31,254 --a------ C:\WINDOWS\system32\tuvvtsr.dll
2007-06-23 11:43 31,254 --a------ C:\WINDOWS\system32\qomkklm.dll
2007-06-23 11:38 31,254 --a------ C:\WINDOWS\system32\fccbaxx.dll
2007-06-23 11:33 31,254 --a------ C:\WINDOWS\system32\pmnmklk.dll
2007-06-23 11:28 31,254 --a------ C:\WINDOWS\system32\wvuutqo.dll
2007-06-23 11:23 31,254 --a------ C:\WINDOWS\system32\opnmjki.dll
2007-06-23 11:18 31,254 --a------ C:\WINDOWS\system32\xxywxur.dll
2007-06-23 11:13 31,254 --a------ C:\WINDOWS\system32\tuvvurp.dll
2007-06-23 11:08 31,254 --a------ C:\WINDOWS\system32\awtrsqp.dll
2007-06-23 11:03 31,254 --a------ C:\WINDOWS\system32\ddccdef.dll
2007-06-23 10:58 31,254 --a------ C:\WINDOWS\system32\ssqpqpp.dll
2007-06-23 10:53 31,254 --a------ C:\WINDOWS\system32\cbxwttu.dll
2007-06-19 18:11 <REP> d-------- C:\Program Files\The Creative Assembly
2007-06-11 22:23 <REP> d-------- C:\Program Files\Dynasty
2007-06-11 22:22 <REP> d-------- C:\Program Files\DDD Pool
2007-06-08 17:06 <REP> d-------- C:\Program Files\Windows Live
2007-06-07 21:27 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2007-06-07 21:27 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2007-05-26 13:35 <REP> d-------- C:\DOCUME~1\Yas\Saved Games
2007-05-26 13:34 <REP> d-------- C:\DOCUME~1\Yas\APPLIC~1\iWin


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-23 08:53:41 -------- d-----w C:\Program Files\MSN Messenger
2007-06-22 11:28:43 -------- d-----w C:\Program Files\eMule
2007-06-19 17:21:19 3,688 ----a-w C:\WINDOWS\system32\d3d9caps.dat
2007-06-19 16:18:37 -------- d-----w C:\Program Files\GameSpy Arcade
2007-06-19 16:11:08 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-15 11:41:43 16 ----a-w C:\WINDOWS\popcinfo.dat
2007-06-11 20:24:20 -------- d-----w C:\DOCUME~1\Yas\APPLIC~1\U3
2007-06-11 06:33:29 -------- d-----w C:\Program Files\Jewel Quest 2
2007-06-08 15:06:08 -------- d-----w C:\Program Files\Messenger Plus! Live
2007-06-05 15:51:59 32,496 -c--a-w C:\DOCUME~1\Yas\APPLIC~1\GDIPFONTCACHEV1.DAT
2007-05-22 20:18:22 -------- d-----w C:\Program Files\Luxor
2007-05-22 17:02:23 -------- d-----w C:\Program Files\Hotel Solitaire
2007-05-21 20:10:24 -------- d-----w C:\Program Files\Bejeweled 2 Deluxe
2007-05-21 20:02:17 -------- d-----w C:\Program Files\ReflexiveArcade
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-03-29 19:01:24 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2007-03-27 18:42:56 63,614 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-03-27 18:42:56 445,016 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-03-27 16:27:38 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2005-07-23 19:56:10 8,192 -csha-w C:\WINDOWS\o2cLicStore.bin


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 16:39]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 14:22]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar3.dll [2007-01-20 00:56]
{D681F814-A3C3-4379-B4A1-2730F64272BA}=C:\WINDOWS\system32\ssqrq.dll []
{DC192567-65F9-4AB6-ADB7-E13575F81726}=C:\WINDOWS\system32\cbxwttu.dll [2007-06-23 10:53]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-12-29 19:41]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 18:24 C:\WINDOWS\system32\Ati2mdxx.exe]
"ATIPTA"="C:\ATI-CPanel\atiptaxx.exe" [2003-11-13 22:10]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-01-05 12:50]
"brutelecd"="" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 14:03]
"MPTBox"="C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe" [2002-08-08 08:52]
"SoundMan"="SOUNDMAN.EXE" [2003-08-05 15:59 C:\WINDOWS\SOUNDMAN.EXE]
"Control Center"="C:\Program Files\ASUS\WLAN Card Utilities\Center.exe" [2004-11-04 19:36]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-11-24 16:38]
"RssReader"="C:\Program Files\RssReader\RssReader.exe" []
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-10-24 16:53]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-02-03 18:31]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-02-23 15:31]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{DC192567-65F9-4AB6-ADB7-E13575F81726}"="C:\WINDOWS\system32\cbxwttu.dll" [2007-06-23 10:53]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cbxwttu]
cbxwttu.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages msv1_0 nwprovau
Notification Packages :\WINDOWS\syste


Contents of the 'Scheduled Tasks' folder
2007-06-23 12:26:53 C:\WINDOWS\tasks\Ad-Aware SE Personal.job
2007-06-23 09:09:00 C:\WINDOWS\tasks\BitDefender 8 Professional.job
2007-06-22 19:12:00 C:\WINDOWS\tasks\Défragmenteur de disque.job
2007-06-23 12:26:52 C:\WINDOWS\tasks\Nettoyage de disque.job

**************************************************************************

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-23 14:48:42
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-23 14:50:13
C:\ComboFix-quarantined-files.txt ... 2007-06-23 14:49

--- E O F ---

Reposte un rapport Hijackthis, tu as beaucoup de fichiers infectés.
Mais on va y arriver  

Ok je m'y remets, en espérant que mes deux autres pc (celui de mon homme et de ma fille) ne sont pas touchés

Logfile of HijackThis v1.99.1
Scan saved at 14:54:15, on 23/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\ATI-CPanel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Yas\services.exe
C:\Program Files\QuickZip\QuickZip.exe
C:\DOCUME~1\Yas\LOCALS~1\Temp\QZTEMP\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.7sur7.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: (no name) - {D681F814-A3C3-4379-B4A1-2730F64272BA} - C:\WINDOWS\system32\ssqrq.dll (file missing)
O2 - BHO: (no name) - {DC192567-65F9-4AB6-ADB7-E13575F81726} - C:\WINDOWS\system32\cbxwttu.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [MPTBox] C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC75BB6A-5412-4FF6-B1CC-8B0EF667C79F}: NameServer = 212.68.193.110
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: cbxwttu - C:\WINDOWS\SYSTEM32\cbxwttu.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

Pourquoi tu n'as pas fait l'étape sur UploadMalware ?

Ah ben si je l'ai faite...
faut recommencer ?

Recommence pour voir. Après, on attaque.

j'avais pas joint le fichier...

dsl suis blonde mdrrrr

Nouveau COMBOFIX après réelle dde d'upload

ComboFix 07-06-21.3 - C:\Documents and Settings\Yas\Mes documents\Mes fichiers re‡us\ComboFix.exe
"Yas" - 2007-06-23 15:13:16 - Service Pack 2 NTFS


((((((((((((((((((((((((( Files Created from 2007-05-23 to 2007-06-23 )))))))))))))))))))))))))))))))


2007-06-23 15:16 31,254 --a------ C:\WINDOWS\system32\mljghfd.dll
2007-06-23 15:13 31,254 --a------ C:\WINDOWS\system32\wvuspmn.dll
2007-06-23 15:09 31,254 --a------ C:\WINDOWS\system32\ddcdabc.dll
2007-06-23 15:06 31,254 --a------ C:\WINDOWS\system32\tuvuron.dll
2007-06-23 15:03 31,254 --a------ C:\WINDOWS\system32\mljgfge.dll
2007-06-23 14:59 31,254 --a------ C:\WINDOWS\system32\tuvwtrs.dll
2007-06-23 14:56 31,254 --a------ C:\WINDOWS\system32\wvuromm.dll
2007-06-23 14:53 31,254 --a------ C:\WINDOWS\system32\byxwvvv.dll
2007-06-23 14:49 31,254 --a------ C:\WINDOWS\system32\urqolji.dll
2007-06-23 14:46 31,254 --a------ C:\WINDOWS\system32\rqrrqon.dll
2007-06-23 14:43 31,254 --a------ C:\WINDOWS\system32\yayxuro.dll
2007-06-23 14:39 31,254 --a------ C:\WINDOWS\system32\awtssqr.dll
2007-06-23 14:38 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-23 14:36 31,254 --a------ C:\WINDOWS\system32\hggfgda.dll
2007-06-23 14:33 31,254 --a------ C:\WINDOWS\system32\ljjghgg.dll
2007-06-23 14:29 31,254 --a------ C:\WINDOWS\system32\efcbyxu.dll
2007-06-23 14:24 31,254 --a------ C:\WINDOWS\system32\wvurqrq.dll
2007-06-23 14:22 31,254 --a------ C:\WINDOWS\system32\efccyvs.dll
2007-06-23 14:20 31,254 --a------ C:\WINDOWS\system32\xxyxxya.dll
2007-06-23 14:20 <REP> d-------- C:\VundoFix Backups
2007-06-23 14:19 31,254 --a------ C:\WINDOWS\system32\wvuuuuv.dll
2007-06-23 14:17 31,254 --a------ C:\WINDOWS\system32\tuvurqp.dll
2007-06-23 14:15 31,254 --a------ C:\WINDOWS\system32\ssqqopm.dll
2007-06-23 14:13 31,254 --a------ C:\WINDOWS\system32\ddccday.dll
2007-06-23 14:12 31,254 --a------ C:\WINDOWS\system32\wvuvuus.dll
2007-06-23 14:10 71,906 --a------ C:\WINDOWS\system32\mon.exe
2007-06-23 14:10 31,254 --a------ C:\WINDOWS\system32\hgggefe.dll
2007-06-23 14:09 31,254 --a------ C:\WINDOWS\system32\mljgdcd.dll
2007-06-23 13:59 31,254 --a------ C:\WINDOWS\system32\ssqpnkh.dll
2007-06-23 13:56 31,254 --a------ C:\WINDOWS\system32\cbxwvwx.dll
2007-06-23 13:51 31,254 --a------ C:\WINDOWS\system32\iifgddd.dll
2007-06-23 13:48 31,254 --a------ C:\WINDOWS\system32\rqrqpnm.dll
2007-06-23 13:44 31,254 --a------ C:\WINDOWS\system32\fccbcaa.dll
2007-06-23 13:41 31,254 --a------ C:\WINDOWS\system32\rqrpnkl.dll
2007-06-23 13:38 31,254 --a------ C:\WINDOWS\system32\yayvwus.dll
2007-06-23 13:34 31,254 --a------ C:\WINDOWS\system32\ddcdcya.dll
2007-06-23 13:31 31,254 --a------ C:\WINDOWS\system32\iifffge.dll
2007-06-23 13:28 31,254 --a------ C:\WINDOWS\system32\vtuursq.dll
2007-06-23 13:27 71,906 --a------ C:\DOCUME~1\Yas\mon.exe
2007-06-23 13:27 240,022 --a------ C:\DOCUME~1\Yas\services.exe
2007-06-23 11:48 31,254 --a------ C:\WINDOWS\system32\tuvvtsr.dll
2007-06-23 11:43 31,254 --a------ C:\WINDOWS\system32\qomkklm.dll
2007-06-23 11:38 31,254 --a------ C:\WINDOWS\system32\fccbaxx.dll
2007-06-23 11:33 31,254 --a------ C:\WINDOWS\system32\pmnmklk.dll
2007-06-23 11:28 31,254 --a------ C:\WINDOWS\system32\wvuutqo.dll
2007-06-23 11:23 31,254 --a------ C:\WINDOWS\system32\opnmjki.dll
2007-06-23 11:18 31,254 --a------ C:\WINDOWS\system32\xxywxur.dll
2007-06-23 11:13 31,254 --a------ C:\WINDOWS\system32\tuvvurp.dll
2007-06-23 11:08 31,254 --a------ C:\WINDOWS\system32\awtrsqp.dll
2007-06-23 11:03 31,254 --a------ C:\WINDOWS\system32\ddccdef.dll
2007-06-23 10:58 31,254 --a------ C:\WINDOWS\system32\ssqpqpp.dll
2007-06-23 10:53 31,254 --a------ C:\WINDOWS\system32\cbxwttu.dll
2007-06-19 18:11 <REP> d-------- C:\Program Files\The Creative Assembly
2007-06-11 22:23 <REP> d-------- C:\Program Files\Dynasty
2007-06-11 22:22 <REP> d-------- C:\Program Files\DDD Pool
2007-06-08 17:06 <REP> d-------- C:\Program Files\Windows Live
2007-06-07 21:27 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2007-06-07 21:27 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2007-05-26 13:35 <REP> d-------- C:\DOCUME~1\Yas\Saved Games
2007-05-26 13:34 <REP> d-------- C:\DOCUME~1\Yas\APPLIC~1\iWin


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-23 08:53:41 -------- d-----w C:\Program Files\MSN Messenger
2007-06-22 11:28:43 -------- d-----w C:\Program Files\eMule
2007-06-19 17:21:19 3,688 ----a-w C:\WINDOWS\system32\d3d9caps.dat
2007-06-19 16:18:37 -------- d-----w C:\Program Files\GameSpy Arcade
2007-06-19 16:11:08 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-15 11:41:43 16 ----a-w C:\WINDOWS\popcinfo.dat
2007-06-11 20:24:20 -------- d-----w C:\DOCUME~1\Yas\APPLIC~1\U3
2007-06-11 06:33:29 -------- d-----w C:\Program Files\Jewel Quest 2
2007-06-08 15:06:08 -------- d-----w C:\Program Files\Messenger Plus! Live
2007-06-05 15:51:59 32,496 -c--a-w C:\DOCUME~1\Yas\APPLIC~1\GDIPFONTCACHEV1.DAT
2007-05-22 20:18:22 -------- d-----w C:\Program Files\Luxor
2007-05-22 17:02:23 -------- d-----w C:\Program Files\Hotel Solitaire
2007-05-21 20:10:24 -------- d-----w C:\Program Files\Bejeweled 2 Deluxe
2007-05-21 20:02:17 -------- d-----w C:\Program Files\ReflexiveArcade
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-03-29 19:01:24 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2007-03-27 18:42:56 63,614 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-03-27 18:42:56 445,016 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-03-27 16:27:38 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2005-07-23 19:56:10 8,192 -csha-w C:\WINDOWS\o2cLicStore.bin


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 16:39]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 14:22]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar3.dll [2007-01-20 00:56]
{D681F814-A3C3-4379-B4A1-2730F64272BA}=C:\WINDOWS\system32\ssqrq.dll []
{DC192567-65F9-4AB6-ADB7-E13575F81726}=C:\WINDOWS\system32\cbxwttu.dll [2007-06-23 10:53]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-12-29 19:41]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 18:24 C:\WINDOWS\system32\Ati2mdxx.exe]
"ATIPTA"="C:\ATI-CPanel\atiptaxx.exe" [2003-11-13 22:10]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-01-05 12:50]
"brutelecd"="" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 14:03]
"MPTBox"="C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe" [2002-08-08 08:52]
"SoundMan"="SOUNDMAN.EXE" [2003-08-05 15:59 C:\WINDOWS\SOUNDMAN.EXE]
"Control Center"="C:\Program Files\ASUS\WLAN Card Utilities\Center.exe" [2004-11-04 19:36]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-11-24 16:38]
"RssReader"="C:\Program Files\RssReader\RssReader.exe" []
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-10-24 16:53]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-02-03 18:31]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-02-23 15:31]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{DC192567-65F9-4AB6-ADB7-E13575F81726}"="C:\WINDOWS\system32\cbxwttu.dll" [2007-06-23 10:53]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cbxwttu]
cbxwttu.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages msv1_0 nwprovau
Notification Packages :\WINDOWS\syste


Contents of the 'Scheduled Tasks' folder
2007-06-23 12:26:53 C:\WINDOWS\tasks\Ad-Aware SE Personal.job
2007-06-23 09:09:00 C:\WINDOWS\tasks\BitDefender 8 Professional.job
2007-06-22 19:12:00 C:\WINDOWS\tasks\Défragmenteur de disque.job
2007-06-23 12:26:52 C:\WINDOWS\tasks\Nettoyage de disque.job

**************************************************************************

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-23 15:17:59
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-23 15:20:04
C:\ComboFix-quarantined-files.txt ... 2007-06-23 15:19
C:\ComboFix2.txt ... 2007-06-23 14:50

--- E O F ---

Re,

Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :



Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de ComboFix-Do.txt

Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :


Cela va relancer Combofix. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]

ComboFix 07-06-21.3 - C:\Documents and Settings\Yas\Bureau\ComboFix.exe
"Yas" - 2007-06-23 17:38:13 - Service Pack 2 NTFS
Command switches used :: C:\Documents and Settings\Yas\ComboFix-Do.txt


(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\ddccd.dll
C:\WINDOWS\system32\dccdd.bak1
C:\WINDOWS\system32\dccdd.ini


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Documents and Settings\Yas\mon.exe
C:\Documents and Settings\Yas\services.exe
C:\VundoFix Backups
C:\VundoFix Backups\addmorefiles.txt
C:\VundoFix Backups\qrqss.bak1.bad
C:\VundoFix Backups\qrqss.ini.bad
C:\VundoFix Backups\ssqrq.dll.bad
C:\WINDOWS\system32\awtrsqp.dll
C:\WINDOWS\system32\awtssqr.dll
C:\WINDOWS\system32\cbxwttu.dll
C:\WINDOWS\system32\cbxwvwx.dll
C:\WINDOWS\system32\ddccday.dll
C:\WINDOWS\system32\ddccdef.dll
C:\WINDOWS\system32\ddcdcya.dll
C:\WINDOWS\system32\efcbyxu.dll
C:\WINDOWS\system32\efccyvs.dll
C:\WINDOWS\system32\fccbaxx.dll
C:\WINDOWS\system32\fccbcaa.dll
C:\WINDOWS\system32\hggfgda.dll
C:\WINDOWS\system32\hgggefe.dll
C:\WINDOWS\system32\iifffge.dll
C:\WINDOWS\system32\iifgddd.dll
C:\WINDOWS\system32\ljjghgg.dll
C:\WINDOWS\system32\mljgdcd.dll
C:\WINDOWS\system32\mon.exe
C:\WINDOWS\system32\opnmjki.dll
C:\WINDOWS\system32\pmnmklk.dll
C:\WINDOWS\system32\qomkklm.dll
C:\WINDOWS\system32\rqrpnkl.dll
C:\WINDOWS\system32\rqrqpnm.dll
C:\WINDOWS\system32\rqrrqon.dll
C:\WINDOWS\system32\ssqpnkh.dll
C:\WINDOWS\system32\ssqpqpp.dll
C:\WINDOWS\system32\ssqqopm.dll
C:\WINDOWS\system32\tuvurqp.dll
C:\WINDOWS\system32\tuvvtsr.dll
C:\WINDOWS\system32\tuvvurp.dll
C:\WINDOWS\system32\vtuursq.dll
C:\WINDOWS\system32\wvurqrq.dll
C:\WINDOWS\system32\wvuutqo.dll
C:\WINDOWS\system32\wvuuuuv.dll
C:\WINDOWS\system32\wvuvuus.dll
C:\WINDOWS\system32\xxywxur.dll
C:\WINDOWS\system32\xxyxxya.dll
C:\WINDOWS\system32\yayvwus.dll
C:\WINDOWS\system32\yayxuro.dll


((((((((((((((((((((((((( Files Created from 2007-05-23 to 2007-06-23 )))))))))))))))))))))))))))))))


2007-06-23 15:26 31,254 --a------ C:\WINDOWS\system32\byxxvts.dll
2007-06-23 15:23 31,254 --a------ C:\WINDOWS\system32\yayyyvu.dll
2007-06-23 15:19 31,254 --a------ C:\WINDOWS\system32\wvutspq.dll
2007-06-23 15:16 31,254 --a------ C:\WINDOWS\system32\mljghfd.dll
2007-06-23 15:13 31,254 --a------ C:\WINDOWS\system32\wvuspmn.dll
2007-06-23 15:09 31,254 --a------ C:\WINDOWS\system32\ddcdabc.dll
2007-06-23 15:06 31,254 --a------ C:\WINDOWS\system32\tuvuron.dll
2007-06-23 15:03 31,254 --a------ C:\WINDOWS\system32\mljgfge.dll
2007-06-23 14:59 31,254 --a------ C:\WINDOWS\system32\tuvwtrs.dll
2007-06-23 14:56 31,254 --a------ C:\WINDOWS\system32\wvuromm.dll
2007-06-23 14:53 31,254 --a------ C:\WINDOWS\system32\byxwvvv.dll
2007-06-23 14:49 31,254 --a------ C:\WINDOWS\system32\urqolji.dll
2007-06-23 14:38 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-19 18:11 <REP> d-------- C:\Program Files\The Creative Assembly
2007-06-11 22:23 <REP> d-------- C:\Program Files\Dynasty
2007-06-11 22:22 <REP> d-------- C:\Program Files\DDD Pool
2007-06-08 17:06 <REP> d-------- C:\Program Files\Windows Live
2007-06-07 21:27 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2007-06-07 21:27 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2007-05-26 13:35 <REP> d-------- C:\DOCUME~1\Yas\Saved Games
2007-05-26 13:34 <REP> d-------- C:\DOCUME~1\Yas\APPLIC~1\iWin


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-23 08:53:41 -------- d-----w C:\Program Files\MSN Messenger
2007-06-22 11:28:43 -------- d-----w C:\Program Files\eMule
2007-06-19 17:21:19 3,688 ----a-w C:\WINDOWS\system32\d3d9caps.dat
2007-06-19 16:18:37 -------- d-----w C:\Program Files\GameSpy Arcade
2007-06-19 16:11:08 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-15 11:41:43 16 ----a-w C:\WINDOWS\popcinfo.dat
2007-06-11 20:24:20 -------- d-----w C:\DOCUME~1\Yas\APPLIC~1\U3
2007-06-11 06:33:29 -------- d-----w C:\Program Files\Jewel Quest 2
2007-06-08 15:06:08 -------- d-----w C:\Program Files\Messenger Plus! Live
2007-06-05 15:51:59 32,496 -c--a-w C:\DOCUME~1\Yas\APPLIC~1\GDIPFONTCACHEV1.DAT
2007-05-22 20:18:22 -------- d-----w C:\Program Files\Luxor
2007-05-22 17:02:23 -------- d-----w C:\Program Files\Hotel Solitaire
2007-05-21 20:10:24 -------- d-----w C:\Program Files\Bejeweled 2 Deluxe
2007-05-21 20:02:17 -------- d-----w C:\Program Files\ReflexiveArcade
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-03-29 19:01:24 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2007-03-27 18:42:56 63,614 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-03-27 18:42:56 445,016 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-03-27 16:27:38 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2005-07-23 19:56:10 8,192 -csha-w C:\WINDOWS\o2cLicStore.bin


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 16:39]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 14:22]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar3.dll [2007-01-20 00:56]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-12-29 19:41]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 18:24 C:\WINDOWS\system32\Ati2mdxx.exe]
"ATIPTA"="C:\ATI-CPanel\atiptaxx.exe" [2003-11-13 22:10]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-01-05 12:50]
"brutelecd"="" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 14:03]
"MPTBox"="C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe" [2002-08-08 08:52]
"SoundMan"="SOUNDMAN.EXE" [2003-08-05 15:59 C:\WINDOWS\SOUNDMAN.EXE]
"Control Center"="C:\Program Files\ASUS\WLAN Card Utilities\Center.exe" [2004-11-04 19:36]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-11-24 16:38]
"RssReader"="C:\Program Files\RssReader\RssReader.exe" []
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-10-24 16:53]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-02-03 18:31]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-02-23 15:31]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{DC192567-65F9-4AB6-ADB7-E13575F81726}"="C:\WINDOWS\system32\xxyyyaa.dll" [2007-06-23 17:48]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxyyyaa]
xxyyyaa.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages msv1_0 nwprovau
Notification Packages :\WINDOWS\syste


Contents of the 'Scheduled Tasks' folder
2007-06-23 15:46:48 C:\WINDOWS\tasks\Ad-Aware SE Personal.job
2007-06-23 09:09:00 C:\WINDOWS\tasks\BitDefender 8 Professional.job
2007-06-22 19:12:00 C:\WINDOWS\tasks\Défragmenteur de disque.job
2007-06-23 15:46:48 C:\WINDOWS\tasks\Nettoyage de disque.job

**************************************************************************

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-23 17:47:03
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\system32\xxyyyaa.dll

scan completed successfully
hidden files: 1

**************************************************************************

Completion time: 2007-06-23 17:50:47 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-06-23 17:50
C:\ComboFix2.txt ... 2007-06-23 15:20
C:\ComboFix3.txt ... 2007-06-23 14:50

--- E O F ---

Logfile of HijackThis v1.99.1
Scan saved at 17:53:20, on 23/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\ATI-CPanel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmgr.exe
C:\Documents and Settings\Yas\services.exe
C:\DOCUME~1\Yas\LOCALS~1\Temp\QZTEMP\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.7sur7.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [MPTBox] C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC75BB6A-5412-4FF6-B1CC-8B0EF667C79F}: NameServer = 212.68.193.110
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O20 - Winlogon Notify: xxyyyaa - C:\WINDOWS\SYSTEM32\xxyyyaa.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

Voilà... J'espère que ça continue dans le bon sens...

Tu peux recommencer mais avec ce script ?

Je dois faire comment ? s-)

Désolée, mais je sais pas faire avec le scxript que tu m'as donné...

Problème apparemment résolu avec l'anti-virus NOD32 V2.7

On n'a pas fini, tu as déjà fait un script :
http://www.infos-du-net.com/forum/forum2.php?config=inf...

Message supprimé : créez vos propres sujets