pc infecté

pc infecté - Sécurité - Virus

Recherche Recherche
Règles Règles
Aide Aide

Dans la même thématique :

Ceci répond-il à votre question ? Oui | Non

Voir les posts : Par défaut Tous Les bonnes notes Les notes insuffisantes

Mot : Pseudo : Filtrer
Bas de page
Auteur	Sujet : pc infecté

florpanama

Profil : IDNaute

Plus d'informations

20-04-2008 à 14:47:36

bonjour à tous,
je crois que je suis encore infecté (xp 2000);
qui peut m'aider ?
merci
voici le rapport d'un scan que je viens de faire :
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 604

Type de recherche: Examen complet (A:\|C:\|D:\|E:\|)
Eléments examinés: 152050
Temps écoulé: 1 hour(s), 13 minute(s), 43 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 16
Clé(s) du Registre infectée(s): 41
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 56

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS.2\system32\byXQJDsQ.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\byXRifgE.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\ddcCSLBr.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\ddcYqrSL.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\fcccbcca.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\fccyYRlm.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\fgyeiyeh.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\jkkJyWMC.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\khfDwwtQ.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\khfGvsrs.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\qoMghhhH.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\schbpuyt.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\tuvUNeef.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\tuvWmKeF.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\yayaYqQg.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\ddcBUkkj.dll (Trojan.Vundo) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201a5621-38f4-4975-904e-1e15038e8f38} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{201a5621-38f4-4975-904e-1e15038e8f38} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24ef7d18-eff1-4005-adad-4b68d4c66a30} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{24ef7d18-eff1-4005-adad-4b68d4c66a30} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{439fdc75-9c9f-434d-a466-7a48f289de9c} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{439fdc75-9c9f-434d-a466-7a48f289de9c} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51967a8d-f240-496e-ab99-74300e42a093} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{51967a8d-f240-496e-ab99-74300e42a093} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5f250ee2-4e49-418c-8790-b5c409b7e492} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5f250ee2-4e49-418c-8790-b5c409b7e492} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6da5fb25-eeca-4374-b54e-b3cbf63a27bf} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6da5fb25-eeca-4374-b54e-b3cbf63a27bf} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6dcb697a-e36d-42a3-b0cb-f776250055c7} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6dcb697a-e36d-42a3-b0cb-f776250055c7} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6f30152d-5560-4552-bc04-2e338813b511} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6f30152d-5560-4552-bc04-2e338813b511} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{782e6493-c0e1-4db6-a955-33e2afaba886} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{782e6493-c0e1-4db6-a955-33e2afaba886} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8e9b5a18-cf5c-453c-b402-346fc612bc4c} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8e9b5a18-cf5c-453c-b402-346fc612bc4c} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94e24d96-6a21-4680-84af-8ce278a55e44} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{94e24d96-6a21-4680-84af-8ce278a55e44} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f2de5dd8-f4a5-4051-bcab-ad2510dd6e4e} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f2de5dd8-f4a5-4051-bcab-ad2510dd6e4e} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fc050245-72a5-488a-afa5-b9215d7b75a2} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{fc050245-72a5-488a-afa5-b9215d7b75a2} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ddcbukkj (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BMcb8d9233 (Trojan.Agent) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS.2\system32\byXQJDsQ.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\QsDJQXyb.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\QsDJQXyb.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\byXRifgE.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\EgfiRXyb.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\EgfiRXyb.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\ddcCSLBr.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\rBLSCcdd.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\rBLSCcdd.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\ddcYqrSL.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\LSrqYcdd.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\LSrqYcdd.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\fcccbcca.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\accbcccf.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\accbcccf.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\fccyYRlm.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\mlRYyccf.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\mlRYyccf.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\fgyeiyeh.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\heyieygf.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\jkkJyWMC.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\CMWyJkkj.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\CMWyJkkj.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\khfDwwtQ.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\QtwwDfhk.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\QtwwDfhk.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\khfGvsrs.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\srsvGfhk.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\srsvGfhk.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\lnlourvr.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\rvruolnl.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\mtlgfoij.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\jiofgltm.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\qoMghhhH.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\HhhhgMoq.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\HhhhgMoq.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\schbpuyt.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\tyupbhcs.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\ssokcbhv.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\vhbckoss.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\tlafrfbh.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\hbfrfalt.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\tuvUNeef.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\feeNUvut.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\feeNUvut.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\tuvWmKeF.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\FeKmWvut.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\FeKmWvut.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\yayaYqQg.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\gQqYayay.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\gQqYayay.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\ddcBUkkj.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{5466A367-2FC9-4757-AFA5-1EC88A3D4F54}\RP203\A0327163.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{5466A367-2FC9-4757-AFA5-1EC88A3D4F54}\RP203\A0327164.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{5466A367-2FC9-4757-AFA5-1EC88A3D4F54}\RP203\A0327165.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS.2\system32\jnvtlqof.dll (Trojan.Agent) -> No action taken.

Liens

XmichouX

Profil : Helper

Plus d'informations

20-04-2008 à 15:09:54

Masquer

Salut,

En effet, applique les actions

Télécharge Hijackthis (de Trend Micro)
Poste un rapport en suivant ce Tuto.

---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité/Prévention

florpanama

Profil : IDNaute

Plus d'informations

20-04-2008 à 20:21:10

Masquer

bonsoir et merci ,
voilà le rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:20, on 2008-04-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS.2\System32\smss.exe
C:\WINDOWS.2\system32\winlogon.exe
C:\WINDOWS.2\system32\services.exe
C:\WINDOWS.2\system32\lsass.exe
C:\WINDOWS.2\system32\Ati2evxx.exe
C:\WINDOWS.2\system32\svchost.exe
C:\WINDOWS.2\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS.2\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS.2\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS.2\system32\Ati2evxx.exe
C:\WINDOWS.2\Explorer.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS.2\system32\pctspk.exe
C:\WINDOWS.2\system32\ezSP_Px.exe
C:\Program Files\D-Link\Wireless G WUA-1340\AirGCFG.exe
C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS.2\system32\atiptaxx.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS.2\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS.2\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {eb821794-d5e5-1b0a-3c44-256ac81d24c9} - {9c42d18c-a652-44c3-a0b1-5e5d497128be} - C:\WINDOWS.2\system32\veblyjku.dll
O2 - BHO: (no name) - {B23457DA-58C8-415E-855E-3F7B56C0540E} - C:\WINDOWS.2\system32\qoMghhhH.dll (file missing)
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS.2\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS.2\System32\NeroCheck.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS.2\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [D-Link Wireless G WUA-1340] C:\Program Files\D-Link\Wireless G WUA-1340\AirGCFG.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [c8bea1af] rundll32.exe "C:\WINDOWS.2\system32\gsgcxtil.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.2\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [EPSON Stylus C40 Series] C:\WINDOWS.2\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE /P23 "EPSON Stylus C40 Series" /O6 "USB001" /M "Stylus C40"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS.2\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.2\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.2\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.2\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS.2\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS.2\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.2\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.2\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows.2\system32\nwprovau.dll
O16 - DPF: Interface Chat Voila - http://chat15.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.f [...] r_cert.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activ [...] stubie.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/024678 [...] xIE601.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 6201160101
O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} (FotovistaPhotoUploader.ctrFpu) - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b32846.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Reg [...] lashax.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS.2\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS.2\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: Norman NJeeves - Unknown owner - C:\NORMAN\Nvc\BIN\NJEEVES.EXE (file missing)
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Nvc\BIN\Zanda.exe (file missing)
O23 - Service: Norman Virus Control on-access component (nvcoas) - Unknown owner - C:\NORMAN\Nvc\BIN\nvcoas.exe (file missing)
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - Unknown owner - C:\WINDOWS.2\system32\pctspk.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 14080 bytes

XmichouX

Profil : Helper

Plus d'informations

20-04-2008 à 20:33:03

Masquer

Re,

Télécharge Combofix (de sUBs) sur ton Bureau. (Tuto)

Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
Double clique combofix.exe. (Clique droit->Exécuter en tant qu'administrateur si sous Vista)
Tape sur la touche 1 (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Le rapport se trouve ici : C:\Combofix.txt

---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité/Prévention

florpanama

Profil : IDNaute

Plus d'informations

20-04-2008 à 22:09:22

Masquer

voilà je crois que c'est ça mais je suis pas sur car il y en a un autre je le mets à la suite :

ComboFix 08-04-20.2 - Propriétaire 2008-04-20 21:36:15.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.49 [GMT 2:00]
Endroit: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\#SharedObjects\QASFKFJD\iforex.com
C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\#SharedObjects\QASFKFJD\iforex.com\Emerp\Events\flash_object.swf\user_data.sol
C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com
C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com\settings.sol
C:\WINDOWS.2\cookies.ini
C:\WINDOWS.2\pskt.ini
C:\WINDOWS.2\system32\ajjqcucc.dll
C:\WINDOWS.2\system32\aqwfimkt.dll
C:\WINDOWS.2\system32\bhpdhqpo.dll
C:\WINDOWS.2\system32\cblnekfg.dll
C:\WINDOWS.2\system32\cqkyrwyv.dll
C:\WINDOWS.2\system32\csltuqqs.dll
C:\WINDOWS.2\system32\cyexiver.dll
C:\WINDOWS.2\system32\dlopnxuc.dll
C:\WINDOWS.2\system32\egwyrtkd.dll
C:\WINDOWS.2\system32\epgvneuj.dll
C:\WINDOWS.2\system32\exktahpu.dll
C:\WINDOWS.2\system32\fgddifoa.dll
C:\WINDOWS.2\system32\gikcwycd.dll
C:\WINDOWS.2\system32\hbxgjnyq.dll
C:\WINDOWS.2\system32\iggftock.dll
C:\WINDOWS.2\system32\iuhmtobf.dll
C:\WINDOWS.2\system32\iuttomvi.dll
C:\WINDOWS.2\system32\iwqqpsak.ini
C:\WINDOWS.2\system32\iwrofrwo.dll
C:\WINDOWS.2\system32\jxhbpiql.dll
C:\WINDOWS.2\system32\kaekvqud.dll
C:\WINDOWS.2\system32\laxbnmvc.ini
C:\WINDOWS.2\system32\lbyiwahp.dll
C:\WINDOWS.2\system32\liqehldo.dll
C:\WINDOWS.2\system32\mcrh.tmp
C:\WINDOWS.2\system32\mcsfdnts.dll
C:\WINDOWS.2\system32\mihkwgnl.ini
C:\WINDOWS.2\system32\mncaetev.dll
C:\WINDOWS.2\system32\mohmyqsl.dll
C:\WINDOWS.2\system32\msftpsjq.dll
C:\WINDOWS.2\system32\odwqqhlk.dll
C:\WINDOWS.2\system32\ontslymr.dll
C:\WINDOWS.2\system32\phupmews.dll
C:\WINDOWS.2\system32\qepjyosf.dll
C:\WINDOWS.2\system32\qlbdpquc.dll
C:\WINDOWS.2\system32\qqdiarox.dll
C:\WINDOWS.2\system32\rfmsmpkh.dll
C:\WINDOWS.2\system32\rqcebrya.dll
C:\WINDOWS.2\system32\rstllder.dll
C:\WINDOWS.2\system32\rvkrtusy.dll
C:\WINDOWS.2\system32\rysrvunt.dll
C:\WINDOWS.2\system32\stdkhdrh.dll
C:\WINDOWS.2\system32\trxvhkqj.dll
C:\WINDOWS.2\system32\tsbalftw.dll
C:\WINDOWS.2\system32\usdorxhk.dll
C:\WINDOWS.2\system32\veblyjku.dll
C:\WINDOWS.2\system32\vgevgxui.dll
C:\WINDOWS.2\system32\vrkxcssb.dll
C:\WINDOWS.2\system32\vuuphdpv.dll
C:\WINDOWS.2\system32\vwddwsrh.dll
C:\WINDOWS.2\system32\wagvbydd.dll
C:\WINDOWS.2\system32\wedgrxjr.dll
C:\WINDOWS.2\system32\yhgcvmrh.dll
C:\WINDOWS.2\system32\yqgsuqui.dll
.
---- Previous Run -------
.
C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\#SharedObjects\QASFKFJD\iforex.com
C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\#SharedObjects\QASFKFJD\iforex.com\Emerp\Events\flash_object.swf\user_data.sol
C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com
C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com\settings.sol
C:\Program Files\purityscan
C:\WINDOWS.2\BMcb8d9233.xml
C:\WINDOWS.2\cookies.ini
C:\WINDOWS.2\Downloaded Program Files\setup.inf
C:\WINDOWS.2\pskt.ini
C:\WINDOWS.2\system32\acwtanlc.dll
C:\WINDOWS.2\system32\aupcrirj.dll
C:\WINDOWS.2\system32\axyuhpna.dll
C:\WINDOWS.2\system32\aydrbfrr.ini
C:\WINDOWS.2\system32\bblnwbjy.dll
C:\WINDOWS.2\system32\Bdcdefii.ini
C:\WINDOWS.2\system32\Bdcdefii.ini2
C:\WINDOWS.2\system32\bilujhxx.dll
C:\WINDOWS.2\system32\bqlndeka.ini
C:\WINDOWS.2\system32\bxxnvvof.dll
C:\WINDOWS.2\system32\byspkkub.ini
C:\WINDOWS.2\system32\cpccdydj.dll
C:\WINDOWS.2\system32\cqvdyiuw.dll
C:\WINDOWS.2\system32\cugqcqkq.dll
C:\WINDOWS.2\system32\DeeggMoq.ini
C:\WINDOWS.2\system32\DeeggMoq.ini2
C:\WINDOWS.2\system32\dhpalifi.dll
C:\WINDOWS.2\system32\dlqgpwwi.dll
C:\WINDOWS.2\system32\dqhbjule.ini
C:\WINDOWS.2\system32\drivers\downld
C:\WINDOWS.2\system32\eaqaawby.dll
C:\WINDOWS.2\system32\edrvowjq.ini
C:\WINDOWS.2\system32\efrrjcmf.ini
C:\WINDOWS.2\system32\efyqxubp.ini
C:\WINDOWS.2\system32\ehtfuvgi.dll
C:\WINDOWS.2\system32\eogqswkj.dll
C:\WINDOWS.2\system32\fbcvwrbw.ini
C:\WINDOWS.2\system32\fmcjrrfe.dll
C:\WINDOWS.2\system32\fttqukfo.dll
C:\WINDOWS.2\system32\fwcantov.dll
C:\WINDOWS.2\system32\gcpxdxfe.dll
C:\WINDOWS.2\system32\gjQqWvut.ini
C:\WINDOWS.2\system32\gjQqWvut.ini2
C:\WINDOWS.2\system32\glabcepe.dll
C:\WINDOWS.2\system32\gtnnakmj.dll
C:\WINDOWS.2\system32\havnbjay.dll
C:\WINDOWS.2\system32\henottfm.dll
C:\WINDOWS.2\system32\hjfhwktx.dll
C:\WINDOWS.2\system32\hjtqobha.ini
C:\WINDOWS.2\system32\igvufthe.ini
C:\WINDOWS.2\system32\iRAayccf.ini
C:\WINDOWS.2\system32\iRAayccf.ini2
C:\WINDOWS.2\system32\irvfpsmn.dll
C:\WINDOWS.2\system32\ismkvvhv.dll
C:\WINDOWS.2\system32\jbiqioml.dll
C:\WINDOWS.2\system32\jchdflrf.dll
C:\WINDOWS.2\system32\JTDgfMoq.ini
C:\WINDOWS.2\system32\JTDgfMoq.ini2
C:\WINDOWS.2\system32\jvlctpot.dll
C:\WINDOWS.2\system32\keigxtof.ini
C:\WINDOWS.2\system32\kfnawone.dll
C:\WINDOWS.2\system32\KRqtCJjl.ini
C:\WINDOWS.2\system32\KRqtCJjl.ini2
C:\WINDOWS.2\system32\kuyttbcw.dll
C:\WINDOWS.2\system32\lchsedqk.dll
C:\WINDOWS.2\system32\lrkoxdtp.dll
C:\WINDOWS.2\system32\lsesfndq.dll
C:\WINDOWS.2\system32\mcrh.tmp
C:\WINDOWS.2\system32\mfttoneh.ini
C:\WINDOWS.2\system32\mkvbsonk.dll
C:\WINDOWS.2\system32\mwayhetk.dll
C:\WINDOWS.2\system32\mydlggpb.dll
C:\WINDOWS.2\system32\nemyjcad.dll
C:\WINDOWS.2\system32\nhixetbv.ini
C:\WINDOWS.2\system32\nmhirimr.ini
C:\WINDOWS.2\system32\nokjjweb.dll
C:\WINDOWS.2\system32\NopqBJjl.ini
C:\WINDOWS.2\system32\NopqBJjl.ini2
C:\WINDOWS.2\system32\nrkoxtns.dll
C:\WINDOWS.2\system32\nTtuvyxx.ini
C:\WINDOWS.2\system32\nTtuvyxx.ini2
C:\WINDOWS.2\system32\nvbweeip.dll
C:\WINDOWS.2\system32\nvvfptlt.ini
C:\WINDOWS.2\system32\nwmblouh.ini
C:\WINDOWS.2\system32\ofkuqttf.ini
C:\WINDOWS.2\system32\pbuxqyfe.dll
C:\WINDOWS.2\system32\pgjvougy.dll
C:\WINDOWS.2\system32\pjnaggut.ini
C:\WINDOWS.2\system32\PpqsDfhk.ini2
C:\WINDOWS.2\system32\pqtDgfii.ini
C:\WINDOWS.2\system32\pqtDgfii.ini2
C:\WINDOWS.2\system32\psmvrnmd.dll
C:\WINDOWS.2\system32\pwebjyds.dll
C:\WINDOWS.2\system32\qjwovrde.dll
C:\WINDOWS.2\system32\qugmikep.dll
C:\WINDOWS.2\system32\qWGMnnnn.ini
C:\WINDOWS.2\system32\qWGMnnnn.ini2
C:\WINDOWS.2\system32\reaygqyu.ini
C:\WINDOWS.2\system32\regptagf.ini
C:\WINDOWS.2\system32\rmirihmn.dll
C:\WINDOWS.2\system32\romwnjvy.ini
C:\WINDOWS.2\system32\rrbcofwi.dll
C:\WINDOWS.2\system32\rufovuna.dll
C:\WINDOWS.2\system32\RYcJkUvw.ini
C:\WINDOWS.2\system32\RYcJkUvw.ini2
C:\WINDOWS.2\system32\sjrvaxew.dll
C:\WINDOWS.2\system32\srCLRqss.ini
C:\WINDOWS.2\system32\srCLRqss.ini2
C:\WINDOWS.2\system32\srfyhogt.dll
C:\WINDOWS.2\system32\srmcrmuj.dll
C:\WINDOWS.2\system32\suFLRqss.ini
C:\WINDOWS.2\system32\suFLRqss.ini2
C:\WINDOWS.2\system32\tfaoxutn.ini
C:\WINDOWS.2\system32\tgohyfrs.ini
C:\WINDOWS.2\system32\tnfgfcwn.ini
C:\WINDOWS.2\system32\ttocmfoa.dll
C:\WINDOWS.2\system32\tugganjp.dll
C:\WINDOWS.2\system32\twxEgfii.ini2
C:\WINDOWS.2\system32\uashqusk.dll
C:\WINDOWS.2\system32\uavxrgxr.dll
C:\WINDOWS.2\system32\UCdfPqss.ini2
C:\WINDOWS.2\system32\uyqgyaer.dll
C:\WINDOWS.2\system32\vbwjysug.ini
C:\WINDOWS.2\system32\vCKTAcfe.ini2
C:\WINDOWS.2\system32\vfthuony.dll
C:\WINDOWS.2\system32\viwkknyn.ini
C:\WINDOWS.2\system32\vjnamsae.dll
C:\WINDOWS.2\system32\WaGhQXbc.ini
C:\WINDOWS.2\system32\WaGhQXbc.ini2
C:\WINDOWS.2\system32\wcbttyuk.ini
C:\WINDOWS.2\system32\wpkchecq.dll
C:\WINDOWS.2\system32\wwskoadq.dll
C:\WINDOWS.2\system32\xayacccf.ini2
C:\WINDOWS.2\system32\xHOWayay.ini
C:\WINDOWS.2\system32\xHOWayay.ini2
C:\WINDOWS.2\system32\xhwweptj.dll
C:\WINDOWS.2\system32\xidmhjqb.dll
C:\WINDOWS.2\system32\xmkxhcbr.ini
C:\WINDOWS.2\system32\xoeylxxp.ini
C:\WINDOWS.2\system32\xrwvqmha.dll
C:\WINDOWS.2\system32\ybbefMoq.ini
C:\WINDOWS.2\system32\ybbefMoq.ini2
C:\WINDOWS.2\system32\yrfypbtn.dll
C:\WINDOWS.2\system32\yulaiubl.dll
C:\WINDOWS.2\system32\yvjnwmor.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NwSapAgent

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-20 to 2008-04-20 ))))))))))))))))))))))))))))))))))))
.

2008-04-20 15:06 . 2008-04-20 15:06 <REP> d-------- C:\Documents and Settings\florent\Application Data\Malwarebytes
2008-04-19 16:55 . 2008-04-19 20:19 1,540,969 ---hs---- C:\WINDOWS.2\system32\dsomdcqe.ini
2008-04-19 13:40 . 2008-04-19 16:55 1,540,737 ---hs---- C:\WINDOWS.2\system32\bddlxtbx.ini
2008-04-18 16:32 . 2008-04-18 16:34 <REP> d-------- C:\Program Files\Panda Security
2008-04-17 18:41 . 2008-04-18 19:38 1,542,465 ---hs---- C:\WINDOWS.2\system32\tcuwfukm.ini
2008-04-17 13:10 . 2008-04-17 16:18 1,528,970 ---hs---- C:\WINDOWS.2\system32\vsearrdr.ini
2008-04-17 03:21 . 2008-04-17 13:09 1,524,476 ---hs---- C:\WINDOWS.2\system32\siyqchrs.ini
2008-04-17 03:12 . 2008-04-17 03:12 1,524,184 ---hs---- C:\WINDOWS.2\system32\bjukkjrt.ini
2008-04-17 00:24 . 2008-04-17 00:24 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Martau
2008-04-17 00:23 . 2008-04-17 00:23 <REP> d-------- C:\Program Files\Total Uninstall 4
2008-04-16 21:30 . 2008-04-16 21:30 <REP> d-------- C:\Program Files\AxBx
2008-04-16 21:07 . 2008-04-17 01:24 1,524,708 ---hs---- C:\WINDOWS.2\system32\aducujlo.ini
2008-04-16 14:01 . 2008-04-16 16:49 1,557,971 ---hs---- C:\WINDOWS.2\system32\bpgctnuw.ini
2008-04-16 00:55 . 2008-04-17 03:14 56 --a------ C:\WINDOWS.2\yesmessenger.ini
2008-04-16 00:54 . 2007-11-26 13:46 316 --a------ C:\WINDOWS.2\yes_messenger.ini
2008-04-16 00:53 . 2008-04-16 00:54 <REP> d-------- C:\Program Files\YesMessenger
2008-04-16 00:29 . 2008-04-16 00:55 1,603,177 ---hs---- C:\WINDOWS.2\system32\tvhngnev.ini
2008-04-15 19:56 . 2008-04-16 00:16 1,600,661 ---hs---- C:\WINDOWS.2\system32\bhggalxp.ini
2008-04-15 18:31 . 2008-04-15 19:53 1,600,429 ---hs---- C:\WINDOWS.2\system32\rpqxvjmq.ini
2008-04-13 23:03 . 2008-04-13 23:03 315,808 --a------ C:\WINDOWS.2\system32\tuvWqQjg.dll
2008-04-11 20:08 . 2008-04-11 20:21 1,374 --a------ C:\WINDOWS.2\imsins.BAK
2008-04-11 16:07 . 2008-04-20 14:39 109,107 --a------ C:\WINDOWS.2\BMcb8d9233.xml
2008-04-11 03:25 . 2008-04-11 03:26 <REP> d-------- C:\ComboFix[1]
2008-04-11 02:53 . 2008-04-11 02:53 315,600 --a------ C:\WINDOWS.2\system32\ljJBqpoN.dll
2008-04-11 01:47 . 2008-04-11 01:47 <REP> d-------- C:\_OTMoveIt
2008-04-11 01:34 . 2008-04-11 01:34 315,600 --a------ C:\WINDOWS.2\system32\yayaWOHx.dll
2008-04-10 23:56 . 2008-04-10 23:56 315,600 --a------ C:\WINDOWS.2\system32\nnnnMGWq.dll
2008-04-10 01:45 . 2008-04-10 01:45 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-10 01:45 . 2008-04-10 01:45 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Malwarebytes
2008-04-09 00:46 . 2008-04-09 00:46 <REP> d-------- C:\Program Files\Trend Micro
2008-04-08 20:14 . 2008-04-08 20:14 <REP> d-------- C:\Program Files\jv16 PowerTools 2008
2008-04-08 20:14 . 2008-04-08 20:14 23 --a------ C:\WINDOWS.2\system32\ebddbd6_z.ocx
2008-04-08 20:14 . 2008-04-08 20:14 23 --ahs---- C:\WINDOWS.2\system32\acbffdbdd_z.dll
2008-04-08 18:29 . 2008-04-16 21:26 <REP> d-------- C:\Program Files\Registry Easy
2008-04-08 17:03 . 2008-04-08 17:03 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Grisoft
2008-04-08 13:04 . 2008-04-08 13:10 594,503 --a------ C:\318304_FRA_i386_zip8avril.exe
2008-04-08 13:00 . 2008-04-01 17:48 509,832 --a------ C:\WindowsXP-KB939780-v2-x86-FRA.exe
2008-04-08 00:08 . 2008-04-08 00:08 8,161,400 --a------ C:\Windows-KB890830-V1.39.exe
2008-04-07 22:47 . 2008-04-07 22:47 <REP> d-------- C:\Program Files\Uniblue
2008-04-06 21:52 . 2008-04-06 21:52 3,097 --a------ C:\WINDOWS.2\system32\spupdsvc.inf
2008-04-06 21:49 . 2004-08-19 16:10 848,384 --------- C:\WINDOWS.2\system32\ir41_32.ax
2008-04-06 21:49 . 2004-08-19 16:09 755,200 --------- C:\WINDOWS.2\system32\ir50_32.dll
2008-04-06 21:49 . 2004-08-19 16:09 338,432 --------- C:\WINDOWS.2\system32\ir41_qcx.dll
2008-04-06 21:49 . 2004-08-19 16:09 200,192 --------- C:\WINDOWS.2\system32\ir50_qc.dll
2008-04-06 21:49 . 2004-08-19 16:10 199,680 --------- C:\WINDOWS.2\system32\iac25_32.ax
2008-04-06 21:49 . 2004-08-19 16:09 183,808 --------- C:\WINDOWS.2\system32\ir50_qcx.dll
2008-04-06 21:49 . 2004-08-19 16:09 120,320 --------- C:\WINDOWS.2\system32\ir41_qc.dll
2008-04-06 21:47 . 2004-07-17 11:40 19,528 --a------ C:\WINDOWS.2\000001_.tmp
2008-04-06 15:41 . 2008-04-06 15:41 <REP> d-------- C:\Program Files\CCleaner
2008-04-04 21:29 . 2008-04-04 21:29 12,236 --a------ C:\WINDOWS.2\system32\cbXRLeBq.dll
2008-04-04 20:43 . 2008-04-04 20:43 <REP> d-------- C:\Program Files\Unlocker
2008-04-04 19:08 . 2008-04-04 19:08 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-04 05:33 . 2008-04-04 05:33 <REP> d-------- C:\lj281
2008-04-04 00:36 . 2008-04-04 00:36 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Kaspersky Lab Setup Files
2008-04-03 21:26 . 2008-04-04 00:38 <REP> d-------- C:\Program Files\Defenza
2008-04-03 21:26 . 1996-08-20 21:37 15,840 --a------ C:\WINDOWS.2\system32\Machnm1.exe
2008-04-03 21:26 . 2005-09-25 17:37 5,632 --a------ C:\WINDOWS.2\system32\Machnm64.sys
2008-04-03 21:26 . 2008-04-03 21:26 3,120 --a------ C:\WINDOWS.2\system32\118290.54
2008-04-03 21:26 . 2008-04-03 21:26 3,120 --a------ C:\WINDOWS.2\118294.78
2008-04-03 21:26 . 2003-08-13 01:27 2,304 --a------ C:\WINDOWS.2\system32\Machnm32.sys
2008-04-03 21:18 . 2008-04-09 12:52 664 --a------ C:\WINDOWS.2\system32\d3d9caps.dat
2008-04-03 04:36 . 2008-04-03 04:36 54,156 --ah----- C:\WINDOWS.2\QTFont.qfn
2008-04-03 04:36 . 2008-04-03 04:36 1,409 --a------ C:\WINDOWS.2\QTFont.for
2008-04-03 03:23 . 2008-04-03 20:42 <REP> d-------- C:\Program Files\iGraal
2008-04-02 23:46 . 2008-04-04 18:41 <REP> d-------- C:\Program Files\RegCleaner
2008-04-02 13:59 . 2008-04-03 17:34 <REP> d-------- C:\WINDOWS.2\BDOSCAN8
2008-04-01 00:46 . 2008-04-01 00:46 <REP> d-------- C:\Documents and Settings\Propriétaire
2008-04-01 00:46 . <REP> C:\Documents and Settings\PropriÚtaire\Bureau
2008-04-01 00:46 . <REP> C:\Documents and Settings\PropriÚtaire\Bureau
2008-04-01 00:46 . 2005-08-22 14:41 316,416 --a------ C:\vx2cleaner.dlx
2008-04-01 00:46 . 2005-08-22 14:41 29,636 --a------ C:\vx2cleaner.chm
2008-04-01 00:42 . 2008-04-01 00:42 <REP> d-------- C:\Program Files\Lavasoft
2008-03-28 23:02 . 2001-08-02 18:36 151,552 -ra------ C:\WINDOWS.2\system32\ptsetup.dll
2008-03-28 23:02 . 2001-08-02 18:36 122,880 -ra------ C:\WINDOWS.2\system32\ptuninst.exe
2008-03-28 22:59 . 2001-08-17 16:31 117,503 --a------ C:\WINDOWS.2\system32\drivers\ptserial.sys
2008-03-28 22:38 . 2008-03-28 22:38 <REP> d-------- C:\Program Files\VIA
2008-03-28 22:38 . 2005-04-13 16:54 331,184 --------- C:\WINDOWS.2\system32\difxapi.dll
2008-03-28 22:36 . 2008-03-28 22:36 524,288 --a------ C:\via_pata_sata_+ide_v160a(20061101140444).zip
2008-03-28 22:11 . 2006-10-17 21:22 9,216 --a------ C:\WINDOWS.2\system32\drivers\videX32.sys
2008-03-28 21:17 . 2006-05-03 12:57 520,192 --------- C:\WINDOWS.2\system32\ati2sgag.exe
2008-03-28 21:13 . 2008-03-28 21:13 <REP> d-------- C:\ATI
2008-03-28 21:03 . 2008-03-28 21:03 199,066 --a------ C:\6A6LMM45.ZIP
2008-03-26 18:26 . 2008-03-26 18:27 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS.2\Application Data\MGS
2008-03-26 18:24 . 2008-03-26 18:24 <REP> d-------- C:\WINDOWS.2\system32\FlashAX
2008-03-25 02:40 . 2008-03-25 03:30 <REP> d-------- C:\Program Files\Call of Duty Single Player Demo
2008-03-24 15:58 . 2005-05-26 16:34 2,297,552 --a------ C:\WINDOWS.2\system32\d3dx9_26.dll
2008-03-24 15:56 . 2008-03-24 15:56 <REP> d-------- C:\Program Files\JoWooD
2008-03-24 03:20 . 2008-03-24 03:23 <REP> d-------- C:\Program Files\AMD
2008-03-24 03:19 . 2006-06-07 15:15 29,696 --a------ C:\WINDOWS.2\system32\drivers\AmdTools.sys
2008-03-24 03:14 . 2008-04-06 15:48 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-03-24 03:11 . 2008-03-24 03:11 <REP> d-------- C:\Program Files\AMDAGP
2008-03-24 02:59 . 2008-03-24 02:59 <REP> d-------- C:\Program Files\DIFX
2008-03-24 02:40 . 2008-03-24 02:40 23,600 --a------ C:\WINDOWS.2\system32\drivers\TVICHW32.SYS
2008-03-23 19:02 . 2008-04-20 21:52 13 --a------ C:\WINDOWS.2\system32\ANIWZCSUSERNAME{8D3DF001-96B2-4957-BF8A-EE4A008AA0B6}
2008-03-23 02:54 . 2008-03-23 02:54 <REP> d-------- C:\Program Files\Barb Sect Mapi
2008-03-23 01:15 . 2008-03-23 01:15 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Downloaded Installations
2008-03-23 01:14 . 2006-10-04 16:06 1,197,294 -----c--- C:\WINDOWS.2\system32\dllcache\sysmain.sdb
2008-03-23 01:14 . 2006-10-04 16:06 764,868 -----c--- C:\WINDOWS.2\system32\dllcache\apph_sp.sdb
2008-03-23 01:14 . 2006-10-04 16:06 217,118 -----c--- C:\WINDOWS.2\system32\dllcache\apphelp.sdb
2008-03-23 01:12 . 2008-03-23 01:12 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-03-23 01:09 . 2008-03-23 01:09 <REP> d-------- C:\WINDOWS.2\system32\LogFiles
2008-03-23 01:09 . 2008-03-23 01:11 <REP> d-------- C:\WINDOWS.2\system32\drivers\UMDF
2008-03-23 00:58 . 2008-03-23 11:43 <REP> d-------- C:\Documents and Settings\florent\Contacts
2008-03-23 00:21 . 2008-03-23 00:21 <REP> d-------- C:\Documents and Settings\florent\Application Data\Barb Sect Mapi
2008-03-23 00:21 . 2008-03-23 02:54 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Mapi Meta Book Bits
2008-03-22 21:39 . 2008-03-22 21:39 1,180,160 --a------ C:\WINDOWS.2\system32\crashlog.tar
2008-03-22 19:47 . 2007-07-30 20:19 271,224 --a------ C:\WINDOWS.2\system32\mucltui.dll
2008-03-22 19:47 . 2007-07-30 20:19 207,736 --a------ C:\WINDOWS.2\system32\muweb.dll
2008-03-22 19:47 . 2007-07-30 20:18 30,072 --a------ C:\WINDOWS.2\system32\mucltui.dll.mui
2008-03-22 19:38 . 2008-03-22 19:38 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-03-22 19:36 . 2008-03-22 19:40 <REP> d-------- C:\Program Files\Windows Live
2008-03-22 19:35 . 2008-03-22 19:35 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS.2\Application Data\WLInstaller
2008-03-22 19:07 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS.2\system32\dllcache\ieframe.dll
2008-03-22 19:07 . 2007-07-01 05:31 2,455,488 -----c--- C:\WINDOWS.2\system32\dllcache\ieapfltr.dat
2008-03-22 19:07 . 2007-07-01 05:36 1,048,576 -----c--- C:\WINDOWS.2\system32\dllcache\ieframe.dll.mui
2008-03-22 19:07 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS.2\system32\dllcache\msfeeds.dll
2008-03-22 19:07 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS.2\system32\dllcache\ieapfltr.dll
2008-03-22 19:07 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS.2\system32\dllcache\iertutil.dll
2008-03-22 19:07 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS.2\system32\dllcache\icardie.dll
2008-03-22 19:07 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS.2\system32\dllcache\msfeedsbs.dll
2008-03-22 19:07 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS.2\system32\dllcache\ieudinit.exe
2008-03-22 19:05 . 2008-03-22 19:11 <REP> d-------- C:\WINDOWS.2\system32\fr-fr
2008-03-22 18:33 . 2008-03-22 18:33 <REP> d-------- C:\Program Files\MSXML 4.0
2008-03-22 18:11 . 2007-07-09 15:11 584,192 -----c--- C:\WINDOWS.2\system32\dllcache\rpcrt4.dll
2008-03-22 17:55 . 2007-07-30 20:19 38,232 --a------ C:\WINDOWS.2\system32\wucltui.dll.mui

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-20 17:54 --------- d-----w C:\Program Files\eMule
2008-04-18 10:32 428 ----a-w C:\WINDOWS.2\system32\drivers\fwdrv.err
2008-04-16 22:29 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-04-16 22:29 --------- d-----w C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Symantec
2008-04-13 16:20 --------- d-----w C:\Program Files\OpenOffice.org1.1.3
2008-04-09 23:44 --------- d-----w C:\Program Files\Common Files
2008-04-04 19:05 --------- d-----w C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Spybot - Search & Destroy
2008-04-03 22:38 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-03 21:45 --------- d-----w C:\Program Files\InterActual
2008-04-03 19:25 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-04-01 00:30 262,144 ----a-w C:\ntuser.dat
2008-03-28 21:54 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-03-23 12:16 --------- d-----w C:\Program Files\Norton AntiVirus
2008-03-23 11:29 --------- d-----w C:\Program Files\eFax Messenger Plus 3.2
2008-03-23 10:30 --------- d-----w C:\Program Files\ClockSync
2008-03-23 10:10 --------- d-----w C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Morefirstproxyloud
2008-03-22 23:22 --------- d-----w C:\Program Files\Yahoo!
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS.2\system32\win32k.sys
2008-03-03 20:46 --------- d-----w C:\Program Files\Fichiers communs\FotoWire
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS.2\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS.2\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS.2\system32\dnsrslvr.dll
.

((((((((((((((((((((((((((((( snapshot_2008-04-14_18.28.14.20 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-14 16:09:56 2,048 --s-a-w C:\WINDOWS.2\bootstat.dat
+ 2008-04-20 19:47:19 2,048 --s-a-w C:\WINDOWS.2\bootstat.dat
+ 2008-03-25 16:13:04 124,208 ----a-w C:\WINDOWS.2\Downloaded Program Files\as2stubie.dll
+ 2007-07-18 11:49:56 12,592 ----a-w C:\WINDOWS.2\Downloaded Program Files\libcomm.dll
+ 2008-04-20 19:47:35 16,384 ----atw C:\WINDOWS.2\Temp\Perflib_Perfdata_648.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B23457DA-58C8-415E-855E-3F7B56C0540E}]
C:\WINDOWS.2\system32\qoMghhhH.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS.2\system32\ctfmon.exe" [2004-08-20 01:09 15360]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\ypager.exe" [ ]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-25 01:20 401491]
"EPSON Stylus C40 Series"="C:\WINDOWS.2\System32\spool\DRIVERS\W32X86\3\E_A10IC2.exe" [2001-10-04 03:01 69632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-08-03 00:34 180269]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe" [2005-03-04 03:36 36975]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17 159744]
"PCTVOICE"="pctspk.exe" [2001-08-02 18:37 155648 C:\WINDOWS.2\system32\pctspk.exe]
"NeroFilterCheck"="C:\WINDOWS.2\system32\NeroCheck.exe" [2001-08-06 20:03 155648]
"NeroCheck"="C:\WINDOWS.2\System32\NeroCheck.exe" [2001-08-06 20:03 155648]
"HydarVisionDesktopManager"="" []
"ezShieldProtector for Px"="C:\WINDOWS.2\system32\ezSP_Px.exe" [2002-08-20 10:29 40960]
"D-Link Wireless G WUA-1340"="C:\Program Files\D-Link\Wireless G WUA-1340\AirGCFG.exe" [2007-08-27 17:25 1662976]
"D-Link D-Link Wireless G DWA-110"="C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe" [2007-05-04 11:26 1662976]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2003-11-10 15:30 70816]
"AtiPTA"="atiptaxx.exe" [2001-09-14 19:15 245760 C:\WINDOWS.2\system32\atiptaxx.exe]
"ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 12:49 49152]
"Motive SmartBridge"="C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe" [2005-02-24 15:01 397312]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-01-04 23:53 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-06-14 17:24 278528]
"RegistryMechanic"="" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS.2\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
"Zone Alarm"="vsmon.exe" []
"ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS.2^Menu Démarrer^Programmes^Démarrage^Activer l'ensemble clavier et souris sans fil Labtec.lnk]
path=C:\Documents and Settings\All Users.WINDOWS.2\Menu Démarrer\Programmes\Démarrage\Activer l'ensemble clavier et souris sans fil Labtec.lnk
backup=C:\WINDOWS.2\pss\Activer l'ensemble clavier et souris sans fil Labtec.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS.2^Menu Démarrer^Programmes^Démarrage^eFax Menu Temps Réel 3.2.lnk]
path=C:\Documents and Settings\All Users.WINDOWS.2\Menu Démarrer\Programmes\Démarrage\eFax Menu Temps Réel 3.2.lnk
backup=C:\WINDOWS.2\pss\eFax Menu Temps Réel 3.2.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS.2^Menu Démarrer^Programmes^Démarrage^eFax Tray Menu 3.2.lnk]
path=C:\Documents and Settings\All Users.WINDOWS.2\Menu Démarrer\Programmes\Démarrage\eFax Tray Menu 3.2.lnk
backup=C:\WINDOWS.2\pss\eFax Tray Menu 3.2.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS.2^Menu Démarrer^Programmes^Démarrage^EPSON Status Monitor 3 Environment Check 2.lnk]
path=C:\Documents and Settings\All Users.WINDOWS.2\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check 2.lnk
backup=C:\WINDOWS.2\pss\EPSON Status Monitor 3 Environment Check 2.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS.2^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
path=C:\Documents and Settings\All Users.WINDOWS.2\Menu Démarrer\Programmes\Démarrage\InterVideo WinCinema Manager.lnk
backup=C:\WINDOWS.2\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS.2^Menu Démarrer^Programmes^Démarrage^Mon Assistant Internet.lnk]
path=C:\Documents and Settings\All Users.WINDOWS.2\Menu Démarrer\Programmes\Démarrage\Mon Assistant Internet.lnk
backup=C:\WINDOWS.2\pss\Mon Assistant Internet.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^dBpowerAMP.lnk]
path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\dBpowerAMP.lnk
backup=C:\WINDOWS.2\pss\dBpowerAMP.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 1.1.3.lnk]
path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 1.1.3.lnk
backup=C:\WINDOWS.2\pss\OpenOffice.org 1.1.3.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^YesMessenger.lnk]
path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\YesMessenger.lnk
backup=C:\WINDOWS.2\pss\YesMessenger.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\Program Files]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\Program Files\Communaute]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\Program Files\Communaute\Affection]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\Program Files\Communaute\Affection\allo.exe]
--a------ 2005-03-28 09:25 2373120 C:\Program Files\Communaute\Affection\allo.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\Program Files\Gnetwork]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\Program Files\Gnetwork\P2P]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\Program Files\Gnetwork\P2P\wincg.exe]
--a------ 2005-03-28 09:26 2267648 C:\Program Files\Gnetwork\P2P\wincg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster 2 d’Uniblue ]
--a------ 2007-11-21 17:07 1902592 C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryEasy.exe]
--a------ 2008-02-21 15:18 4057088 C:\Program Files\Registry Easy\RegistryEasy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2005-12-09 08:30 35328 C:\Program Files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE"=
"C:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\eMule\\emule.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17564:TCP"= 17564:TCP:NortonAV
"12355:TCP"= 12355:TCP:NortonAV
"14038:TCP"= 14038:TCP:NortonAV
"17709:TCP"= 17709:TCP:NortonAV
"14384:TCP"= 14384:TCP:NortonAV
"14831:TCP"= 14831:TCP:NortonAV

R0 videX32;videX32;C:\WINDOWS.2\system32\DRIVERS\videX32.sys [2006-10-17 21:22]
R1 aswSP;avast! Self Protection;C:\WINDOWS.2\system32\drivers\aswSP.sys [2008-03-29 19:31]
R1 fwdrv;Firewall Driver;C:\WINDOWS.2\system32\drivers\fwdrv.sys [2004-09-01 14:08]
R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS.2\system32\drivers\kbfilter.sys [2003-03-27 13:55]
R1 moufiltr;Mouse Filter Driver;C:\WINDOWS.2\system32\drivers\moufiltr.sys [2003-01-23 14:29]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS.2\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 CINEMSUP;Software Cinemaster NT4.0 Driver;C:\WINDOWS.2\system32\DRIVERS\CINEMSUP.SYS [1999-09-20 11:05]
R3 amdtools;AMD Special Tools Driver;C:\WINDOWS.2\system32\DRIVERS\amdtools.sys [2006-06-07 15:15]
S2 Ndiskio;Ndiskio;C:\NORMAN\Nvc\NSE\NDISKIO.SYS []
S2 Pctspk;PCTEL Speaker Phone;C:\WINDOWS.2\system32\pctspk.exe [2001-08-02 18:37]
S3 ATICDSDr;ATICDSDr;C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\ATICDSDr.sys []
S3 nvcfsr;nvcfsr;C:\NORMAN\Nvc\BIN\nvcfsr.sys []
S3 nvcoafl51;nvcoafl51;C:\NORMAN\Nvc\BIN\nvcoafl51.sys []
S3 nvcoaft51;nvcoaft51;C:\NORMAN\Nvc\BIN\nvcoaft51.sys []
S3 nvcoarc51;nvcoarc51;C:\NORMAN\Nvc\BIN\nvcoarc51.sys []
S3 nvcoas;Norman Virus Control on-access component;C:\NORMAN\Nvc\BIN\nvcoas.exe []
S3 NVCScheduler;Norman Virus Control Scheduler;C:\NORMAN\Nvc\BIN\NVCSCHED.EXE []
S3 Ptserlp;PCTEL Serial Device Driver for PCI;C:\WINDOWS.2\system32\DRIVERS\ptserlp.sys [2001-08-17 22:28]
S3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys []

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-04-20 20:00:00 C:\WINDOWS.2\Tasks\ABC00328918BBFC0.job"
- c:\docume~1\florent\applic~1\barbse~1\site wipe coal.exe
"2008-04-18 14:00:13 C:\WINDOWS.2\Tasks\{7D2635DE-C3C6-4B06-AD2C-509DA8E37C90}_TRISTANI-GRJVPJ_Propriétaire.job"

ComboFix 08-04-20.2 - Propriétaire 2008-04-20 21:36:15.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.49 [GMT 2:00]
Endroit: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\#SharedObjects\QASFKFJD\iforex.com
C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\#SharedObjects\QASFKFJD\iforex.com\Emerp\Events\flash_object.swf\user_data.sol
C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com
C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com\settings.sol
C:\WINDOWS.2\cookies.ini
C:\WINDOWS.2\pskt.ini
C:\WINDOWS.2\system32\ajjqcucc.dll
C:\WINDOWS.2\system32\aqwfimkt.dll
C:\WINDOWS.2\system32\bhpdhqpo.dll
C:\WINDOWS.2\system32\cblnekfg.dll
C:\WINDOWS.2\system32\cqkyrwyv.dll
C:\WINDOWS.2\system32\csltuqqs.dll
C:\WINDOWS.2\system32\cyexiver.dll
C:\WINDOWS.2\system32\dlopnxuc.dll
C:\WINDOWS.2\system32\egwyrtkd.dll
C:\WINDOWS.2\system32\epgvneuj.dll
C:\WINDOWS.2\system32\exktahpu.dll
C:\WINDOWS.2\system32\fgddifoa.dll
C:\WINDOWS.2\system32\gikcwycd.dll
C:\WINDOWS.2\system32\hbxgjnyq.dll
C:\WINDOWS.2\system32\iggftock.dll
C:\WINDOWS.2\system32\iuhmtobf.dll
C:\WINDOWS.2\system32\iuttomvi.dll
C:\WINDOWS.2\system32\iwqqpsak.ini
C:\WINDOWS.2\system32\iwrofrwo.dll
C:\WINDOWS.2\system32\jxhbpiql.dll
C:\WINDOWS.2\system32\kaekvqud.dll
C:\WINDOWS.2\system32\laxbnmvc.ini
C:\WINDOWS.2\system32\lbyiwahp.dll
C:\WINDOWS.2\system32\liqehldo.dll
C:\WINDOWS.2\system32\mcrh.tmp
C:\WINDOWS.2\system32\mcsfdnts.dll
C:\WINDOWS.2\system32\mihkwgnl.ini
C:\WINDOWS.2\system32\mncaetev.dll
C:\WINDOWS.2\system32\mohmyqsl.dll
C:\WINDOWS.2\system32\msftpsjq.dll
C:\WINDOWS.2\system32\odwqqhlk.dll
C:\WINDOWS.2\system32\ontslymr.dll
C:\WINDOWS.2\system32\phupmews.dll
C:\WINDOWS.2\system32\qepjyosf.dll
C:\WINDOWS.2\system32\qlbdpquc.dll
C:\WINDOWS.2\system32\qqdiarox.dll
C:\WINDOWS.2\system32\rfmsmpkh.dll
C:\WINDOWS.2\system32\rqcebrya.dll
C:\WINDOWS.2\system32\rstllder.dll
C:\WINDOWS.2\system32\rvkrtusy.dll
C:\WINDOWS.2\system32\rysrvunt.dll
C:\WINDOWS.2\system32\stdkhdrh.dll
C:\WINDOWS.2\system32\trxvhkqj.dll
C:\WINDOWS.2\system32\tsbalftw.dll
C:\WINDOWS.2\system32\usdorxhk.dll
C:\WINDOWS.2\system32\veblyjku.dll
C:\WINDOWS.2\system32\vgevgxui.dll
C:\WINDOWS.2\system32\vrkxcssb.dll
C:\WINDOWS.2\system32\vuuphdpv.dll
C:\WINDOWS.2\system32\vwddwsrh.dll
C:\WINDOWS.2\system32\wagvbydd.dll
C:\WINDOWS.2\system32\wedgrxjr.dll
C:\WINDOWS.2\system32\yhgcvmrh.dll
C:\WINDOWS.2\system32\yqgsuqui.dll
.
---- Previous Run -------
.
C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\#SharedObjects\QASFKFJD\iforex.com
C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\#SharedObjects\QASFKFJD\iforex.com\Emerp\Events\flash_object.swf\user_data.sol
C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com
C:\Documents and Settings\Propriétaire\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com\settings.sol
C:\Program Files\purityscan
C:\WINDOWS.2\BMcb8d9233.xml
C:\WINDOWS.2\cookies.ini
C:\WINDOWS.2\Downloaded Program Files\setup.inf
C:\WINDOWS.2\pskt.ini
C:\WINDOWS.2\system32\acwtanlc.dll
C:\WINDOWS.2\system32\aupcrirj.dll
C:\WINDOWS.2\system32\axyuhpna.dll
C:\WINDOWS.2\system32\aydrbfrr.ini
C:\WINDOWS.2\system32\bblnwbjy.dll
C:\WINDOWS.2\system32\Bdcdefii.ini
C:\WINDOWS.2\system32\Bdcdefii.ini2
C:\WINDOWS.2\system32\bilujhxx.dll
C:\WINDOWS.2\system32\bqlndeka.ini
C:\WINDOWS.2\system32\bxxnvvof.dll
C:\WINDOWS.2\system32\byspkkub.ini
C:\WINDOWS.2\system32\cpccdydj.dll
C:\WINDOWS.2\system32\cqvdyiuw.dll
C:\WINDOWS.2\system32\cugqcqkq.dll
C:\WINDOWS.2\system32\DeeggMoq.ini
C:\WINDOWS.2\system32\DeeggMoq.ini2
C:\WINDOWS.2\system32\dhpalifi.dll
C:\WINDOWS.2\system32\dlqgpwwi.dll
C:\WINDOWS.2\system32\dqhbjule.ini
C:\WINDOWS.2\system32\drivers\downld
C:\WINDOWS.2\system32\eaqaawby.dll
C:\WINDOWS.2\system32\edrvowjq.ini
C:\WINDOWS.2\system32\efrrjcmf.ini
C:\WINDOWS.2\system32\efyqxubp.ini
C:\WINDOWS.2\system32\ehtfuvgi.dll
C:\WINDOWS.2\system32\eogqswkj.dll
C:\WINDOWS.2\system32\fbcvwrbw.ini
C:\WINDOWS.2\system32\fmcjrrfe.dll
C:\WINDOWS.2\system32\fttqukfo.dll
C:\WINDOWS.2\system32\fwcantov.dll
C:\WINDOWS.2\system32\gcpxdxfe.dll
C:\WINDOWS.2\system32\gjQqWvut.ini
C:\WINDOWS.2\system32\gjQqWvut.ini2
C:\WINDOWS.2\system32\glabcepe.dll
C:\WINDOWS.2\system32\gtnnakmj.dll
C:\WINDOWS.2\system32\havnbjay.dll
C:\WINDOWS.2\system32\henottfm.dll
C:\WINDOWS.2\system32\hjfhwktx.dll
C:\WINDOWS.2\system32\hjtqobha.ini
C:\WINDOWS.2\system32\igvufthe.ini
C:\WINDOWS.2\system32\iRAayccf.ini
C:\WINDOWS.2\system32\iRAayccf.ini2
C:\WINDOWS.2\system32\irvfpsmn.dll
C:\WINDOWS.2\system32\ismkvvhv.dll
C:\WINDOWS.2\system32\jbiqioml.dll
C:\WINDOWS.2\system32\jchdflrf.dll
C:\WINDOWS.2\system32\JTDgfMoq.ini
C:\WINDOWS.2\system32\JTDgfMoq.ini2
C:\WINDOWS.2\system32\jvlctpot.dll
C:\WINDOWS.2\system32\keigxtof.ini
C:\WINDOWS.2\system32\kfnawone.dll
C:\WINDOWS.2\system32\KRqtCJjl.ini
C:\WINDOWS.2\system32\KRqtCJjl.ini2
C:\WINDOWS.2\system32\kuyttbcw.dll
C:\WINDOWS.2\system32\lchsedqk.dll
C:\WINDOWS.2\system32\lrkoxdtp.dll
C:\WINDOWS.2\system32\lsesfndq.dll
C:\WINDOWS.2\system32\mcrh.tmp
C:\WINDOWS.2\system32\mfttoneh.ini
C:\WINDOWS.2\system32\mkvbsonk.dll
C:\WINDOWS.2\system32\mwayhetk.dll
C:\WINDOWS.2\system32\mydlggpb.dll
C:\WINDOWS.2\system32\nemyjcad.dll
C:\WINDOWS.2\system32\nhixetbv.ini
C:\WINDOWS.2\system32\nmhirimr.ini
C:\WINDOWS.2\system32\nokjjweb.dll
C:\WINDOWS.2\system32\NopqBJjl.ini
C:\WINDOWS.2\system32\NopqBJjl.ini2
C:\WINDOWS.2\system32\nrkoxtns.dll
C:\WINDOWS.2\system32\nTtuvyxx.ini
C:\WINDOWS.2\system32\nTtuvyxx.ini2
C:\WINDOWS.2\system32\nvbweeip.dll
C:\WINDOWS.2\system32\nvvfptlt.ini
C:\WINDOWS.2\system32\nwmblouh.ini
C:\WINDOWS.2\system32\ofkuqttf.ini
C:\WINDOWS.2\system32\pbuxqyfe.dll
C:\WINDOWS.2\system32\pgjvougy.dll
C:\WINDOWS.2\system32\pjnaggut.ini
C:\WINDOWS.2\system32\PpqsDfhk.ini2
C:\WINDOWS.2\system32\pqtDgfii.ini
C:\WINDOWS.2\system32\pqtDgfii.ini2
C:\WINDOWS.2\system32\psmvrnmd.dll
C:\WINDOWS.2\system32\pwebjyds.dll
C:\WINDOWS.2\system32\qjwovrde.dll
C:\WINDOWS.2\system32\qugmikep.dll
C:\WINDOWS.2\system32\qWGMnnnn.ini
C:\WINDOWS.2\syste

Messages similaires

Dans l'actualité

Les téléchargements

Les dernières actualités

Les derniers dossiers

Messages similaires

Dans l'actualité

Les téléchargements

Les dernières actualités

Les derniers dossiers

Merci