Se connecter avec
S'enregistrer | Connectez-vous

virus DAME wininit.exe

Dernière réponse : dans Sécurité

bonjour,
avast a trouvé un virus DAME (dark angel...) et le détruit pas et ne le met pas en quarantaine

j'ai passé adware puis spybot puis cclean

j'ai fait un hijakthis

un ami m'a dit d'utiliser ensuite otmoveit


en vain l'ordi ne veut pas éliminer un fichier qui s'appelle :


c:\windows\system32\wininit.exe


qui semble infecter mon ordi



si ça peut vous servir :

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 17:31:18, on 04/10/2007
Platform: Windows Vista (WinNT 6.00.1904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\vsnp2std.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\jean-michel\Desktop\test.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 22259 bytes



merci d'avance pour votre aide !

Autres pages sur : virus dame wininit exe

Lassé par la pub ? Créez un compte

Bonjour,

En effet, wininit est un fichier indésirable.

Télécharge Combofix (par sUBs) sur ton Bureau. (Tuto)
Double clique combofix.exe.
Tape sur la touche 1 (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Le rapport se trouve ici : C:\Combofix.txt

Merci pour ton aide voilà ce que j'ai :



ComboFix 07-10-04.6 - jean-michel 2007-10-04 19:37:24.1 - NTFSx86
Microsoft© Windows VistaT dition Familiale Premium 6.0.6000.0.1252.1.1036.18.1353 [GMT 2:00]
Running from: C:\Users\jean-michel\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((( Fichiers créés 2007-09-04 to 2007-10-04 ))))))))))))))))))))))))))))))))))))
.

2007-10-04 19:34 51,200 --a------ C:\Windows\NirCmd.exe
2007-10-04 16:44 <REP> d-------- C:\Program Files\MSN Messenger
2007-10-03 00:06 <REP> d-------- C:\ProgramData\Yahoo! Companion
2007-10-02 23:20 <REP> d-------- C:\Program Files\Yahoo!
2007-10-02 23:20 <REP> d-------- C:\Program Files\CCleaner
2007-10-02 23:04 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy
2007-10-02 18:49 <REP> d-------- C:\ProgramData\Lavasoft
2007-10-02 18:49 <REP> d-------- C:\Program Files\Lavasoft
2007-10-02 18:47 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-09-27 18:36 57,856 --a------ C:\Windows\System32\SLUINotify.dll
2007-09-27 18:36 566,784 --a------ C:\Windows\System32\SLCommDlg.dll
2007-09-27 18:36 39,936 --a------ C:\Windows\System32\slcinst.dll
2007-09-27 18:36 351,232 --a------ C:\Windows\System32\SLUI.exe
2007-09-27 18:36 33,280 --a------ C:\Windows\System32\slwmi.dll
2007-09-27 18:36 268,288 --a------ C:\Windows\System32\mcbuilder.exe
2007-09-27 18:36 223,232 --a------ C:\Windows\System32\SLC.dll
2007-09-27 18:36 2,605,568 --a------ C:\Windows\System32\SLsvc.exe
2007-09-27 18:36 186,368 --a------ C:\Windows\System32\SLLUA.exe
2007-09-25 16:01 <REP> d-------- C:\Program Files\iPod
2007-09-25 16:00 <REP> d-------- C:\Program Files\iTunes
2007-09-25 15:48 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\Apple Computer
2007-09-25 15:44 <REP> d-------- C:\ProgramData\Apple Computer
2007-09-25 15:44 <REP> d-------- C:\Program Files\QuickTime
2007-09-25 15:42 <REP> d-------- C:\Program Files\Apple Software Update
2007-09-25 15:41 <REP> d-------- C:\ProgramData\Apple
2007-09-25 15:41 <REP> d-------- C:\Program Files\Common Files\Apple
2007-09-25 12:02 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\Google
2007-09-25 08:34 <REP> d-------- C:\ProgramData\Google
2007-09-25 08:34 <REP> d-------- C:\Program Files\Common Files\xing shared
2007-09-25 08:33 <REP> d-------- C:\Program Files\Real
2007-09-25 08:33 <REP> d-------- C:\Program Files\Google
2007-09-25 08:33 <REP> d-------- C:\Program Files\Common Files\Real
2007-09-25 08:32 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\Real
2007-09-25 08:21 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\vlc
2007-09-25 08:00 <REP> d-------- C:\Program Files\VideoLAN
2007-09-24 18:33 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\ScanSoft
2007-09-24 18:33 <REP> d-------- C:\ProgramData\ScanSoft
2007-09-24 18:33 <REP> d-------- C:\ProgramData\InstallShield
2007-09-24 18:33 <REP> d-------- C:\Program Files\Common Files\ScanSoft Shared
2007-09-24 18:32 <REP> d-------- C:\Program Files\ScanSoft
2007-09-24 18:22 212,480 --a------ C:\Windows\PCDLIB32.DLL
2007-09-24 18:22 <REP> d-------- C:\Program Files\ArcSoft
2007-09-24 18:12 <REP> d--h----- C:\ProgramData\CanonBJ
2007-09-24 18:11 <REP> d--h----- C:\Windows\System32\CanonIJ Uninstaller Information
2007-09-24 18:08 197,632 --a------ C:\Windows\System32\CNMLM87.DLL
2007-09-24 18:07 57,344 --a------ C:\Windows\System32\CNCI600.DLL
2007-09-24 18:07 135,168 --a------ C:\Windows\System32\CNCL600.DLL
2007-09-24 18:07 106,496 --a------ C:\Windows\System32\cnco600.dll
2007-09-24 18:07 1,298,432 --a------ C:\Windows\System32\CNCC600.DLL
2007-09-24 18:07 <REP> d--h----- C:\Program Files\CanonBJ
2007-09-24 18:06 <REP> d-------- C:\Program Files\Canon
2007-09-20 08:27 <REP> d-------- C:\ProgramData\eMule
2007-09-20 08:26 <REP> d-------- C:\Program Files\eMule
2007-09-20 08:20 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\AdobeUM
2007-09-06 09:25 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\U3
2007-09-04 15:59 0 --a------ C:\Windows\nsreg.dat
2007-09-04 15:58 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\Thunderbird
2007-09-04 15:56 <REP> d-------- C:\Program Files\Mozilla Thunderbird
2007-09-04 15:00 87,040 --a------ C:\Windows\System32\msoert2.dll
2007-09-04 15:00 84,480 --a------ C:\Windows\System32\INETRES.dll
2007-09-04 15:00 737,792 --a------ C:\Windows\System32\inetcomm.dll
2007-09-04 15:00 39,424 --a------ C:\Windows\System32\ACCTRES.dll
2007-09-04 15:00 205,824 --a------ C:\Windows\System32\msoeacct.dll
2007-09-04 14:58 2,048 --a------ C:\Windows\System32\tzres.dll
2007-09-04 14:57 374,456 --a------ C:\Windows\System32\mcupdate_GenuineIntel.dll
2007-09-04 14:56 86,016 --a------ C:\Windows\System32\icfupgd.dll
2007-09-04 14:56 63,488 --a------ C:\Windows\System32\drivers\mpsdrv.sys
2007-09-04 14:56 61,952 --a------ C:\Windows\System32\cmifw.dll
2007-09-04 14:56 396,800 --a------ C:\Windows\System32\MPSSVC.dll
2007-09-04 14:56 392,192 --a------ C:\Windows\System32\FirewallAPI.dll
2007-09-04 14:56 23,040 --a------ C:\Windows\System32\drivers\tunnel.sys
2007-09-04 14:56 178,688 --a------ C:\Windows\System32\iphlpsvc.dll
2007-09-04 14:56 16,896 --a------ C:\Windows\System32\wfapigp.dll
2007-09-04 14:56 15,360 --a------ C:\Windows\System32\drivers\TUNMP.SYS
2007-09-04 14:56 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-09-04 14:55 8,147,968 --a------ C:\Windows\System32\wmploc.DLL
2007-09-04 14:55 7,680 --a------ C:\Windows\System32\spwmp.dll
2007-09-04 14:55 4,096 --a------ C:\Windows\System32\dxmasf.dll
2007-09-04 14:55 2,048 --a------ C:\Windows\System32\msxml3r.dll
2007-09-04 14:55 1,191,936 --a------ C:\Windows\System32\msxml3.dll
2007-09-04 14:54 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2007-09-04 14:54 1,686,528 --a------ C:\Windows\System32\gameux.dll
2007-09-04 14:51 704,000 --a------ C:\Windows\System32\PhotoScreensaver.scr
2007-09-04 14:51 2,048 --a------ C:\Windows\System32\msxml6r.dll
2007-09-04 14:51 1,335,296 --a------ C:\Windows\System32\msxml6.dll
2007-09-04 14:44 750,080 --a------ C:\Windows\System32\qmgr.dll
2007-09-04 14:19 <REP> d-------- C:\ProgramData\LightScribe
2007-09-04 12:28 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\OFFICEOne7
2007-09-04 12:27 <REP> d-------- C:\Donn‚es Ciel
2007-09-04 11:50 46,160 --a------ C:\Windows\System32\drivers\aswMonFlt.sys
2007-09-04 11:22 <REP> d-------- C:\Program Files\OFFICE One Games
2007-09-04 11:21 16,384 --a------ C:\Windows\System32\DsrSleep.dll
2007-09-04 11:20 42,912 --a------ C:\Windows\System32\drivers\aswTdi.sys
2007-09-04 11:20 23,152 --a------ C:\Windows\System32\drivers\aswRdr.sys
2007-09-04 11:19 95,608 --a------ C:\Windows\System32\AVASTSS.scr
2007-09-04 11:19 783,224 --a------ C:\Windows\System32\aswBoot.exe
2007-09-04 11:19 77,312 --a------ C:\Windows\System32\ztvunace26.dll
2007-09-04 11:19 69,632 --a------ C:\Windows\System32\ztvcabinet.dll
2007-09-04 11:19 162,304 --a------ C:\Windows\System32\ztvunrar36.dll
2007-09-04 11:19 <REP> d-------- C:\Program Files\Alwil Software

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-02 21:43 9344 --a------ C:\Windows\system32\drivers\NSDriver.sys
2007-10-02 21:43 8320 --a------ C:\Windows\system32\drivers\AWRTRD.sys
2007-09-24 18:33 --------- d-------- C:\Program Files\Common Files\InstallShield
2007-09-24 18:21 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-09-21 08:54 --------- d-------- C:\ProgramData\Microsoft Help
2007-09-21 08:43 45056 --a------ C:\Windows\System32\acovcnt.exe
2007-09-18 16:09 --------- d-------- C:\Program Files\Windows Mail
2007-09-04 15:09 174 --ahs---- C:\Program Files\desktop.ini
2007-09-04 15:05 --------- d-------- C:\Program Files\Windows Calendar
2007-09-04 15:01 8192 --a------ C:\Windows\System32\riched32.dll
2007-09-04 15:01 77824 --a------ C:\Windows\System32\rascfg.dll
2007-09-04 15:01 70144 --a------ C:\Windows\system32\drivers\pacer.sys
2007-09-04 15:01 694784 --a------ C:\Windows\System32\localspl.dll
2007-09-04 15:01 61952 --a------ C:\Windows\system32\drivers\wanarp.sys
2007-09-04 15:01 619008 --a------ C:\Windows\system32\drivers\dxgkrnl.sys
2007-09-04 15:01 52736 --a------ C:\Windows\System32\rasdiag.dll
2007-09-04 15:01 48640 --a------ C:\Windows\system32\drivers\ndproxy.sys
2007-09-04 15:01 384000 --a------ C:\Windows\System32\netcfgx.dll
2007-09-04 15:01 36864 --a------ C:\Windows\System32\cdd.dll
2007-09-04 15:01 33280 --a------ C:\Windows\System32\traffic.dll
2007-09-04 15:01 32768 --a------ C:\Windows\System32\rasmxs.dll
2007-09-04 15:01 286208 --a------ C:\Windows\System32\ipnathlp.dll
2007-09-04 15:01 22016 --a------ C:\Windows\System32\rasser.dll
2007-09-04 15:01 20480 --a------ C:\Windows\system32\drivers\ndistapi.sys
2007-09-04 15:01 15360 --a------ C:\Windows\System32\pacerprf.dll
2007-09-04 15:01 13824 --a------ C:\Windows\System32\wshqos.dll
2007-09-04 15:01 13824 --a------ C:\Windows\System32\icsunattend.exe
2007-09-04 15:01 134656 --a------ C:\Windows\System32\dps.dll
2007-09-04 14:54 537600 --a------ C:\Windows\AppPatch\AcLayers.dll
2007-09-04 14:54 449536 --a------ C:\Windows\AppPatch\AcSpecfc.dll
2007-09-04 14:54 2144256 --a------ C:\Windows\AppPatch\AcGenral.dll
2007-09-04 14:54 173056 --a------ C:\Windows\AppPatch\AcXtrnal.dll
2007-09-04 14:50 88576 --a------ C:\Windows\System32\avifil32.dll
2007-09-04 14:50 82944 --a------ C:\Windows\System32\mciavi32.dll
2007-09-04 14:50 8138240 --a------ C:\Windows\System32\ssBranded.scr
2007-09-04 14:50 712192 --a------ C:\Windows\System32\WindowsCodecs.dll
2007-09-04 14:50 69632 --a------ C:\Windows\System32\sendmail.dll
2007-09-04 14:50 65024 --a------ C:\Windows\System32\avicap32.dll
2007-09-04 14:50 61440 --a------ C:\Windows\System32\ntprint.exe
2007-09-04 14:50 3504824 --a------ C:\Windows\System32\ntkrnlpa.exe
2007-09-04 14:50 3470008 --a------ C:\Windows\System32\ntoskrnl.exe
2007-09-04 14:50 31232 --a------ C:\Windows\System32\msvidc32.dll
2007-09-04 14:50 269824 --a------ C:\Windows\System32\schannel.dll
2007-09-04 14:50 220160 --a------ C:\Windows\System32\ntprint.dll
2007-09-04 14:50 1984512 --a------ C:\Windows\System32\authui.dll
2007-09-04 14:50 12800 --a------ C:\Windows\System32\msrle32.dll
2007-09-04 14:50 1244672 --a------ C:\Windows\System32\mcmde.dll
2007-09-04 14:50 123904 --a------ C:\Windows\System32\msvfw32.dll
2007-09-04 14:50 120320 --a------ C:\Windows\System32\dhcpcsvc6.dll
2007-09-04 14:50 10240 --a------ C:\Windows\System32\dhcpcmonitor.dll
2007-09-04 14:48 56320 --a------ C:\Windows\System32\iesetup.dll
2007-09-04 14:48 52736 --a------ C:\Windows\AppPatch\iebrshim.dll
2007-09-04 14:48 5120 --a------ C:\Windows\System32\wmi.dll
2007-09-04 14:48 26624 --a------ C:\Windows\System32\ieUnatt.exe
2007-09-04 14:48 152576 --a------ C:\Windows\System32\imagehlp.dll
2007-09-04 14:48 12800 --a------ C:\Windows\system32\drivers\fs_rec.sys
2007-09-04 11:00 --------- d-------- C:\Program Files\Common Files\Symantec Shared
2007-09-04 10:57 --------- d-------- C:\ProgramData\Symantec
2007-09-01 11:22 --------- d-------- C:\ProgramData\ASUS
2007-08-31 23:02 --------- d-------- C:\Users\jean-michel\AppData\Roaming\InstallShield
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-06-13 16:44]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-26 21:12]
"InCD"="C:\Program Files\Nero\Nero 7\InCD\InCD.exe" [2007-03-26 20:42]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 11:07 C:\Windows\RtHDVCpl.exe]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 11:31]
"snp2std"="C:\Windows\vsnp2std.exe" [2006-08-09 10:18]
"ATKMEDIA"="C:\Program Files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 17:27]
"ASUSTPE"="C:\Windows\system32\ASUSTPE.exe" [2006-12-13 00:06]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-22 23:27]
"ASUS Camera ScreenSaver"="C:\Windows\ASScrProlog.exe" [2007-06-13 17:03]
"ASUS Screen Saver Protector"="C:\Windows\ASScrPro.exe" [2007-06-13 17:03]
"PowerForPhone"="C:\Program Files\PowerForPhone\PowerForPhone.exe" [2007-01-16 00:17]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 12:45]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-25 08:34]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 10:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 14:35]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-09-25 08:34]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26]
OFFICE One Startup v7.lnk - C:\Program Files\OFFICE One v7\OFFICE One Startup v7\oostartupv7.exe [2007-09-04 11:31:53]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26]
OFFICE One Startup v7.lnk - C:\Program Files\OFFICE One v7\OFFICE One Startup v7\oostartupv7.exe [2007-09-04 11:31:53]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)

R2 ASLDRService;ASLDR Service;C:\Program Files\ATK Hotkey\ASLDRSrv.exe
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
R3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys
R3 RTSTOR;USB Mass Storage Device;C:\Windows\system32\drivers\RTSTOR.SYS
R3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\Windows\system32\DRIVERS\snp2sxp.sys
R3 WCPU;WCPU;\??\C:\Program Files\P4G\WCPU.sys
S2 ghaio;ghaio;\??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
S3 lvupdtio;lvupdtio;\??\C:\Program Files\ASUS\ASUS Live Update\SYS64\lvupdtio.sys
S3 NETw3v32;Intel(R) PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw3v32.sys
S3 nvlddmkm;nvlddmkm;C:\Windows\system32\DRIVERS\nvlddmkm.sys
S3 RTL8169;Realtek 8169 NT Driver;C:\Windows\system32\DRIVERS\Rtlh86.sys
S3 TPM;TPM;C:\Windows\system32\drivers\tpm.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
bthsvcs BthServ


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb363352-5c45-11dc-b21a-001bfc48379d}]
AutoRun\command- H:\LaunchU3.exe -a

*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-10-04 10:35:17 C:\Windows\Tasks\User_Feed_Synchronization-{4465F063-F962-46B2-9E0B-B30357339911}.job"
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-04 19:42:22
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-04 19:45:09
.
--- E O F ---

Copie le texte se situant dans le cadre ci-dessous :

File::
c:\windows\system32\wininit.exe


Ouvre le Bloc-Notes puis colle le texte copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :


Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
S'il n'y a pas de rédémarrage, poste quand même les rapports.

Télécharge sur ton bureau : Clean
Dézippe le sur ton bureau. Double-clic sur ce dossier clean.
Double-clic sur clean.cmd. Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé et poste le rapport ici.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 21:01, on 2007-10-04
Platform: Windows Vista (WinNT 6.00.1904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\vsnp2std.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\jean-michel\Desktop\test.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 22005 bytes

ComboFix 07-10-04.6 - jean-michel 2007-10-04 21:04:45.3 - NTFSx86
Microsoft© Windows VistaT dition Familiale Premium 6.0.6000.0.1252.1.1036.18.1271 [GMT 2:00]
Running from: C:\Users\jean-michel\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés 2007-09-04 to 2007-10-04 ))))))))))))))))))))))))))))))))))))
.

2007-10-04 19:34 51,200 --a------ C:\Windows\NirCmd.exe
2007-10-04 16:44 <REP> d-------- C:\Program Files\MSN Messenger
2007-10-03 00:06 <REP> d-------- C:\ProgramData\Yahoo! Companion
2007-10-02 23:20 <REP> d-------- C:\Program Files\Yahoo!
2007-10-02 23:20 <REP> d-------- C:\Program Files\CCleaner
2007-10-02 23:04 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy
2007-10-02 18:49 <REP> d-------- C:\ProgramData\Lavasoft
2007-10-02 18:49 <REP> d-------- C:\Program Files\Lavasoft
2007-10-02 18:47 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-09-27 18:36 57,856 --a------ C:\Windows\System32\SLUINotify.dll
2007-09-27 18:36 566,784 --a------ C:\Windows\System32\SLCommDlg.dll
2007-09-27 18:36 39,936 --a------ C:\Windows\System32\slcinst.dll
2007-09-27 18:36 351,232 --a------ C:\Windows\System32\SLUI.exe
2007-09-27 18:36 33,280 --a------ C:\Windows\System32\slwmi.dll
2007-09-27 18:36 268,288 --a------ C:\Windows\System32\mcbuilder.exe
2007-09-27 18:36 223,232 --a------ C:\Windows\System32\SLC.dll
2007-09-27 18:36 2,605,568 --a------ C:\Windows\System32\SLsvc.exe
2007-09-27 18:36 186,368 --a------ C:\Windows\System32\SLLUA.exe
2007-09-25 16:01 <REP> d-------- C:\Program Files\iPod
2007-09-25 16:00 <REP> d-------- C:\Program Files\iTunes
2007-09-25 15:48 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\Apple Computer
2007-09-25 15:44 <REP> d-------- C:\ProgramData\Apple Computer
2007-09-25 15:44 <REP> d-------- C:\Program Files\QuickTime
2007-09-25 15:42 <REP> d-------- C:\Program Files\Apple Software Update
2007-09-25 15:41 <REP> d-------- C:\ProgramData\Apple
2007-09-25 15:41 <REP> d-------- C:\Program Files\Common Files\Apple
2007-09-25 12:02 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\Google
2007-09-25 08:34 <REP> d-------- C:\ProgramData\Google
2007-09-25 08:34 <REP> d-------- C:\Program Files\Common Files\xing shared
2007-09-25 08:33 <REP> d-------- C:\Program Files\Real
2007-09-25 08:33 <REP> d-------- C:\Program Files\Google
2007-09-25 08:33 <REP> d-------- C:\Program Files\Common Files\Real
2007-09-25 08:32 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\Real
2007-09-25 08:21 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\vlc
2007-09-25 08:00 <REP> d-------- C:\Program Files\VideoLAN
2007-09-24 18:33 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\ScanSoft
2007-09-24 18:33 <REP> d-------- C:\ProgramData\ScanSoft
2007-09-24 18:33 <REP> d-------- C:\ProgramData\InstallShield
2007-09-24 18:33 <REP> d-------- C:\Program Files\Common Files\ScanSoft Shared
2007-09-24 18:32 <REP> d-------- C:\Program Files\ScanSoft
2007-09-24 18:22 212,480 --a------ C:\Windows\PCDLIB32.DLL
2007-09-24 18:22 <REP> d-------- C:\Program Files\ArcSoft
2007-09-24 18:12 <REP> d--h----- C:\ProgramData\CanonBJ
2007-09-24 18:11 <REP> d--h----- C:\Windows\System32\CanonIJ Uninstaller Information
2007-09-24 18:08 197,632 --a------ C:\Windows\System32\CNMLM87.DLL
2007-09-24 18:07 57,344 --a------ C:\Windows\System32\CNCI600.DLL
2007-09-24 18:07 135,168 --a------ C:\Windows\System32\CNCL600.DLL
2007-09-24 18:07 106,496 --a------ C:\Windows\System32\cnco600.dll
2007-09-24 18:07 1,298,432 --a------ C:\Windows\System32\CNCC600.DLL
2007-09-24 18:07 <REP> d--h----- C:\Program Files\CanonBJ
2007-09-24 18:06 <REP> d-------- C:\Program Files\Canon
2007-09-20 08:27 <REP> d-------- C:\ProgramData\eMule
2007-09-20 08:26 <REP> d-------- C:\Program Files\eMule
2007-09-20 08:20 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\AdobeUM
2007-09-06 09:25 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\U3
2007-09-04 15:59 0 --a------ C:\Windows\nsreg.dat
2007-09-04 15:58 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\Thunderbird
2007-09-04 15:56 <REP> d-------- C:\Program Files\Mozilla Thunderbird
2007-09-04 15:00 87,040 --a------ C:\Windows\System32\msoert2.dll
2007-09-04 15:00 84,480 --a------ C:\Windows\System32\INETRES.dll
2007-09-04 15:00 737,792 --a------ C:\Windows\System32\inetcomm.dll
2007-09-04 15:00 39,424 --a------ C:\Windows\System32\ACCTRES.dll
2007-09-04 15:00 205,824 --a------ C:\Windows\System32\msoeacct.dll
2007-09-04 14:58 2,048 --a------ C:\Windows\System32\tzres.dll
2007-09-04 14:57 374,456 --a------ C:\Windows\System32\mcupdate_GenuineIntel.dll
2007-09-04 14:56 86,016 --a------ C:\Windows\System32\icfupgd.dll
2007-09-04 14:56 63,488 --a------ C:\Windows\System32\drivers\mpsdrv.sys
2007-09-04 14:56 61,952 --a------ C:\Windows\System32\cmifw.dll
2007-09-04 14:56 396,800 --a------ C:\Windows\System32\MPSSVC.dll
2007-09-04 14:56 392,192 --a------ C:\Windows\System32\FirewallAPI.dll
2007-09-04 14:56 23,040 --a------ C:\Windows\System32\drivers\tunnel.sys
2007-09-04 14:56 178,688 --a------ C:\Windows\System32\iphlpsvc.dll
2007-09-04 14:56 16,896 --a------ C:\Windows\System32\wfapigp.dll
2007-09-04 14:56 15,360 --a------ C:\Windows\System32\drivers\TUNMP.SYS
2007-09-04 14:56 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-09-04 14:55 8,147,968 --a------ C:\Windows\System32\wmploc.DLL
2007-09-04 14:55 7,680 --a------ C:\Windows\System32\spwmp.dll
2007-09-04 14:55 4,096 --a------ C:\Windows\System32\dxmasf.dll
2007-09-04 14:55 2,048 --a------ C:\Windows\System32\msxml3r.dll
2007-09-04 14:55 1,191,936 --a------ C:\Windows\System32\msxml3.dll
2007-09-04 14:54 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2007-09-04 14:54 1,686,528 --a------ C:\Windows\System32\gameux.dll
2007-09-04 14:51 704,000 --a------ C:\Windows\System32\PhotoScreensaver.scr
2007-09-04 14:51 2,048 --a------ C:\Windows\System32\msxml6r.dll
2007-09-04 14:51 1,335,296 --a------ C:\Windows\System32\msxml6.dll
2007-09-04 14:44 750,080 --a------ C:\Windows\System32\qmgr.dll
2007-09-04 14:19 <REP> d-------- C:\ProgramData\LightScribe
2007-09-04 12:28 <REP> d-------- C:\Users\jean-michel\AppData\Roaming\OFFICEOne7
2007-09-04 12:27 <REP> d-------- C:\Donn‚es Ciel
2007-09-04 11:50 46,160 --a------ C:\Windows\System32\drivers\aswMonFlt.sys
2007-09-04 11:22 <REP> d-------- C:\Program Files\OFFICE One Games
2007-09-04 11:21 16,384 --a------ C:\Windows\System32\DsrSleep.dll
2007-09-04 11:20 42,912 --a------ C:\Windows\System32\drivers\aswTdi.sys
2007-09-04 11:20 23,152 --a------ C:\Windows\System32\drivers\aswRdr.sys
2007-09-04 11:19 95,608 --a------ C:\Windows\System32\AVASTSS.scr
2007-09-04 11:19 783,224 --a------ C:\Windows\System32\aswBoot.exe
2007-09-04 11:19 77,312 --a------ C:\Windows\System32\ztvunace26.dll
2007-09-04 11:19 69,632 --a------ C:\Windows\System32\ztvcabinet.dll
2007-09-04 11:19 162,304 --a------ C:\Windows\System32\ztvunrar36.dll
2007-09-04 11:19 <REP> d-------- C:\Program Files\Alwil Software

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-04 20:58 45056 --a------ C:\Windows\System32\acovcnt.exe
2007-10-02 21:43 9344 --a------ C:\Windows\system32\drivers\NSDriver.sys
2007-10-02 21:43 8320 --a------ C:\Windows\system32\drivers\AWRTRD.sys
2007-09-24 18:33 --------- d-------- C:\Program Files\Common Files\InstallShield
2007-09-24 18:21 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-09-21 08:54 --------- d-------- C:\ProgramData\Microsoft Help
2007-09-18 16:09 --------- d-------- C:\Program Files\Windows Mail
2007-09-04 15:09 174 --ahs---- C:\Program Files\desktop.ini
2007-09-04 15:05 --------- d-------- C:\Program Files\Windows Calendar
2007-09-04 15:01 8192 --a------ C:\Windows\System32\riched32.dll
2007-09-04 15:01 77824 --a------ C:\Windows\System32\rascfg.dll
2007-09-04 15:01 70144 --a------ C:\Windows\system32\drivers\pacer.sys
2007-09-04 15:01 694784 --a------ C:\Windows\System32\localspl.dll
2007-09-04 15:01 61952 --a------ C:\Windows\system32\drivers\wanarp.sys
2007-09-04 15:01 619008 --a------ C:\Windows\system32\drivers\dxgkrnl.sys
2007-09-04 15:01 52736 --a------ C:\Windows\System32\rasdiag.dll
2007-09-04 15:01 48640 --a------ C:\Windows\system32\drivers\ndproxy.sys
2007-09-04 15:01 384000 --a------ C:\Windows\System32\netcfgx.dll
2007-09-04 15:01 36864 --a------ C:\Windows\System32\cdd.dll
2007-09-04 15:01 33280 --a------ C:\Windows\System32\traffic.dll
2007-09-04 15:01 32768 --a------ C:\Windows\System32\rasmxs.dll
2007-09-04 15:01 286208 --a------ C:\Windows\System32\ipnathlp.dll
2007-09-04 15:01 22016 --a------ C:\Windows\System32\rasser.dll
2007-09-04 15:01 20480 --a------ C:\Windows\system32\drivers\ndistapi.sys
2007-09-04 15:01 15360 --a------ C:\Windows\System32\pacerprf.dll
2007-09-04 15:01 13824 --a------ C:\Windows\System32\wshqos.dll
2007-09-04 15:01 13824 --a------ C:\Windows\System32\icsunattend.exe
2007-09-04 15:01 134656 --a------ C:\Windows\System32\dps.dll
2007-09-04 14:54 537600 --a------ C:\Windows\AppPatch\AcLayers.dll
2007-09-04 14:54 449536 --a------ C:\Windows\AppPatch\AcSpecfc.dll
2007-09-04 14:54 2144256 --a------ C:\Windows\AppPatch\AcGenral.dll
2007-09-04 14:54 173056 --a------ C:\Windows\AppPatch\AcXtrnal.dll
2007-09-04 14:50 88576 --a------ C:\Windows\System32\avifil32.dll
2007-09-04 14:50 82944 --a------ C:\Windows\System32\mciavi32.dll
2007-09-04 14:50 8138240 --a------ C:\Windows\System32\ssBranded.scr
2007-09-04 14:50 712192 --a------ C:\Windows\System32\WindowsCodecs.dll
2007-09-04 14:50 69632 --a------ C:\Windows\System32\sendmail.dll
2007-09-04 14:50 65024 --a------ C:\Windows\System32\avicap32.dll
2007-09-04 14:50 61440 --a------ C:\Windows\System32\ntprint.exe
2007-09-04 14:50 3504824 --a------ C:\Windows\System32\ntkrnlpa.exe
2007-09-04 14:50 3470008 --a------ C:\Windows\System32\ntoskrnl.exe
2007-09-04 14:50 31232 --a------ C:\Windows\System32\msvidc32.dll
2007-09-04 14:50 269824 --a------ C:\Windows\System32\schannel.dll
2007-09-04 14:50 220160 --a------ C:\Windows\System32\ntprint.dll
2007-09-04 14:50 1984512 --a------ C:\Windows\System32\authui.dll
2007-09-04 14:50 12800 --a------ C:\Windows\System32\msrle32.dll
2007-09-04 14:50 1244672 --a------ C:\Windows\System32\mcmde.dll
2007-09-04 14:50 123904 --a------ C:\Windows\System32\msvfw32.dll
2007-09-04 14:50 120320 --a------ C:\Windows\System32\dhcpcsvc6.dll
2007-09-04 14:50 10240 --a------ C:\Windows\System32\dhcpcmonitor.dll
2007-09-04 14:48 56320 --a------ C:\Windows\System32\iesetup.dll
2007-09-04 14:48 52736 --a------ C:\Windows\AppPatch\iebrshim.dll
2007-09-04 14:48 5120 --a------ C:\Windows\System32\wmi.dll
2007-09-04 14:48 26624 --a------ C:\Windows\System32\ieUnatt.exe
2007-09-04 14:48 152576 --a------ C:\Windows\System32\imagehlp.dll
2007-09-04 14:48 12800 --a------ C:\Windows\system32\drivers\fs_rec.sys
2007-09-04 11:00 --------- d-------- C:\Program Files\Common Files\Symantec Shared
2007-09-04 10:57 --------- d-------- C:\ProgramData\Symantec
2007-09-01 11:22 --------- d-------- C:\ProgramData\ASUS
2007-08-31 23:02 --------- d-------- C:\Users\jean-michel\AppData\Roaming\InstallShield
.

((((((((((((((((((((((((((((( snapshot@2007-10-04_19.43.42,14 )))))))))))))))))))))))))))))))))))))))))
.
--s-a-w 67,584 2007-10-04 18:57:25 C:\Windows\bootstat.dat
--sha-w 262,144 2007-10-04 18:59:37 C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
---ha-w 262,144 2007-10-04 18:59:37 C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
--sha-w 16,384 2007-10-04 17:57:14 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
--sha-w 32,768 2007-10-04 17:57:14 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
--sha-w 16,384 2007-10-04 17:57:14 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
--sha-w 262,144 2007-10-04 18:59:31 C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
---ha-w 262,144 2007-10-04 18:59:31 C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
--sha-w 16,384 2007-10-04 19:01:58 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
--sha-w 32,768 2007-10-04 19:01:58 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
--sha-w 16,384 2007-10-04 19:01:58 C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
----a-w 70,094 2007-10-04 19:00:00 C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
----a-w 6,330 2007-10-04 19:00:00 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3642681891-1638571996-602903733-1000_UserData.bin
.
--s-a-w 67,584 2007-10-04 17:27:25 C:\Windows\bootstat.dat
--sha-w 262,144 2007-10-04 17:30:06 C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
--sha-w 16,384 2007-10-04 09:34:51 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
--sha-w 32,768 2007-10-04 09:34:51 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
--sha-w 16,384 2007-10-04 09:34:51 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
--sha-w 262,144 2007-10-04 17:30:00 C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
--sha-w 16,384 2007-10-04 17:31:05 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
--sha-w 32,768 2007-10-04 17:31:05 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
--sha-w 16,384 2007-10-04 17:31:05 C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
----a-w 69,648 2007-10-04 17:30:12 C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
----a-w 6,134 2007-10-04 17:30:12 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3642681891-1638571996-602903733-1000_UserData.bin
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-06-13 16:44]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-26 21:12]
"InCD"="C:\Program Files\Nero\Nero 7\InCD\InCD.exe" [2007-03-26 20:42]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 11:07 C:\Windows\RtHDVCpl.exe]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 11:31]
"snp2std"="C:\Windows\vsnp2std.exe" [2006-08-09 10:18]
"ATKMEDIA"="C:\Program Files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 17:27]
"ASUSTPE"="C:\Windows\system32\ASUSTPE.exe" [2006-12-13 00:06]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-22 23:27]
"ASUS Camera ScreenSaver"="C:\Windows\ASScrProlog.exe" [2007-06-13 17:03]
"ASUS Screen Saver Protector"="C:\Windows\ASScrPro.exe" [2007-06-13 17:03]
"PowerForPhone"="C:\Program Files\PowerForPhone\PowerForPhone.exe" [2007-01-16 00:17]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 12:45]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-25 08:34]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 10:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 14:35]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-09-25 08:34]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26]
OFFICE One Startup v7.lnk - C:\Program Files\OFFICE One v7\OFFICE One Startup v7\oostartupv7.exe [2007-09-04 11:31:53]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26]
OFFICE One Startup v7.lnk - C:\Program Files\OFFICE One v7\OFFICE One Startup v7\oostartupv7.exe [2007-09-04 11:31:53]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)

R2 ASLDRService;ASLDR Service;C:\Program Files\ATK Hotkey\ASLDRSrv.exe
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
R3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys
R3 RTSTOR;USB Mass Storage Device;C:\Windows\system32\drivers\RTSTOR.SYS
R3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\Windows\system32\DRIVERS\snp2sxp.sys
R3 WCPU;WCPU;\??\C:\Program Files\P4G\WCPU.sys
S2 ghaio;ghaio;\??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
S3 lvupdtio;lvupdtio;\??\C:\Program Files\ASUS\ASUS Live Update\SYS64\lvupdtio.sys
S3 NETw3v32;Intel(R) PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw3v32.sys
S3 nvlddmkm;nvlddmkm;C:\Windows\system32\DRIVERS\nvlddmkm.sys
S3 RTL8169;Realtek 8169 NT Driver;C:\Windows\system32\DRIVERS\Rtlh86.sys
S3 TPM;TPM;C:\Windows\system32\drivers\tpm.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
bthsvcs BthServ


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb363352-5c45-11dc-b21a-001bfc48379d}]
AutoRun\command- H:\LaunchU3.exe -a

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-10-04 10:35:17 C:\Windows\Tasks\User_Feed_Synchronization-{4465F063-F962-46B2-9E0B-B30357339911}.job"
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-04 21:09:51
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-04 21:12:35
C:\ComboFix-quarantined-files.txt ... 2007-10-04 21:12
C:\ComboFix2.txt ... 2007-10-04 19:45
.
--- E O F ---

Est-ce que tu as fait cette manip?

Citation :
Copie le texte se situant dans le cadre ci-dessous :

File::
c:\windows\system32\wininit.exe


Ouvre le Bloc-Notes puis colle le texte copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :


Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
S'il n'y a pas de rédémarrage, poste quand même les rapports.

oui j'ai fait ça en premier


puis j'ai refait un scan avec combo ensuite et un nouveau rapport que je t'ai posté


tu voulais le premier rapport ?
faut que je retrouve le fichier CFSCRIPT.TXT ? c'est cleui là que tu veux ?




ici c'est quichland ! désolé

04/10/2007 a 21:23:32,37

*** Recherche C:

*** Recherche C:\Windows\

*** Recherche C:\Windows\system32
C:\Windows\system32\wininit.exe FOUND
C:\Windows\system32\wininit.exe FOUND

*** Recherche C:\Program Files
*** End of the report !


désespérant ! ;o(

Re,

On va essayer autrement.
Si ça ne marche pas cette fois ....

Sélectionne le contenu du cadre ci-dessous :
Files to delete:
C:\Windows\system32\wininit.exe

Copie-colle le contenu précis de ce cadre dans ton bloc note en l’ouvrant.
Il ne doit manquer aucune ligne !

Enregistre ce fichier sur ton bureau que tu renommeras remove.txt



Télécharge The Avenger

Dézippe le sur ton bureau.

Redémarre en mode sans échec.

Lance le en double cliquant sur l’exe puis fais ok.
Sélectionne Load Script from File et clique sur l'cône en forme de dossier à droite.
Sélectionne ton fichier remove.txt se trouvant sur le bureau.

Clique sur le feu vert puis sur oui.

Le programme va te demander de redémarrer ton pc, accepte.

Poste le rapport qui se trouve ici >>C:\avenger.txt<<

-_-

Télécharge Killbox (tuto)
Dézippe-le sur ton bureau.
Sélectionne l’encadré ci-dessous, puis fais clique droit - copier
C:\Windows\system32\wininit.exe

Lance PocketKillBox , va dans "File" puis "Paste from Clipboard" (tu ne verras rien se passer).
Tu peux vérifier dans le menu déroulant que tous les fichiers sont bien présents.
Coche la case "Delete on reboot" + "unregistre dll before deleting" (dans le cas présent, pas de dll donc ..)
Clique sur "all files" et ensuite sur la croix rouge
Réponds yes aux messages qui vont s’afficher.
Si l’ordinateur ne redémarre pas, fais le manuellement.
Après redémarrage, relance Killbox. Va dans "File" puis "Logs" et "Actions History Log".
Poste le rapport.

Pocket Killbox version 2.0.0.648
Running on as jean-michel(Limited Account)
was started @ mardi, octobre 09, 2007, 7:30 AM

# 1 [Delete on Reboot]
Path = C:\Windows\system32\wininit.exe


PendingFileRenameOperations Registry Data has been Removed by External Process! @ 7:35:30 AM
# 2 [Delete on Reboot]
Path = C:\Windows\system32\wininit.exe


PendingFileRenameOperations Registry Data has been Removed by External Process! @ 7:37:01 AM
Pocket Killbox version 2.0.0.648
Running on as jean-michel(Limited Account)
was started @ mardi, octobre 09, 2007, 7:39 AM

salut !
désolé pour le retard mais bon modem a grillé !... donc trois semaine de panne avant que Neuf telecom me change mon modem (j'en ai un tout beau comme ça avec wifif.... mais bon !)

sinon j'ai fait le clean

et j'ai le même rapport :

C:\windows\ystem32\wininit.exe FOUND

Un antivirus moins performant peut quand même trouver des virus qu'un meilleur ne trouvera pas :D 
Cela peut être également une faux positif détecté par avast.
Si tu ne me donnes pas de localisation + nom + extension, je ne peux rien faire..

Antivir est Gratuit et bien mieux qu'avast.

Fais ceci pour te rassurer :

Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer. (Tuto)
Autorise les active x.
Clique sur Démarrer Online Scanner.
Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
Colle son rapport ici.
Lassé par la pub ? Créez un compte

Créer un nouveau sujet

Tom's guide dans le monde