infection virus

bonjour et

tu as réinstallé quoi au juste?

~Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4
Double-clique VundoFix.exe afin de le lancer
Clique sur le bouton Scan for Vundo.
~Lorsque le scan est complété, clique sur le bouton Remove Vundo
Une invite te demandera si tu veux supprimer les fichiers, clique YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK.
~Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo

Logfile of HijackThis v1.99.1
Scan saved at 13:31:43, on 17/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Softwin\BitDefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\PowerArchiver\PASTARTER.EXE
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\PowerArchiver\POWERARC.EXE
C:\DOCUME~1\SM!LE~1.PCT\LOCALS~1\Temp\_PA3\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender8\\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Program Files\Softwin\BitDefender8\\bdnagent.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UIUCU] C:\DOCUME~1\ADMINI~1.PCT\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?fff754e0970b4a99bebe5a5232c46d3b
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?fff754e0970b4a99bebe5a5232c46d3b
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr
O15 - Trusted Zone: http://www.01net.com
O15 - Trusted Zone: http://www.google.fr
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\ksudldbe.exe (file missing)
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)








et le rapport vundo







VundoFix V6.5.10

Checking Java version...

Scan started at 13:07:14 17/08/2007

Listing files found while scanning....

C:\WINDOWS\system32\iesofhhs.ini
C:\WINDOWS\system32\mdhbbrll.dll
C:\WINDOWS\system32\shhfosei.dll
C:\WINDOWS\system32\uayxilwz.dll
C:\WINDOWS\system32\wvursss.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\iesofhhs.ini
C:\WINDOWS\system32\iesofhhs.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\mdhbbrll.dll
C:\WINDOWS\system32\mdhbbrll.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\uayxilwz.dll
C:\WINDOWS\system32\uayxilwz.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\wvursss.dll
C:\WINDOWS\system32\wvursss.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\wvursss.dll
C:\WINDOWS\system32\wvursss.dll Has been deleted!

Performing Repairs to the registry.
Done!

ok

Télécharge Combofix de sUBs :
combofix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix, Il va te poser une question, réponds en appuyant sur la touche1 puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé. Poste le rapport.

ajoute un nouveau rapport Hijackthis.

ComboFix 07-10-17.8@ - Sm!Le 2007-08-17 18:11:17.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.220 [GMT 0:00]
Running from: C:\Documents and Settings\Sm!Le.PCTITAN\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Hammer.dll
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\kkjjl.bak1
C:\WINDOWS\system32\kkjjl.bak1
C:\WINDOWS\system32\kkjjl.bak2
C:\WINDOWS\system32\kkjjl.bak2
C:\WINDOWS\system32\kkjjl.ini
C:\WINDOWS\system32\kkjjl.ini
C:\WINDOWS\system32\ljjkk.dll
C:\WINDOWS\system32\ljjkk.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_DOMAINSERVICE
-------\DomainService


((((((((((((((((((((((((((((( Fichiers créés 2007-09-17 to 2007-10-17 ))))))))))))))))))))))))))))))))))))
.

2007-10-17 18:12 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-10-16 21:20 <REP> d-------- C:\Documents and Settings\Sm!Le.PCTITAN\Application Data\OpenOffice.org2
2007-10-16 21:16 <REP> d-------- C:\Program Files\OpenOffice.org 2.0
2007-10-16 18:46 72,704 --------- C:\WINDOWS\system32\dllcache\hlink.dll
2007-10-16 18:25 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Messenger Plus!
2007-10-16 17:12 <REP> d-------- C:\Documents and Settings\Sm!Le.PCTITAN\Contacts
2007-10-16 17:07 <REP> d-------- C:\Program Files\Windows Live Favorites
2007-10-16 17:07 <REP> d-------- C:\Program Files\Windows Live
2007-10-16 17:07 <REP> d-------- C:\Program Files\Messenger Plus! Live
2007-10-16 17:05 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Live Toolbar
2007-10-16 17:05 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-10-16 17:05 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-10-16 17:04 1,712,984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-10-16 17:04 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-10-16 17:04 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-10-16 17:04 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-10-16 17:04 53,080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-10-16 17:04 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2007-10-16 17:04 33,624 --a------ C:\WINDOWS\system32\wups.dll
2007-10-16 17:04 25,944 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-10-16 17:02 <REP> d-------- C:\Program Files\Windows Live Toolbar
2007-10-16 17:01 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-10-16 17:00 <REP> d-------- C:\Program Files\MSN Messenger
2007-10-16 14:18 <REP> d-------- C:\Documents and Settings\Sm!Le.PCTITAN\Application Data\Talkback
2007-10-16 14:17 0 --a------ C:\WINDOWS\nsreg.dat
2007-10-16 14:16 <REP> d-------- C:\Program Files\mozilla.org
2007-10-16 02:30 <REP> d-------- C:\Documents and Settings\Sm!Le.PCTITAN\Bluetooth Software
2007-10-16 02:29 <REP> d--h----- C:\Documents and Settings\Sm!Le.PCTITAN\Voisinage r‚seau
2007-10-16 02:29 <REP> d--h----- C:\Documents and Settings\Sm!Le.PCTITAN\Voisinage d'impression
2007-10-16 02:29 <REP> d--h----- C:\Documents and Settings\Sm!Le.PCTITAN\ModŠles
2007-10-16 02:29 <REP> dr------- C:\Documents and Settings\Sm!Le.PCTITAN\Mes documents
2007-10-16 02:29 <REP> dr------- C:\Documents and Settings\Sm!Le.PCTITAN\Menu D‚marrer
2007-10-16 02:29 <REP> dr------- C:\Documents and Settings\Sm!Le.PCTITAN\Favoris
2007-10-16 02:29 <REP> d-------- C:\Documents and Settings\Sm!Le.PCTITAN\Bureau
2007-10-15 20:30 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-10-15 20:29 154,112 --a------ C:\WINDOWS\system32\irftp.exe
2007-10-15 20:29 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys
2007-10-15 20:29 58,496 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-10-15 20:29 36,937 --a------ C:\WINDOWS\system32\drivers\smcirda.sys
2007-10-15 20:29 28,160 --a------ C:\WINDOWS\system32\irmon.dll
2007-10-15 20:29 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys
2007-10-15 20:29 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2007-10-15 20:29 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2007-10-15 20:28 77,312 --a------ C:\WINDOWS\system32\usbui.dll
2007-10-15 20:28 42,368 --a------ C:\WINDOWS\system32\drivers\AGP440.SYS
2007-10-15 20:28 20,992 --a------ C:\WINDOWS\system32\drivers\RTL8139.sys
2007-10-15 20:28 14,080 --a------ C:\WINDOWS\system32\drivers\CmBatt.sys
2007-10-15 20:28 14,080 --a------ C:\WINDOWS\system32\drivers\battc.sys
2007-10-15 20:28 9,344 --a------ C:\WINDOWS\system32\drivers\compbatt.sys
2007-10-15 20:28 5,504 --a------ C:\WINDOWS\system32\drivers\intelide.sys
2007-10-15 20:26 <REP> d--h----- C:\Documents and Settings\Default User.WINDOWS\Voisinage r‚seau
2007-10-15 20:26 <REP> d--h----- C:\Documents and Settings\Default User.WINDOWS\Voisinage d'impression
2007-10-15 20:26 <REP> d--h----- C:\Documents and Settings\Default User.WINDOWS\ModŠles
2007-10-15 20:26 <REP> d-------- C:\Documents and Settings\Default User.WINDOWS\Mes documents
2007-10-15 20:26 <REP> dr------- C:\Documents and Settings\Default User.WINDOWS\Menu D‚marrer
2007-10-15 20:26 <REP> d-------- C:\Documents and Settings\Default User.WINDOWS\Favoris
2007-10-15 20:26 <REP> d-------- C:\Documents and Settings\Default User.WINDOWS\Bureau
2007-10-15 20:26 <REP> d--h----- C:\Documents and Settings\All Users.WINDOWS\ModŠles
2007-10-15 20:26 <REP> dr------- C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer
2007-10-15 20:26 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Favoris
2007-10-15 20:26 <REP> dr------- C:\Documents and Settings\All Users.WINDOWS\Documents
2007-10-15 20:26 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Bureau
2007-10-15 19:38 1,285,632 --a------ C:\WINDOWS\system32\SMMedia.dll
2007-10-15 19:38 991,232 --a------ C:\WINDOWS\system32\virtear.dll
2007-10-15 19:38 765,952 --a------ C:\WINDOWS\system\crlds3d.dll
2007-10-15 19:38 65,536 --a------ C:\WINDOWS\system32\Audio3d.dll
2007-10-15 19:38 49,152 --a------ C:\WINDOWS\system32\DSndUp.exe
2007-10-15 19:38 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe
2007-10-15 19:38 30,208 --a------ C:\WINDOWS\system32\wdmioctl.dll
2007-10-15 19:28 208,896 --a------ C:\WINDOWS\system32\wmpns.dll
2007-10-15 19:24 53,248 --a------ C:\WINDOWS\iwlandrvxpver.dll
2007-10-15 19:05 371,712 --------- C:\WINDOWS\system32\drivers\BCMWL5.SYS
2007-10-15 19:05 176,128 --------- C:\WINDOWS\system32\bcmwlu00.EXE
2007-10-15 19:05 81,920 --a------ C:\WINDOWS\system32\SynTPCo2.dll
2007-10-15 19:05 69,632 --------- C:\WINDOWS\system32\bcmwlD2K.EXE
2007-10-15 19:03 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-10-15 19:03 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-10-15 19:03 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-10-15 19:02 <REP> d-------- C:\Documents and Settings\Administrateur.PCTITAN\Bluetooth Software
2007-10-15 18:53 <REP> d-------- C:\Program Files\Synaptics
2007-10-15 18:53 186,016 --a------ C:\WINDOWS\system32\drivers\SynTP.sys
2007-10-15 18:53 114,688 --a------ C:\WINDOWS\system32\SynCtrl.dll
2007-10-15 18:53 90,202 --a------ C:\WINDOWS\system32\SynTPAPI.dll
2007-10-15 18:53 77,917 --a------ C:\WINDOWS\system32\SynCOM.dll
2007-10-15 18:53 77,824 --a------ C:\WINDOWS\system32\SynTPCoI.dll
2007-10-15 18:53 69,722 --a------ C:\WINDOWS\system32\SynTPFcs.dll
2007-10-15 18:46 <REP> d-------- C:\Program Files\TagRename
2007-10-15 18:46 59,472 --a------ C:\WINDOWS\system32\drivers\Teefer.sys
2007-10-15 18:46 21,075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys
2007-10-15 18:46 14,320 --a------ C:\WINDOWS\system32\drivers\wg6n.sys
2007-10-15 18:46 14,320 --a------ C:\WINDOWS\system32\drivers\wg5n.sys
2007-10-15 18:46 14,320 --a------ C:\WINDOWS\system32\drivers\wg4n.sys
2007-10-15 18:46 14,320 --a------ C:\WINDOWS\system32\drivers\wg3n.sys
2007-10-15 18:45 <REP> d-------- C:\Program Files\Sygate
2007-10-15 18:45 <REP> d-------- C:\Program Files\PowerArchiver
2007-10-15 18:44 <REP> d-------- C:\Program Files\TorrentStorm
2007-10-15 18:43 <REP> d-------- C:\Program Files\Java
2007-10-15 18:39 <REP> d--h----- C:\Documents and Settings\Administrateur.PCTITAN\Voisinage r‚seau
2007-10-15 18:39 <REP> d--h----- C:\Documents and Settings\Administrateur.PCTITAN\Voisinage d'impression
2007-10-15 18:39 <REP> d--h----- C:\Documents and Settings\Administrateur.PCTITAN\ModŠles

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-16 02:26 61,440 ----a-w C:\WINDOWS\system32\sockspy.dll
2007-10-15 18:45 --------- d-----w C:\Program Files\K-Lite Codec Pack
2007-10-15 18:44 --------- d-----w C:\Program Files\Ant Movie Catalog
2007-10-13 21:08 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2007-10-13 21:08 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2007-10-13 19:27 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-10-13 19:26 --------- d-----w C:\Program Files\Fichiers communs\Java
2007-10-13 19:17 --------- d-----w C:\Program Files\OutilsTITAN
2007-10-13 19:14 --------- d-----w C:\Program Files\Services en ligne
2007-10-13 19:14 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-08-17 00:37 389,184 ----a-w C:\WINDOWS\system32\sfcwhfkp.exe
2007-08-17 00:25 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\ConeXware
2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [2002-03-19 15:30]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-06-30 14:56]
"BDMCon"="C:\Program Files\Softwin\BitDefender8\\bdmcon.exe" [2007-10-16 02:26]
"BDOESRV"="C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe" [2007-10-16 02:26]
"BDNewsAgent"="C:\Program Files\Softwin\BitDefender8\\bdnagent.exe" [2007-10-16 02:26]
"BDSwitchAgent"="C:\Program Files\Softwin\BitDefender8\\bdswitch.exe" [2007-10-16 02:26]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 16:40]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 16:38]
"UIUCU"="C:\DOCUME~1\ADMINI~1.PCT\LOCALS~1\Temp\UIUCU.exe" [2004-07-08 07:43]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 13:24 C:\WINDOWS\system32\Ati2mdxx.exe]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-01-20 19:10]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 07:11]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2004-09-23 10:41]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 10:55]
"PowerArchiver Tray"="C:\Program Files\PowerArchiver\PASTARTER.EXE" [2007-03-20 20:39]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktopCleanupWizard"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"=1 (0x1)
"NoSMBalloonTip"=0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"=1 (0x1)
"NoSMBalloonTip"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"= sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\ljjkk.dll


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService Alerter WebClient LmHosts upnphost SSDPSRV

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-10-16 20:35:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-17 18:17:05
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-10-17 18:18:04 - machine was rebooted
.
--- E O F ---




voili voilou merci bcp de votre aide!

bonsoir

tu peux reposter un log hijackthis?