Problème avec le Win32 [Résolu]

Xtrem2811

17 Février 2008 12:34:35

Bonjour,
Qaund je click pour démarrer mon antivirus j'ai un message qui s'affiche et qui me dit que C:\Program Files\Alwil Software\Avast4\ashAvast.exe n'est pas une application Win32 valide.
Qu'est que je dois faire svp
Merci d'avance.

Autres pages sur : probleme win32 resolu

| Etre averti des réponses
| Alerter

Répondre à Xtrem2811

Angeldark

17 Février 2008 12:37:17

Bonjour,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

Télécharge Combo-fix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur combo-fix.exe afin de le lancer.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

| Alerter

Répondre à Angeldark

Xtrem2811

17 Février 2008 12:50:18

Re,
voici le rapport de ComboFix :

ComboFix 08-02-15.1 - Mi©K 2008-02-17 13:41:42.5 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.604 [GMT 1:00]
Endroit: C:\Documents and Settings\Mi©K\Bureau\Combo-Fix.exe
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\drivers\down
C:\WINDOWS\system32\drivers\down\100453.exe
C:\WINDOWS\system32\drivers\down\101343.exe
C:\WINDOWS\system32\drivers\down\101671.exe
C:\WINDOWS\system32\drivers\down\102171.exe
C:\WINDOWS\system32\drivers\down\103109.exe
C:\WINDOWS\system32\drivers\down\103156.exe
C:\WINDOWS\system32\drivers\down\103484.exe
C:\WINDOWS\system32\drivers\down\103609.exe
C:\WINDOWS\system32\drivers\down\104015.exe
C:\WINDOWS\system32\drivers\down\104734.exe
C:\WINDOWS\system32\drivers\down\105890.exe
C:\WINDOWS\system32\drivers\down\106296.exe
C:\WINDOWS\system32\drivers\down\107859.exe
C:\WINDOWS\system32\drivers\down\108875.exe
C:\WINDOWS\system32\drivers\down\110078.exe
C:\WINDOWS\system32\drivers\down\111031.exe
C:\WINDOWS\system32\drivers\down\111515.exe
C:\WINDOWS\system32\drivers\down\111593.exe
C:\WINDOWS\system32\drivers\down\112531.exe
C:\WINDOWS\system32\drivers\down\112828.exe
C:\WINDOWS\system32\drivers\down\113218.exe
C:\WINDOWS\system32\drivers\down\114828.exe
C:\WINDOWS\system32\drivers\down\115437.exe
C:\WINDOWS\system32\drivers\down\115875.exe
C:\WINDOWS\system32\drivers\down\116500.exe
C:\WINDOWS\system32\drivers\down\117234.exe
C:\WINDOWS\system32\drivers\down\118296.exe
C:\WINDOWS\system32\drivers\down\118968.exe
C:\WINDOWS\system32\drivers\down\120468.exe
C:\WINDOWS\system32\drivers\down\120640.exe
C:\WINDOWS\system32\drivers\down\120734.exe
C:\WINDOWS\system32\drivers\down\121140.exe
C:\WINDOWS\system32\drivers\down\121531.exe
C:\WINDOWS\system32\drivers\down\122812.exe
C:\WINDOWS\system32\drivers\down\123281.exe
C:\WINDOWS\system32\drivers\down\123343.exe
C:\WINDOWS\system32\drivers\down\123734.exe
C:\WINDOWS\system32\drivers\down\123953.exe
C:\WINDOWS\system32\drivers\down\124484.exe
C:\WINDOWS\system32\drivers\down\125593.exe
C:\WINDOWS\system32\drivers\down\126218.exe
C:\WINDOWS\system32\drivers\down\126250.exe
C:\WINDOWS\system32\drivers\down\126281.exe
C:\WINDOWS\system32\drivers\down\126703.exe
C:\WINDOWS\system32\drivers\down\126984.exe
C:\WINDOWS\system32\drivers\down\127234.exe
C:\WINDOWS\system32\drivers\down\128241875.exe
C:\WINDOWS\system32\drivers\down\128734.exe
C:\WINDOWS\system32\drivers\down\129671.exe
C:\WINDOWS\system32\drivers\down\130546.exe
C:\WINDOWS\system32\drivers\down\131125.exe
C:\WINDOWS\system32\drivers\down\132171.exe
C:\WINDOWS\system32\drivers\down\132390.exe
C:\WINDOWS\system32\drivers\down\133843.exe
C:\WINDOWS\system32\drivers\down\134250.exe
C:\WINDOWS\system32\drivers\down\134781.exe
C:\WINDOWS\system32\drivers\down\135312.exe
C:\WINDOWS\system32\drivers\down\136390.exe
C:\WINDOWS\system32\drivers\down\136484.exe
C:\WINDOWS\system32\drivers\down\138078.exe
C:\WINDOWS\system32\drivers\down\138515.exe
C:\WINDOWS\system32\drivers\down\139546.exe
C:\WINDOWS\system32\drivers\down\139750.exe
C:\WINDOWS\system32\drivers\down\141375.exe
C:\WINDOWS\system32\drivers\down\143156.exe
C:\WINDOWS\system32\drivers\down\143218.exe
C:\WINDOWS\system32\drivers\down\145296.exe
C:\WINDOWS\system32\drivers\down\145359.exe
C:\WINDOWS\system32\drivers\down\146406.exe
C:\WINDOWS\system32\drivers\down\14679015.exe
C:\WINDOWS\system32\drivers\down\14691890.exe
C:\WINDOWS\system32\drivers\down\14694906.exe
C:\WINDOWS\system32\drivers\down\146968.exe
C:\WINDOWS\system32\drivers\down\14712968.exe
C:\WINDOWS\system32\drivers\down\14712984.exe
C:\WINDOWS\system32\drivers\down\14717656.exe
C:\WINDOWS\system32\drivers\down\14719390.exe
C:\WINDOWS\system32\drivers\down\14721765.exe
C:\WINDOWS\system32\drivers\down\14723656.exe
C:\WINDOWS\system32\drivers\down\14733625.exe
C:\WINDOWS\system32\drivers\down\14736078.exe
C:\WINDOWS\system32\drivers\down\14736984.exe
C:\WINDOWS\system32\drivers\down\14737156.exe
C:\WINDOWS\system32\drivers\down\14737390.exe
C:\WINDOWS\system32\drivers\down\14739609.exe
C:\WINDOWS\system32\drivers\down\14740984.exe
C:\WINDOWS\system32\drivers\down\147515.exe
C:\WINDOWS\system32\drivers\down\14767734.exe
C:\WINDOWS\system32\drivers\down\14770328.exe
C:\WINDOWS\system32\drivers\down\149703.exe
C:\WINDOWS\system32\drivers\down\150812.exe
C:\WINDOWS\system32\drivers\down\151593.exe
C:\WINDOWS\system32\drivers\down\151984.exe
C:\WINDOWS\system32\drivers\down\153734.exe
C:\WINDOWS\system32\drivers\down\158218.exe
C:\WINDOWS\system32\drivers\down\160859.exe
C:\WINDOWS\system32\drivers\down\161671.exe
C:\WINDOWS\system32\drivers\down\163718.exe
C:\WINDOWS\system32\drivers\down\166953.exe
C:\WINDOWS\system32\drivers\down\171343.exe
C:\WINDOWS\system32\drivers\down\171515.exe
C:\WINDOWS\system32\drivers\down\172015.exe
C:\WINDOWS\system32\drivers\down\179109.exe
C:\WINDOWS\system32\drivers\down\187765.exe
C:\WINDOWS\system32\drivers\down\190265.exe
C:\WINDOWS\system32\drivers\down\195515.exe
C:\WINDOWS\system32\drivers\down\201125.exe
C:\WINDOWS\system32\drivers\down\201921.exe
C:\WINDOWS\system32\drivers\down\203343.exe
C:\WINDOWS\system32\drivers\down\206031.exe
C:\WINDOWS\system32\drivers\down\206546.exe
C:\WINDOWS\system32\drivers\down\208359.exe
C:\WINDOWS\system32\drivers\down\208796.exe
C:\WINDOWS\system32\drivers\down\209484.exe
C:\WINDOWS\system32\drivers\down\213296.exe
C:\WINDOWS\system32\drivers\down\215312.exe
C:\WINDOWS\system32\drivers\down\215328.exe
C:\WINDOWS\system32\drivers\down\220203.exe
C:\WINDOWS\system32\drivers\down\250062.exe
C:\WINDOWS\system32\drivers\down\255718.exe
C:\WINDOWS\system32\drivers\down\29179546.exe
C:\WINDOWS\system32\drivers\down\29189375.exe
C:\WINDOWS\system32\drivers\down\29192578.exe
C:\WINDOWS\system32\drivers\down\29206265.exe
C:\WINDOWS\system32\drivers\down\29206281.exe
C:\WINDOWS\system32\drivers\down\29210625.exe
C:\WINDOWS\system32\drivers\down\29212031.exe
C:\WINDOWS\system32\drivers\down\29213640.exe
C:\WINDOWS\system32\drivers\down\29215734.exe
C:\WINDOWS\system32\drivers\down\29220296.exe
C:\WINDOWS\system32\drivers\down\29222546.exe
C:\WINDOWS\system32\drivers\down\29222750.exe
C:\WINDOWS\system32\drivers\down\29223093.exe
C:\WINDOWS\system32\drivers\down\29223531.exe
C:\WINDOWS\system32\drivers\down\29224937.exe
C:\WINDOWS\system32\drivers\down\29226187.exe
C:\WINDOWS\system32\drivers\down\29252281.exe
C:\WINDOWS\system32\drivers\down\29254156.exe
C:\WINDOWS\system32\drivers\down\43663328.exe
C:\WINDOWS\system32\drivers\down\43665312.exe
C:\WINDOWS\system32\drivers\down\43667171.exe
C:\WINDOWS\system32\drivers\down\43670968.exe
C:\WINDOWS\system32\drivers\down\43684156.exe
C:\WINDOWS\system32\drivers\down\43684656.exe
C:\WINDOWS\system32\drivers\down\43688593.exe
C:\WINDOWS\system32\drivers\down\43690234.exe
C:\WINDOWS\system32\drivers\down\43691734.exe
C:\WINDOWS\system32\drivers\down\43695796.exe
C:\WINDOWS\system32\drivers\down\43701203.exe
C:\WINDOWS\system32\drivers\down\43703687.exe
C:\WINDOWS\system32\drivers\down\43704734.exe
C:\WINDOWS\system32\drivers\down\43705125.exe
C:\WINDOWS\system32\drivers\down\43705515.exe
C:\WINDOWS\system32\drivers\down\43707156.exe
C:\WINDOWS\system32\drivers\down\43711593.exe
C:\WINDOWS\system32\drivers\down\43737890.exe
C:\WINDOWS\system32\drivers\down\43739921.exe
C:\WINDOWS\system32\drivers\down\54984.exe
C:\WINDOWS\system32\drivers\down\55031.exe
C:\WINDOWS\system32\drivers\down\58152484.exe
C:\WINDOWS\system32\drivers\down\58168125.exe
C:\WINDOWS\system32\drivers\down\58171296.exe
C:\WINDOWS\system32\drivers\down\58189562.exe
C:\WINDOWS\system32\drivers\down\58189578.exe
C:\WINDOWS\system32\drivers\down\58192984.exe
C:\WINDOWS\system32\drivers\down\58194296.exe
C:\WINDOWS\system32\drivers\down\58199078.exe
C:\WINDOWS\system32\drivers\down\58203703.exe
C:\WINDOWS\system32\drivers\down\58208875.exe
C:\WINDOWS\system32\drivers\down\58211109.exe
C:\WINDOWS\system32\drivers\down\58213187.exe
C:\WINDOWS\system32\drivers\down\58213500.exe
C:\WINDOWS\system32\drivers\down\58213906.exe
C:\WINDOWS\system32\drivers\down\58215578.exe
C:\WINDOWS\system32\drivers\down\58216859.exe
C:\WINDOWS\system32\drivers\down\58243125.exe
C:\WINDOWS\system32\drivers\down\58245968.exe
C:\WINDOWS\system32\drivers\down\59171.exe
C:\WINDOWS\system32\drivers\down\61656.exe
C:\WINDOWS\system32\drivers\down\62593.exe
C:\WINDOWS\system32\drivers\down\62812.exe
C:\WINDOWS\system32\drivers\down\63718.exe
C:\WINDOWS\system32\drivers\down\65109.exe
C:\WINDOWS\system32\drivers\down\68078.exe
C:\WINDOWS\system32\drivers\down\69796.exe
C:\WINDOWS\system32\drivers\down\72218.exe
C:\WINDOWS\system32\drivers\down\72781.exe
C:\WINDOWS\system32\drivers\down\73453.exe
C:\WINDOWS\system32\drivers\down\74968.exe
C:\WINDOWS\system32\drivers\down\75468.exe
C:\WINDOWS\system32\drivers\down\77328.exe
C:\WINDOWS\system32\drivers\down\77828.exe
C:\WINDOWS\system32\drivers\down\78750.exe
C:\WINDOWS\system32\drivers\down\78796.exe
C:\WINDOWS\system32\drivers\down\79812.exe
C:\WINDOWS\system32\drivers\down\80078.exe
C:\WINDOWS\system32\drivers\down\84718.exe
C:\WINDOWS\system32\drivers\down\85000.exe
C:\WINDOWS\system32\drivers\down\85171.exe
C:\WINDOWS\system32\drivers\down\86203.exe
C:\WINDOWS\system32\drivers\down\86718.exe
C:\WINDOWS\system32\drivers\down\86937.exe
C:\WINDOWS\system32\drivers\down\88750.exe
C:\WINDOWS\system32\drivers\down\89906.exe
C:\WINDOWS\system32\drivers\down\90875.exe
C:\WINDOWS\system32\drivers\down\92109.exe
C:\WINDOWS\system32\drivers\down\92609.exe
C:\WINDOWS\system32\drivers\down\94250.exe
C:\WINDOWS\system32\drivers\down\94750.exe
C:\WINDOWS\system32\drivers\down\94953.exe
C:\WINDOWS\system32\drivers\down\96390.exe
C:\WINDOWS\system32\drivers\down\96593.exe
C:\WINDOWS\system32\drivers\down\97343.exe
C:\WINDOWS\system32\drivers\down\98062.exe
C:\WINDOWS\system32\drivers\down\98640.exe
C:\WINDOWS\system32\drivers\down\99359.exe
C:\WINDOWS\system32\drivers\down\99406.exe
C:\WINDOWS\system32\drivers\down\99921.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_SROSA
-------\srosa

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-17 to 2008-02-17 ))))))))))))))))))))))))))))))))))))
.

2008-02-17 13:39 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-17 13:39 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-17 13:39 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-17 13:39 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-17 13:39 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-17 13:39 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-17 13:38 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-17 12:42 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-17 12:30 . 2008-02-17 12:30 <REP> d-------- C:\WINDOWS\Sun
2008-02-17 12:08 . 2008-02-17 12:42 <REP> d-------- C:\Program Files\Java
2008-02-17 12:07 . 2008-02-17 12:07 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-02-17 11:45 . 2008-02-17 11:48 <REP> d-------- C:\Program Files\LClock
2008-02-15 16:08 . 2008-02-15 16:08 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Emjysoft
2008-02-14 17:42 . 2008-02-14 17:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Emjysoft
2008-02-14 17:39 . 2008-02-14 17:39 <REP> d-------- C:\Program Files\Emjysoft
2008-02-13 20:56 . 2008-02-13 20:57 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-02-13 17:41 . 2008-02-13 17:41 <REP> dr------- C:\Documents and Settings\All Users\Application Data\SalesMon
2008-02-13 16:06 . 2008-02-13 16:06 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-02-13 16:06 . 2008-02-13 16:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-02-13 16:06 . 2008-02-13 16:27 59,424 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-02-13 16:06 . 2008-02-13 16:27 4,384 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-02-13 16:06 . 2008-02-13 16:27 3,860 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-02-13 16:06 . 2008-02-13 16:27 1,484 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-02-13 14:35 . 2008-02-13 14:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-02-13 14:01 . 2006-03-02 13:00 428,032 --a------ C:\kmd.exe
2008-02-10 14:10 . 2008-02-10 14:10 <REP> d-------- C:\Program Files\id Software
2008-02-10 11:38 . 2008-02-10 11:38 <REP> d--hs---- C:\WINDOWS\ftpcache
2008-02-10 11:09 . 2008-02-10 11:09 319 --a------ C:\WINDOWS\game.ini
2008-02-10 11:05 . 2008-02-10 11:05 <REP> d-------- C:\Program Files\Activision
2008-02-10 10:37 . 2007-08-14 23:16 1,335,296 --a------ C:\WINDOWS\system32\msxml6.dll
2008-02-10 10:37 . 2007-08-14 23:16 2,048 --a------ C:\WINDOWS\system32\msxml6r.dll
2008-02-10 10:36 . 2008-02-10 10:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\VadeRetro
2008-02-10 10:36 . 1999-02-22 16:46 148,992 --a------ C:\WINDOWS\UNWISE.EXE
2008-02-10 10:36 . 1998-12-23 08:19 5,891 --a------ C:\WINDOWS\UNWISE.INI
2008-02-04 20:22 . 2008-02-04 20:22 <REP> d-------- C:\WINDOWS\Mozilla
2008-02-03 17:49 . 2008-02-13 17:37 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-03 17:49 . 2008-02-10 13:48 37,888 --a------ C:\WINDOWS\system32\rar.exe
2008-02-03 14:35 . 2008-02-03 14:35 <REP> d-------- C:\Fichier texte
2008-02-03 13:37 . 2004-01-09 11:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-03 12:01 . 2008-02-03 12:03 <REP> d-------- C:\Program Files\Serious Sam 2
2008-02-02 15:11 . 2008-02-02 15:11 <REP> d-------- C:\Program Files\Lavasoft
2008-02-02 15:11 . 2008-02-02 15:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-02-02 15:09 . 2008-02-02 15:10 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-30 17:20 . 2008-01-30 17:20 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-01-30 17:20 . 2007-11-29 23:30 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-01-30 17:20 . 2007-12-04 02:33 682,496 --a------ C:\WINDOWS\system32\divx.dll
2008-01-30 17:20 . 2006-09-24 16:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2008-01-30 17:20 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-01-30 17:20 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll
2008-01-30 17:20 . 2007-09-21 01:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2008-01-30 17:20 . 2007-11-29 23:28 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
2008-01-30 17:20 . 2007-12-24 13:49 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-01-30 17:20 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-01-30 17:20 . 2007-10-03 16:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2008-01-26 19:45 . 2008-01-26 19:46 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Winamp
2008-01-26 19:45 . 2008-01-26 19:45 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\MiniLyrics
2008-01-25 18:08 . 2008-01-25 18:08 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-01-25 18:07 . 2008-01-25 18:07 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-01-25 18:07 . 2008-01-25 18:07 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-01-25 16:57 . 2008-02-13 17:15 <REP> d-------- C:\Documents and Settings\Alexis\Contacts
2008-01-24 21:17 . 2008-01-24 21:19 <REP> d-------- C:\Program Files\TVAnts
2008-01-23 17:10 . 2008-01-06 12:45 <REP> d--h----- C:\Documents and Settings\Alexis\Voisinage r‚seau
2008-01-23 17:10 . 2008-01-06 12:45 <REP> d--h----- C:\Documents and Settings\Alexis\Voisinage d'impression
2008-01-23 17:10 . 2008-01-06 12:37 <REP> d--h----- C:\Documents and Settings\Alexis\ModŠles
2008-01-23 17:10 . 2008-02-13 17:47 <REP> d---s---- C:\Documents and Settings\Alexis\Mes documents
2008-01-23 17:10 . 2008-01-06 12:45 <REP> dr------- C:\Documents and Settings\Alexis\Menu D‚marrer
2008-01-23 17:10 . 2008-01-23 17:10 <REP> d---s---- C:\Documents and Settings\Alexis\Favoris
2008-01-23 17:10 . 2008-02-13 17:21 <REP> d-------- C:\Documents and Settings\Alexis\Bureau
2008-01-22 20:23 . 2008-01-22 20:23 <REP> d-------- C:\Program Files\Everest Ultimate Edition 2007
2008-01-22 20:22 . 2008-01-22 20:22 <REP> d-------- C:\Program Files\Lavalys
2008-01-20 18:34 . 2008-01-20 18:36 <REP> d-------- C:\WINDOWS\NV3348528.TMP
2008-01-20 18:34 . 2007-12-17 13:53 159,458 --a------ C:\WINDOWS\system32\nvapps.nvb
2008-01-20 18:33 . 2008-01-21 20:00 <REP> dr------- C:\NVIDIA
2008-01-20 18:26 . 2008-01-20 18:28 <REP> d-------- C:\Program Files\PhotoFiltre
2008-01-20 18:25 . 2004-10-08 11:59 326,656 --a------ C:\WINDOWS\system32\drivers\Camdrl.sys
2008-01-20 18:10 . 2008-01-20 18:10 <REP> d-------- C:\WINDOWS\system32\Lang
2008-01-20 18:10 . 2008-01-20 18:10 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav
2008-01-20 18:10 . 2008-01-20 18:10 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-17 12:38 --------- d-----r C:\Program Files\Alwil Software
2008-02-17 12:35 942,080 ----a-w C:\Program Files\Scanner.exe
2008-02-13 19:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-02-13 17:09 9,729 ----a-w C:\Program Files\hijackthis.log
2008-02-10 10:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-03 19:36 --------- d-----w C:\Program Files\Lyrics
2008-02-03 17:14 --------- d-----w C:\Program Files\Steam
2008-02-02 20:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-01-22 08:55 --------- d-----r C:\Program Files\Mozilla Thunderbird
2008-01-21 18:58 --------- d-----r C:\Program Files\Intel
2008-01-20 17:24 --------- d-----r C:\Program Files\Logitech
2008-01-16 18:52 --------- d-----w C:\Program Files\Veoh Networks
2008-01-16 14:03 --------- d-----w C:\Program Files\BitTorrent
2008-01-16 14:02 --------- d-----w C:\Program Files\BitTorrent_DNA
2008-01-16 13:57 --------- d-----w C:\Program Files\DivX
2008-01-15 17:58 --------- d-----w C:\Program Files\QuickTime
2008-01-15 17:57 --------- d-----w C:\Program Files\Apple Software Update
2008-01-15 17:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-15 17:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-01-13 17:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Corporation
2008-01-13 17:19 --------- d-----r C:\Program Files\Yahoo!
2008-01-13 17:06 --------- d-----w C:\Program Files\Fichiers communs\Sony Shared
2008-01-13 17:04 --------- d-----w C:\Program Files\Common Files
2008-01-13 16:55 --------- d-----w C:\Program Files\Samsung
2008-01-10 19:38 --------- d-----w C:\Program Files\StuffPlug3
2008-01-10 17:46 --------- d-----w C:\Program Files\Microsoft Works
2008-01-10 17:45 --------- d-----w C:\Program Files\MSBuild
2008-01-09 14:08 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared
2008-01-09 14:08 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-01-09 14:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-01-08 19:24 --------- d-----w C:\Program Files\Nero
2008-01-08 19:24 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-01-07 18:35 --------- d-----w C:\Program Files\Dofus
2008-01-07 17:48 --------- d-----r C:\Program Files\Windows Live
2008-01-07 13:39 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-07 13:38 --------- d-----w C:\Program Files\MSXML 4.0
2008-01-06 17:42 --------- d-----w C:\Program Files\KONAMI
2008-01-06 16:57 --------- d-----w C:\Program Files\Fichiers communs\FotoWire
2008-01-06 16:56 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2008-01-06 16:55 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
2008-01-06 16:43 82,380 ----a-w C:\WINDOWS\system32\drivers\AFS2K.SYS
2008-01-06 16:43 --------- d-----w C:\Program Files\Hewlett-Packard
2008-01-06 16:41 --------- d-----w C:\Program Files\Fichiers communs\Hewlett-Packard
2008-01-06 16:36 128 --sha-w C:\Program Files\desktop.ini
2008-01-06 16:36 --------- d-----w C:\Program Files\CaptEcran
2008-01-06 16:30 --------- d-----w C:\Program Files\Sony
2008-01-06 16:29 --------- d-----r C:\Program Files\OVAO
2008-01-06 15:42 --------- d-----w C:\Program Files\MessengerPlus! 3
2008-01-06 15:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-01-06 15:26 --------- d-----w C:\Program Files\Minilyrics
2008-01-06 15:11 --------- d-----r C:\Program Files\Winamp
2008-01-06 15:05 --------- d-----w C:\Program Files\ma-config.com
2008-01-06 14:52 --------- d-----w C:\Program Files\AdVantage
2008-01-06 14:47 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-01-06 14:43 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-01-06 14:42 128 --sha-w C:\Program Files\Fichiers communs\desktop.ini
2008-01-06 14:42 --------- d-----r C:\Program Files\Winamp Remote
2008-01-06 14:42 --------- d-----r C:\Program Files\Webteh
2008-01-06 14:42 --------- d-----r C:\Program Files\Wanadoo
2008-01-06 14:42 --------- d-----r C:\Program Files\VideoLAN
2008-01-06 14:42 --------- d-----r C:\Program Files\Stardock
2008-01-06 14:42 --------- d-----r C:\Program Files\SAGEM
2008-01-06 14:42 --------- d-----r C:\Program Files\Realtek
2008-01-06 14:42 --------- d-----r C:\Program Files\My Company Name
2008-01-06 14:42 --------- d-----r C:\Program Files\microsoft frontpage
2008-01-06 14:42 --------- d-----r C:\Program Files\Messenger Plus! Live
2008-01-06 14:42 --------- d-----r C:\Program Files\GameFace Messenger
2008-01-06 14:42 --------- d-----r C:\Program Files\CCleaner
2008-01-06 14:42 --------- d-----r C:\Program Files\Attansic
2008-01-06 14:42 --------- d-----r C:\Program Files\ASUS
2008-01-06 14:39 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe
2008-01-06 14:26 --------- d-----w C:\Program Files\Fichiers communs\Stardock
2008-01-06 14:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-01-06 13:43 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-01-06 13:34 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-01-06 12:28 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-06 12:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-06 11:53 64,419 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-01-06 11:53 6,114 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-01-06 11:46 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2008-01-06 11:46 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2008-01-06 11:40 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2007-12-17 23:43 23,396 ----a-w C:\WINDOWS\system32\drivers\klopp.dat
2007-06-07 08:14 165,888 ----a-w C:\Program Files\ToYcon.exe
2004-03-11 15:32 439,296 ----a-w C:\Program Files\JADgen.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" [2007-05-17 12:11 5729136]
"tr_winamp"="C:\Program Files\Winamp\winamp.exe" [2007-12-20 16:17 1327616]
"LClock"="C:\Program Files\LClock\lclock.exe" [2004-09-19 19:27 65536]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2002-11-23 02:15 631362]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2008-01-06 16:42 190024]
"Emjysoft_Anti-spam"="C:\Program Files\Emjysoft\Anti-Spam\antispam.exe" [2007-05-10 16:29 1049088]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-02-17 13:43 79224]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"<NO NAME>"= 1

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnnmmj]
nnnnmmj.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Acrobat.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Acrobat.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^RocketDock.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk
backup=C:\WINDOWS\pss\RocketDock.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^TransBar.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\TransBar.lnk
backup=C:\WINDOWS\pss\TransBar.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^UberIcon.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\UberIcon.lnk
backup=C:\WINDOWS\pss\UberIcon.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\Y'z Shadow.lnk
backup=C:\WINDOWS\pss\Y'z Shadow.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
--a------ 2004-12-14 02:12 483328 C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
--a------ 2007-06-28 15:19 880080 C:\Program Files\AdVantage\AdVantage.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
-ra------ 2005-05-03 04:43 69632 C:\WINDOWS\ALCMTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
--a------ 2006-08-18 18:58 1081344 C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2006-03-02 13:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2007-12-15 11:02 482760 C:\Program Files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameFace Messenger]
--a------ 2006-08-02 16:06 2048000 C:\Program Files\GameFace Messenger\GameFace.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2008-01-06 17:55 20480 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
--------- 2002-11-08 10:50 19968 C:\WINDOWS\LOGI_MWX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-12-05 01:41 8523776 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-12-05 01:41 81920 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
--a------ 2007-12-18 02:02 471040 C:\Program Files\Winamp Remote\bin\OrbTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-ra------ 2006-08-01 05:10 16049664 C:\WINDOWS\RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-ra------ 2006-05-16 04:04 2879488 C:\WINDOWS\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-01-10 20:26 1266936 c:\program files\steam\steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VadeRetro Outlook]
C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VadeRetro Outlook Express & Windows Mail]
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_Oe.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-01-30 13:11 3497984 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMAAD]
--a------ 2007-02-16 18:41 110592 C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
--a------ 2004-08-23 14:50 122880 C:\PROGRA~1\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
--------- 2004-10-14 16:55 32768 C:\PROGRA~1\Wanadoo\GestMaj.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
--------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe

R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-07-27 22:28]
R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2005-09-27 10:02]
S1 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb32.sys [2005-10-20 16:25]
S3 ICScsiSV;Image Converter SCSI Service;C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe [2007-01-26 11:39]
S3 IcVzMonLauncher;IcVzMonLauncher;"C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe" [2007-01-26 11:38]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe [2007-01-26 11:38]
S3 PhilCam8116_XP;Logitech QuickCam Pro 3000(PID_08B1);C:\WINDOWS\system32\DRIVERS\CamDrL20.sys [2004-05-21 20:16]

*Newly Created Service* - ASWUPDSV
*Newly Created Service* - AVAST!_ANTIVIRUS
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-01-31 20:51:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-06 16:46:02 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1199637940.job"
- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-17 13:45:56
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
-> C:\Program Files\Stardock\ObjectDock\DockShellHook.dll
-> C:\Program Files\LClock\LC.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-02-17 13:48:46 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-17 12:48:44
ComboFix2.txt 2008-02-13 16:55:29
ComboFix3.txt 2008-02-13 14:38:49
.
2008-02-13 19:58:12 --- E O F ---

| Alerter

Répondre à Xtrem2811

Xtrem2811

17 Février 2008 13:16:32

Qu'est que je dois faire maintenant s'il vous plait ?

| Alerter

Répondre à Xtrem2811

Xtrem2811

17 Février 2008 14:00:53

Voici un log hijackthis au cas où vous en auriez besoin :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:59, on 2008-02-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Emjysoft\Anti-Spam\antispam.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\LClock\lclock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Documents and Settings\Mi©K\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Emjysoft_Anti-spam] C:\Program Files\Emjysoft\Anti-Spam\antispam.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MsnMsgr] "C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [tr_winamp] C:\Program Files\Winamp\winamp.exe
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Transfert par Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - Winlogon Notify: nnnnmmj - nnnnmmj.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 10102 bytes

| Alerter

Répondre à Xtrem2811

Angeldark

17 Février 2008 14:45:37

Un peu de patience ?
Supprime ta version de Combofix puis recommence avec la version suivante :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

| Alerter

Répondre à Angeldark

Xtrem2811

17 Février 2008 15:37:41

Désolé.
Voici le nouveau rapport combofix :

ComboFix 08-02-17.2 - Mi©K 2008-02-17 16:32:53.6 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.459 [GMT 1:00]
Endroit: C:\Documents and Settings\Mi©K\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

((((((((((((((((((((((((((((( Fichiers créés 2008-01-17 to 2008-02-17 ))))))))))))))))))))))))))))))))))))
.

2008-02-17 14:53 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-17 14:53 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-17 14:53 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-17 14:53 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-17 14:53 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-17 14:53 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-17 14:53 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-17 13:33 . 2007-06-28 14:36 401,720 --a------ C:\Program Files\HijackThis.exe
2008-02-17 12:42 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-17 12:30 . 2008-02-17 12:30 <REP> d-------- C:\WINDOWS\Sun
2008-02-17 12:08 . 2008-02-17 12:42 <REP> d-------- C:\Program Files\Java
2008-02-17 12:07 . 2008-02-17 12:07 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-02-17 11:45 . 2008-02-17 11:48 <REP> d-------- C:\Program Files\LClock
2008-02-15 16:08 . 2008-02-15 16:08 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Emjysoft
2008-02-14 17:42 . 2008-02-14 17:42 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\Emjysoft
2008-02-14 17:42 . 2008-02-14 17:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Emjysoft
2008-02-14 17:39 . 2008-02-14 17:39 <REP> d-------- C:\Program Files\Emjysoft
2008-02-13 17:41 . 2008-02-13 17:41 <REP> dr------- C:\Documents and Settings\All Users\Application Data\SalesMon
2008-02-13 16:06 . 2008-02-13 16:06 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-02-13 16:06 . 2008-02-13 16:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-02-13 16:06 . 2008-02-13 16:27 59,424 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-02-13 16:06 . 2008-02-13 16:27 4,384 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-02-13 16:06 . 2008-02-13 16:27 3,860 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-02-13 16:06 . 2008-02-13 16:27 1,484 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-02-13 14:35 . 2008-02-13 14:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-02-10 14:10 . 2008-02-10 14:10 <REP> d-------- C:\Program Files\id Software
2008-02-10 11:38 . 2008-02-10 11:38 <REP> d--hs---- C:\WINDOWS\ftpcache
2008-02-10 11:09 . 2008-02-10 11:09 319 --a------ C:\WINDOWS\game.ini
2008-02-10 11:05 . 2008-02-10 11:05 <REP> d-------- C:\Program Files\Activision
2008-02-10 10:37 . 2008-02-10 10:37 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\VadeRetro
2008-02-10 10:37 . 2007-08-14 23:16 1,335,296 --a------ C:\WINDOWS\system32\msxml6.dll
2008-02-10 10:37 . 2007-08-14 23:16 2,048 --a------ C:\WINDOWS\system32\msxml6r.dll
2008-02-10 10:36 . 2008-02-10 10:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\VadeRetro
2008-02-10 10:36 . 1999-02-22 16:46 148,992 --a------ C:\WINDOWS\UNWISE.EXE
2008-02-10 10:36 . 1998-12-23 08:19 5,891 --a------ C:\WINDOWS\UNWISE.INI
2008-02-04 20:22 . 2008-02-04 20:22 <REP> d-------- C:\WINDOWS\Mozilla
2008-02-04 20:22 . 2008-02-04 20:22 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\fltk.org
2008-02-03 17:49 . 2008-02-13 17:37 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-03 17:49 . 2008-02-10 13:48 37,888 --a------ C:\WINDOWS\system32\rar.exe
2008-02-03 14:35 . 2008-02-03 14:35 <REP> d-------- C:\Fichier texte
2008-02-03 13:37 . 2004-01-09 11:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-03 12:01 . 2008-02-03 12:03 <REP> d-------- C:\Program Files\Serious Sam 2
2008-02-02 15:11 . 2008-02-02 15:11 <REP> d-------- C:\Program Files\Lavasoft
2008-02-02 15:11 . 2008-02-02 15:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-02-02 15:09 . 2008-02-02 15:10 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-30 17:20 . 2008-01-30 17:20 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-01-30 17:20 . 2007-11-29 23:30 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-01-30 17:20 . 2007-12-04 02:33 682,496 --a------ C:\WINDOWS\system32\divx.dll
2008-01-30 17:20 . 2006-09-24 16:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2008-01-30 17:20 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-01-30 17:20 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll
2008-01-30 17:20 . 2007-09-21 01:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2008-01-30 17:20 . 2007-11-29 23:28 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
2008-01-30 17:20 . 2007-12-24 13:49 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-01-30 17:20 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-01-30 17:20 . 2007-10-03 16:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2008-01-26 19:45 . 2008-01-26 19:46 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Winamp
2008-01-26 19:45 . 2008-01-26 19:45 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\MiniLyrics
2008-01-25 18:08 . 2008-01-25 18:08 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-01-25 18:07 . 2008-01-25 18:07 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-01-25 18:07 . 2008-01-25 18:07 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-01-25 16:57 . 2008-02-13 17:15 <REP> d-------- C:\Documents and Settings\Alexis\Contacts
2008-01-24 21:17 . 2008-01-24 21:19 <REP> d-------- C:\Program Files\TVAnts
2008-01-23 17:10 . 2008-01-06 12:45 <REP> d--h----- C:\Documents and Settings\Alexis\Voisinage réseau
2008-01-23 17:10 . 2008-01-06 12:45 <REP> d--h----- C:\Documents and Settings\Alexis\Voisinage d'impression
2008-01-23 17:10 . 2008-01-06 12:37 <REP> d--h----- C:\Documents and Settings\Alexis\Modèles
2008-01-23 17:10 . 2008-02-13 17:47 <REP> d---s---- C:\Documents and Settings\Alexis\Mes documents
2008-01-23 17:10 . 2008-01-06 12:45 <REP> dr------- C:\Documents and Settings\Alexis\Menu Démarrer
2008-01-23 17:10 . 2008-01-23 17:10 <REP> d---s---- C:\Documents and Settings\Alexis\Favoris
2008-01-23 17:10 . 2008-02-13 17:21 <REP> d-------- C:\Documents and Settings\Alexis\Bureau
2008-01-22 20:23 . 2008-01-22 20:23 <REP> d-------- C:\Program Files\Everest Ultimate Edition 2007
2008-01-22 20:22 . 2008-01-22 20:22 <REP> d-------- C:\Program Files\Lavalys
2008-01-20 18:34 . 2008-01-20 18:36 <REP> d-------- C:\WINDOWS\NV3348528.TMP
2008-01-20 18:34 . 2007-12-17 13:53 159,458 --a------ C:\WINDOWS\system32\nvapps.nvb
2008-01-20 18:33 . 2008-01-21 20:00 <REP> dr------- C:\NVIDIA
2008-01-20 18:26 . 2008-01-20 18:28 <REP> d-------- C:\Program Files\PhotoFiltre
2008-01-20 18:25 . 2004-10-08 11:59 326,656 --a------ C:\WINDOWS\system32\drivers\Camdrl.sys
2008-01-20 18:10 . 2008-01-20 18:10 <REP> d-------- C:\WINDOWS\system32\Lang
2008-01-20 18:10 . 2008-01-20 18:10 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav
2008-01-20 18:10 . 2008-01-20 18:10 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-17 13:53 --------- d-----r C:\Program Files\Alwil Software
2008-02-14 17:39 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\MiniLyrics
2008-02-13 19:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-02-13 17:09 9,729 ----a-w C:\Program Files\hijackthis.log
2008-02-10 12:14 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\ma-config.com
2008-02-10 10:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-03 19:36 --------- d-----w C:\Program Files\Lyrics
2008-02-03 17:14 --------- d-----w C:\Program Files\Steam
2008-02-02 20:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-01-22 19:53 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\BitTorrent DNA
2008-01-22 08:55 --------- d-----r C:\Program Files\Mozilla Thunderbird
2008-01-21 18:58 --------- d-----r C:\Program Files\Intel
2008-01-20 17:24 --------- d-----r C:\Program Files\Logitech
2008-01-16 18:52 --------- d-----w C:\Program Files\Veoh Networks
2008-01-16 14:05 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\BitTorrent
2008-01-16 14:03 --------- d-----w C:\Program Files\BitTorrent
2008-01-16 14:02 --------- d-----w C:\Program Files\BitTorrent_DNA
2008-01-16 13:57 --------- d-----w C:\Program Files\DivX
2008-01-15 19:47 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\Winamp
2008-01-15 17:59 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\Apple Computer
2008-01-15 17:58 --------- d-----w C:\Program Files\QuickTime
2008-01-15 17:57 --------- d-----w C:\Program Files\Apple Software Update
2008-01-15 17:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-15 17:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-01-13 17:36 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\Sony Corporation
2008-01-13 17:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Corporation
2008-01-13 17:19 --------- d-----r C:\Program Files\Yahoo!
2008-01-13 17:06 --------- d-----w C:\Program Files\Fichiers communs\Sony Shared
2008-01-13 17:04 --------- d-----w C:\Program Files\Common Files
2008-01-13 17:03 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\InstallShield
2008-01-13 16:55 --------- d-----w C:\Program Files\Samsung
2008-01-12 09:32 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\vlc
2008-01-10 19:38 --------- d-----w C:\Program Files\StuffPlug3
2008-01-10 17:46 --------- d-----w C:\Program Files\Microsoft Works
2008-01-10 17:45 --------- d-----w C:\Program Files\MSBuild
2008-01-09 15:22 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\AdobeUM
2008-01-09 14:08 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared
2008-01-09 14:08 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-01-09 14:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-01-08 19:26 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\Ahead
2008-01-08 19:24 --------- d-----w C:\Program Files\Nero
2008-01-08 19:24 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-01-07 18:35 --------- d-----w C:\Program Files\Dofus
2008-01-07 17:48 --------- d-----r C:\Program Files\Windows Live
2008-01-07 13:39 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-07 13:38 --------- d-----w C:\Program Files\MSXML 4.0
2008-01-06 17:59 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-01-06 17:59 --------- d--h--r C:\Documents and Settings\Mi©K\Application Data\SecuROM
2008-01-06 17:42 --------- d-----w C:\Program Files\KONAMI
2008-01-06 17:38 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\DAEMON Tools
2008-01-06 16:57 --------- d-----w C:\Program Files\Fichiers communs\FotoWire
2008-01-06 16:57 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\FotoWire
2008-01-06 16:56 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2008-01-06 16:55 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
2008-01-06 16:46 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\Hewlett-Packard
2008-01-06 16:43 82,380 ----a-w C:\WINDOWS\system32\drivers\AFS2K.SYS
2008-01-06 16:43 --------- d-----w C:\Program Files\Hewlett-Packard
2008-01-06 16:41 --------- d-----w C:\Program Files\Fichiers communs\Hewlett-Packard
2008-01-06 16:36 128 --sha-w C:\Program Files\desktop.ini
2008-01-06 16:36 --------- d-----w C:\Program Files\CaptEcran
2008-01-06 16:32 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\BSplayer Pro
2008-01-06 16:30 --------- d-----w C:\Program Files\Sony
2008-01-06 16:29 --------- d-----r C:\Program Files\OVAO
2008-01-06 15:42 --------- d-----w C:\Program Files\MessengerPlus! 3
2008-01-06 15:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-01-06 15:26 --------- d-----w C:\Program Files\Minilyrics
2008-01-06 15:11 --------- d-----r C:\Program Files\Winamp
2008-01-06 15:05 --------- d-----w C:\Program Files\ma-config.com
2008-01-06 14:52 --------- d-----w C:\Program Files\AdVantage
2008-01-06 14:47 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-01-06 14:43 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-01-06 14:39 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe
2008-01-06 14:26 --------- d-----w C:\Program Files\Fichiers communs\Stardock
2008-01-06 14:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-01-06 13:58 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\Thunderbird
2008-01-06 13:43 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-01-06 13:34 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-01-06 12:28 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-06 12:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-06 11:53 64,419 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-01-06 11:53 6,114 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-01-06 11:53 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2007-12-17 23:43 23,396 ----a-w C:\WINDOWS\system32\drivers\klopp.dat
2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2007-12-07 02:08 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-05 01:53 356,352 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-06-07 08:14 165,888 ----a-w C:\Program Files\ToYcon.exe
2006-06-22 23:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe
2004-03-11 15:32 439,296 ----a-w C:\Program Files\JADgen.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" [2007-05-17 12:11 5729136]
"tr_winamp"="C:\Program Files\Winamp\winamp.exe" [2007-12-20 16:17 1327616]
"LClock"="C:\Program Files\LClock\lclock.exe" [2004-09-19 19:27 65536]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2002-11-23 02:15 631362]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2008-01-06 16:42 190024]
"Emjysoft_Anti-spam"="C:\Program Files\Emjysoft\Anti-Spam\antispam.exe" [2007-05-10 16:29 1049088]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2006-03-02 13:00 160768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360]

C:\Documents and Settings\Mi¸K\Menu D‚marrer\Programmes\D‚marrage\
Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [2008-01-06 15:26:09 Mick 3450608]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"<NO NAME>"= 1

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnnmmj]
nnnnmmj.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Acrobat.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Acrobat.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^RocketDock.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk
backup=C:\WINDOWS\pss\RocketDock.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^TransBar.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\TransBar.lnk
backup=C:\WINDOWS\pss\TransBar.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^UberIcon.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\UberIcon.lnk
backup=C:\WINDOWS\pss\UberIcon.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\Y'z Shadow.lnk
backup=C:\WINDOWS\pss\Y'z Shadow.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
--a------ 2004-12-14 02:12 483328 C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
--a------ 2007-06-28 15:19 880080 C:\Program Files\AdVantage\AdVantage.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
-ra------ 2005-05-03 04:43 69632 C:\WINDOWS\ALCMTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
--a------ 2006-08-18 18:58 1081344 C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2006-03-02 13:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2007-12-15 11:02 482760 C:\Program Files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameFace Messenger]
--a------ 2006-08-02 16:06 2048000 C:\Program Files\GameFace Messenger\GameFace.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2008-01-06 17:55 20480 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
--------- 2002-11-08 10:50 19968 C:\WINDOWS\LOGI_MWX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-12-05 01:41 8523776 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-12-05 01:41 81920 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
--a------ 2007-12-18 02:02 471040 C:\Program Files\Winamp Remote\bin\OrbTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-ra------ 2006-08-01 05:10 16049664 C:\WINDOWS\RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-ra------ 2006-05-16 04:04 2879488 C:\WINDOWS\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-01-10 20:26 1266936 c:\program files\steam\steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VadeRetro Outlook]
C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VadeRetro Outlook Express & Windows Mail]
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_Oe.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-01-30 13:11 3497984 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMAAD]
--a------ 2007-02-16 18:41 110592 C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
--a------ 2004-08-23 14:50 122880 C:\PROGRA~1\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
--------- 2004-10-14 16:55 32768 C:\PROGRA~1\Wanadoo\GestMaj.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
--------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe

R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-07-27 22:28]
R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2005-09-27 10:02]
S1 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb32.sys [2005-10-20 16:25]
S3 ICScsiSV;Image Converter SCSI Service;C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe [2007-01-26 11:39]
S3 IcVzMonLauncher;IcVzMonLauncher;"C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe" [2007-01-26 11:38]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe [2007-01-26 11:38]
S3 PhilCam8116_XP;Logitech QuickCam Pro 3000(PID_08B1);C:\WINDOWS\system32\DRIVERS\CamDrL20.sys [2004-05-21 20:16]

*Newly Created Service* - ASWUPDSV
*Newly Created Service* - AVAST!_ANTIVIRUS
*Newly Created Service* - AVAST!_MAIL_SCANNER
*Newly Created Service* - AVAST!_WEB_SCANNER
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-31 20:51:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-06 16:46:02 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1199637940.job"
- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-17 16:35:22
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
-> C:\Program Files\Stardock\ObjectDock\DockShellHook.dll
-> C:\Program Files\LClock\LC.dll
.
Temps d'accomplissement: 2008-02-17 16:36:00
ComboFix-quarantined-files.txt 2008-02-17 15:35:51
ComboFix2.txt 2008-02-17 12:48:47
ComboFix3.txt 2008-02-13 16:55:29
ComboFix4.txt 2008-02-13 14:38:49
.
2008-02-13 19:58:12 --- E O F ---

| Alerter

Répondre à Xtrem2811

Angeldark

17 Février 2008 15:45:07

Re,

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

| Alerter

Répondre à Angeldark

Xtrem2811

17 Février 2008 16:35:41

Re,
Antivir n'est pas en français ?
Avast l'était ...

| Alerter

Répondre à Xtrem2811

Angeldark

17 Février 2008 17:00:49

Il est simple d'utilisation, tu as regardé l'aide ?

| Alerter

Répondre à Angeldark

Xtrem2811

17 Février 2008 17:05:41

Oui, je vais le garder je pense il a l'air efficace !
Là je suis en train de faire un scan. Je post le rapport juste après.

| Alerter

Répondre à Xtrem2811

Xtrem2811

17 Février 2008 17:16:05

Est ce que Antivir comporte une protection résidente?
C'est à dire, imaginons je télécharge un fichier infecté est-ce-que Antivir va m'en avertir?

| Alerter

Répondre à Xtrem2811

Angeldark

17 Février 2008 17:23:57

Oui bien sûr.

| Alerter

Répondre à Angeldark

Xtrem2811

17 Février 2008 17:45:29

Re,

Voici le rapport complet fait par antivir :

AntiVir PersonalEdition Classic
Report file date: 2008-02-17 17:32

Scanning for 1110678 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: COMPUTER

Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 14:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 2007-12-14 16:31:39
ANTIVIR2.VDF : 7.0.2.113 1673728 Bytes 2008-02-08 16:31:39
ANTIVIR3.VDF : 7.0.2.148 201216 Bytes 2008-02-15 16:31:39
AVEWIN32.DLL : 7.6.0.67 3293696 Bytes 2008-02-17 16:31:40
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-02-17 16:31:40
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-02-17 17:32

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ATKKBService.exe' - '1' Module(s) have been scanned
Scan process 'ObjectDock.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'LClock.exe' - '1' Module(s) have been scanned
Scan process 'winamp.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'antispam.exe' - '1' Module(s) have been scanned
Scan process 'MsgPlus.exe' - '1' Module(s) have been scanned
Scan process 'iTouch.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
36 processes with 36 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '23' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\QooBox\Quarantine\catchme2008-02-13_175257.68.zip
[0] Archive type: ZIP
--> jkklk.dll
[DETECTION] Is the Trojan horse TR/Vundo.gc
--> snubejmr.dll
[DETECTION] Is the Trojan horse TR/Vundo.DWB
[INFO] The file was moved to '482c68d2.qua'!
C:\QooBox\Quarantine\catchme2008-02-17_134549.54.zip
[0] Archive type: ZIP
--> srosa.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
--> wintems.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
--> mdelk.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '482c68d7.qua'!
C:\QooBox\Quarantine\C\Program Files\Fichiers communs\StorageProtector\strpmon.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
[INFO] The file was moved to '482a68ee.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\aeximwds.dll.vir
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '483068e1.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\fkgfxqun.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.DWB
[INFO] The file was moved to '481f68e9.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\jkklk.dll.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '482368eb.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\lmpjxetp.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.DWB
[INFO] The file was moved to '482868ef.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '481d68e8.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\qomjhii.dll.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '482568f5.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\scredir32.dll.vir
[DETECTION] Is the Trojan horse TR/Hijacker.Gen
[INFO] The file was moved to '482a68ea.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\snubejmr.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.DWB
[INFO] The file was moved to '482d68f7.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\WinSpooler.exe.vir
[DETECTION] Is the Trojan horse TR/Drop.Agent.cbo
[INFO] The file was moved to '482668f6.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\wintems.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '482668f8.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\WinUpdating.exe.vir
[DETECTION] Is the Trojan horse TR/Agent.fgk.1
[INFO] The file was moved to '482668fa.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\hldrrr.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '481c68ff.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14679015.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47ee68cc.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\29179546.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47e968d6.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\43665312.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '47ee68d3.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\54984.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47f168d7.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\55031.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47e868da.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\58152484.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47e968e0.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\61656.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '47ee68db.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\62593.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47ed68de.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\65109.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47e968e3.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\69796.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47ef68e9.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\72781.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '47ef68e4.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\79812.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47f068ed.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\96593.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '47ed68ec.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP125\A0016069.dll
[DETECTION] Is the Trojan horse TR/Vundo.DWB
[INFO] The file was moved to '47e868f0.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP127\A0019123.exe
[DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
[INFO] The file was moved to '47e868fc.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP127\A0019125.dll
[DETECTION] Is the Trojan horse TR/Hijacker.Gen
[INFO] The file was moved to '47e868fe.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP127\A0019126.exe
[DETECTION] Is the Trojan horse TR/Drop.Agent.cbo
[INFO] The file was moved to '47e86900.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP127\A0019127.exe
[DETECTION] Is the Trojan horse TR/Agent.fgk.1
[INFO] The file was moved to '47e86902.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP127\A0019129.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47e86903.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP127\A0019131.dll
[DETECTION] Is the Trojan horse TR/Vundo.DWB
[INFO] The file was moved to '47e86905.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP127\A0019133.dll
[DETECTION] Is the Trojan horse TR/Vundo.DWB
[INFO] The file was moved to '47e86907.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP127\A0019143.dll
[DETECTION] Is the Trojan horse TR/Vundo.gc
[INFO] The file was moved to '47e86908.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP127\A0019145.dll
[DETECTION] Is the Trojan horse TR/Vundo.DWB
[INFO] The file was moved to '47e8690a.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP127\A0019155.dll
[DETECTION] Is the Trojan horse TR/Vundo.DWB
[INFO] The file was moved to '47e8690c.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP127\A0019221.exe
[DETECTION] Is the Trojan horse TR/Pakes.bzo
[INFO] The file was moved to '47e86910.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP130\A0020440.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '47e86930.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP130\A0020517.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '47e86934.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP130\A0020520.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '47e86936.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP130\A0020521.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '47e86937.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP131\A0020650.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '47e8693d.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP132\A0020786.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '47e86942.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP132\A0020808.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '47e86944.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP132\A0020869.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '47e86947.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP132\A0020871.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '47e86949.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP132\A0020873.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '47e8694c.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP132\A0020891.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '47e8694d.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP132\A0021013.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '47e86950.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021101.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47e86953.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021152.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47e86955.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021171.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '46967d16.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021189.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47e86956.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021190.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '46967d17.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021191.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47e86957.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021210.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '46967d18.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021211.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47e86958.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021214.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '46967d19.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021216.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '47e8695a.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021218.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '47e86959.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021226.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '46967d1a.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021243.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '46967d1b.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021264.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '47e8695b.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021265.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '46967d1c.qua'!
C:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP133\A0021266.exe
[DETECTION] Is the Trojan horse TR/Killav.28714
[INFO] The file was moved to '47e8695d.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <LaCie>
D:\System Volume Information\_restore{E86B1AE6-54C7-4BFE-9FB6-D12520B61D19}\RP135\A0021700.exe
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.duj.85 Backdoor server programs
[INFO] The file was moved to '47e8726d.qua'!
Begin scan in 'E:\' <Disque multimédia>

End of the scan: 2008-02-17 18:43
Used time: 1:11:15 min

The scan has been done completely.

10248 Scanning directories
498528 Files were scanned
72 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
69 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
498456 Files not concerned
3912 Archives were scanned
2 Warnings
2 Notes

| Alerter

Répondre à Xtrem2811

Angeldark

17 Février 2008 18:01:04

Reposte un rapport Hijackthis.

| Alerter

Répondre à Angeldark

Xtrem2811

17 Février 2008 18:04:42

Rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:04, on 17/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Emjysoft\Anti-Spam\antispam.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe
C:\Program Files\LClock\lclock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Mi©K\Mes documents\emule0.47c-Xtreme5.4.1\emule.exe
C:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Emjysoft_Anti-spam] C:\Program Files\Emjysoft\Anti-Spam\antispam.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [MsnMsgr] "C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [tr_winamp] C:\Program Files\Winamp\winamp.exe
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Transfert par Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - Winlogon Notify: nnnnmmj - nnnnmmj.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 9878 bytes

| Alerter

Répondre à Xtrem2811

Angeldark

17 Février 2008 18:28:55

Tu as encore de soucis ?

| Alerter

Répondre à Angeldark

Xtrem2811

17 Février 2008 18:46:57

Non pour l'instant sa à l'air de tout bien aller

Je te remercie pour ton aide

| Alerter

Répondre à Xtrem2811

Angeldark

17 Février 2008 19:10:10

Des questions ?

| Alerter

Répondre à Angeldark

Xtrem2811

17 Février 2008 19:16:10

Oui :
qu'est que je dois faire pour éviter de reprendre des virus ou des cheval de troie ?

| Alerter

Répondre à Xtrem2811

Angeldark

17 Février 2008 20:15:23

Tout est indiqué ci-dessous

Télécharge ToolsCleaner sur ton Bureau.

Clique sur Recherche et laisse le scan se terminer.

Clique sur Suppression pour finaliser.

Clique sur Quitter, pour que le rapport puisse se créer.

Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)

Désactive puis réactive la restauration du système : Voir aide

Ajoute maintenant [Résolu] au titre. Pour cela :
* Clique, dans ton premier message, sur le bouton "Editer"

* Rajoute la mention [Résolu] au titre
* Clique ensuite sur "Valider votre message"

Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :

| Alerter

Répondre à Angeldark

Xtrem2811

17 Février 2008 21:22:58

Re,
Voici le rapport de ToolsCleaner :

-->- Recherche:

C:\Combofix: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\Mi©K\Mes documents\Z058_jpg spyware\ComboFix.exe: trouvé !
C:\Documents and Settings\Mi©K\Mes documents\Z058_jpg spyware\MsnFix: trouvé !
C:\Documents and Settings\Mi©K\Recent\MSNFix.lnk: trouvé !
C:\Program Files\ComboFix.exe: trouvé !
C:\Program Files\HijackThis.exe: trouvé !
C:\QooBox\Quarantine\C\Combofix: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\Mi©K\Mes documents\Z058_jpg spyware\ComboFix.exe: supprimé !
C:\Documents and Settings\Mi©K\Recent\MSNFix.lnk: supprimé !
C:\Program Files\ComboFix.exe: supprimé !
C:\Program Files\HijackThis.exe: supprimé !
C:\Combofix: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\Mi©K\Mes documents\Z058_jpg spyware\MsnFix: supprimé !

| Alerter

Répondre à Xtrem2811

Angeldark

18 Février 2008 11:23:32

Bon surf

| Alerter

Répondre à Angeldark

Tom's guide dans le monde