Message Logoneui.exe au demarrage du PC

Re
######## | XP _ Suppression | #######



Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

# Double clic sur le raccourci UsbFix présent sur ton bureau

# choisi l option 2 (Suppression)

# Ton bureau disparaîtra et le pc redémarrera.

# Au redémarrage, UsbFix scannera ton pc, laisse travailler l outil.

# Ensuite post le rapport UsbFix.txt qui apparaîtra avec le bureau.

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

Voici le rapport


############################## [ UsbFix V3.017 # Cleaning ]

# User : Administrateur (Administrateurs) # MAISON-GM3OEZC5
# Update on 06/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 14:59:42 | 09/05/2009

# Mobile Intel(R) Pentium(R) 4 - M CPU 1.80GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 1
# Internet Explorer 6.0.2800.1106
# Windows Firewall Status : Not defined.

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 14,65 Go (307,57 Mo free) [SYSTEM] # NTFS
# D:\ # Disque fixe local # 13,29 Go (12,03 Go free) [MULTIMEDIA] # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque amovible # 970,72 Mo (312,38 Mo free) # FAT

############################## [ Processus actifs ]

C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\windows\System32\alg.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\windows\System32\svchost.exe
C:\windows\System32\wuauclt.exe
C:\windows\System32\KB905474\wgasetup.exe
C:\windows\Explorer.exe
C:\windows\System32\KB905474\wgasetup.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

################## [ Fichiers # Dossiers infectieux ]

Deleted ! C:\windows\system32\autorun.ini
C:\autorun.inf # -> fichier appelé : "C:\logoneui.exe" ( absent ! )
Deleted ! C:\autorun.inf
D:\autorun.inf # -> fichier appelé : "D:\logoneui.exe" ( absent ! )
Deleted ! D:\autorun.inf
F:\autorun.inf # -> fichier appelé : "F:\luk1ylq.com" ( absent ! )
Deleted ! F:\autorun.inf

################## [ Registre # Clés Run infectieuses ]


################## [ Registre # Mountpoints2 ]

# -> Not Found !

################## [ Listing des fichiers présent ]

[26/03/2007 17:03|--a------|0] - C:\AUTOEXEC.BAT
[02/10/2001 20:17|-rahs----|4952] - C:\Bootfont.bin
[01/12/2007 16:44|--a------|227090] - C:\clean.zip
[26/03/2007 17:03|--a------|0] - C:\CONFIG.SYS
[24/02/2009 12:19|--a------|7022064] - C:\DJVUCNTL_61_FR.EXE
[16/02/2005 12:06|--a------|218112] - C:\HijackThis.exe
[09/05/2009 13:11|--a------|6010] - C:\hijackthis.log
[01/12/2007 16:35|--a------|212849] - C:\hijackthis.zip
[26/03/2007 17:03|-rahs----|0] - C:\IO.SYS
[26/03/2007 17:03|-rahs----|0] - C:\MSDOS.SYS
[28/08/2002 22:08|-rahs----|47580] - C:\NTDETECT.COM
[29/08/2002 02:05|-rahs----|235824] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[14/04/2009 20:06|--ah-----|268] - C:\sqmdata00.sqm
[14/04/2009 20:06|--ah-----|148] - C:\sqmdata01.sqm
[29/04/2009 18:54|--ah-----|268] - C:\sqmdata02.sqm
[29/04/2009 20:42|--ah-----|268] - C:\sqmdata03.sqm
[29/04/2009 22:56|--ah-----|268] - C:\sqmdata04.sqm
[30/04/2009 08:36|--ah-----|268] - C:\sqmdata05.sqm
[09/05/2009 01:26|--ah-----|268] - C:\sqmdata06.sqm
[09/05/2009 12:31|--ah-----|268] - C:\sqmdata07.sqm
[09/01/2009 11:34|--ah-----|268] - C:\sqmdata08.sqm
[07/02/2009 20:46|--ah-----|268] - C:\sqmdata09.sqm
[07/02/2009 22:06|--ah-----|268] - C:\sqmdata10.sqm
[09/02/2009 14:28|--ah-----|268] - C:\sqmdata11.sqm
[09/02/2009 19:48|--ah-----|268] - C:\sqmdata12.sqm
[09/02/2009 19:51|--ah-----|268] - C:\sqmdata13.sqm
[09/02/2009 21:23|--ah-----|268] - C:\sqmdata14.sqm
[18/03/2009 21:39|--ah-----|268] - C:\sqmdata15.sqm
[20/03/2009 00:07|--ah-----|268] - C:\sqmdata16.sqm
[21/03/2009 23:16|--ah-----|268] - C:\sqmdata17.sqm
[24/03/2009 15:50|--ah-----|268] - C:\sqmdata18.sqm
[25/03/2009 17:10|--ah-----|268] - C:\sqmdata19.sqm
[14/04/2009 20:06|--ah-----|136] - C:\sqmnoopt00.sqm
[29/04/2009 18:54|--ah-----|244] - C:\sqmnoopt01.sqm
[29/04/2009 20:42|--ah-----|244] - C:\sqmnoopt02.sqm
[29/04/2009 22:56|--ah-----|244] - C:\sqmnoopt03.sqm
[30/04/2009 08:36|--ah-----|244] - C:\sqmnoopt04.sqm
[09/05/2009 01:26|--ah-----|244] - C:\sqmnoopt05.sqm
[09/05/2009 12:31|--ah-----|244] - C:\sqmnoopt06.sqm
[09/01/2009 10:59|--ah-----|244] - C:\sqmnoopt07.sqm
[09/01/2009 11:34|--ah-----|244] - C:\sqmnoopt08.sqm
[07/02/2009 20:46|--ah-----|244] - C:\sqmnoopt09.sqm
[07/02/2009 22:06|--ah-----|244] - C:\sqmnoopt10.sqm
[09/02/2009 14:28|--ah-----|244] - C:\sqmnoopt11.sqm
[09/02/2009 19:48|--ah-----|244] - C:\sqmnoopt12.sqm
[09/02/2009 19:51|--ah-----|244] - C:\sqmnoopt13.sqm
[09/02/2009 21:23|--ah-----|244] - C:\sqmnoopt14.sqm
[18/03/2009 21:39|--ah-----|244] - C:\sqmnoopt15.sqm
[20/03/2009 00:07|--ah-----|244] - C:\sqmnoopt16.sqm
[21/03/2009 23:16|--ah-----|244] - C:\sqmnoopt17.sqm
[24/03/2009 15:50|--ah-----|244] - C:\sqmnoopt18.sqm
[25/03/2009 17:10|--ah-----|244] - C:\sqmnoopt19.sqm
[09/05/2009 15:03|--a------|4902] - C:\UsbFix.txt
[12/10/2006 14:37|--a------|916325312] - D:\DJANGO.MPG
[30/03/2007 17:20|--a------|662077] - D:\modem.zip
[15/03/2008 16:57|--a------|23886] - F:\Formulaire_Concours_Internat_2007.pdf
[24/04/2009 15:30|--a------|81408] - F:\CV_Abdenour DALI.doc
[22/01/2009 15:26|--a------|1851544] - F:\install_flash_player.exe
[03/12/2002 17:13|--a------|51218] - F:\document03183.jpg
[03/12/2002 17:11|--a------|264884] - F:\document01181.jpg
[29/01/2009 22:49|--a------|413865] - F:\document02182.jpg
[30/01/2009 00:38|--a------|1572352] - F:\Frottis_sanguin.ppt
[12/04/2009 23:35|--a------|583680] - F:\cellules-immunitaires.ppt
[22/01/2009 16:19|--a------|11174] - F:\frottis.htm
[22/01/2009 16:21|--a------|286433] - F:\PlancheHemato.pdf
[22/01/2009 16:23|--a------|10645] - F:\Frottis_realisation.htm
[22/01/2009 16:24|--a------|2895] - F:\frottis-sanguin.htm
[22/01/2009 16:25|--a------|15438] - F:\Frottis_observation.htm
[22/01/2009 16:27|--a------|40826] - F:\frottis-sanguin-_13214.htm
[22/01/2009 16:28|--a------|2337] - F:\frottis_sanguin.htm
[22/01/2009 16:30|--a------|849] - F:\globule.htm
[22/01/2009 16:31|--a------|22158] - F:\CellSang.html
[22/01/2009 16:51|--a------|89642] - F:\frottis-sanguin.html
[22/01/2009 16:56|--a------|65855] - F:\S66-72.PDF
[22/01/2009 17:31|--a------|25591] - F:\search.htm
[22/01/2009 17:35|--a------|951808] - F:\5_METHODES_D.doc
[22/01/2009 17:38|--a------|13479] - F:\doc-10745.html
[22/01/2009 17:53|--a------|2697216] - F:\topoAnomaliesGR.ppt
[22/01/2009 18:13|--a------|2811969] - F:\tissu-sanguin.pdf
[22/01/2009 18:16|--a------|494290] - F:\Hemogramme 2008 - 2009.pdf
[30/01/2009 00:18|--a------|24559] - F:\index.php.htm
[04/02/2009 22:05|--a------|9346838] - F:\p1_ed1.pdf
[12/02/2009 17:51|--a------|501354] - F:\BacS_SVT_2008_CapExp_Oblig_Suj34.pdf
[12/02/2009 18:36|--a------|252826] - F:\A8.pdf
[12/02/2009 19:01|--a------|1268224] - F:\3_Frottissg.ppt
[12/02/2009 19:10|--a------|4043] - F:\atlas_epit01.html
[12/02/2009 19:52|--a------|1080832] - F:\TP_sur_les_cellules_sanguines.ppt
[12/02/2009 20:37|--a------|14325] - F:\Tcir240.htm
[12/02/2009 20:38|--a------|80708] - F:\books.htm
[25/04/2009 10:04|--a------|3228] - F:\BOOTEX.LOG
[24/12/2008 14:55|--a------|121200] - F:\2eme mois du dvpt.pdf
[24/12/2008 14:54|--a------|263350] - F:\3eme sem.pdf
[24/12/2008 14:55|--a------|55248] - F:\exploration.pdf
[24/12/2008 14:45|--a------|153077] - F:\fecondation.pdf
[24/12/2008 14:51|--a------|567239] - F:\gametogenese.pdf
[24/12/2008 14:48|--a------|39327] - F:\introduction.pdf
[18/04/2009 12:19|--a------|1042342] - F:\img195.jpg
[18/04/2009 12:15|--a------|1349832] - F:\img194.jpg
[18/04/2009 12:12|--a------|1313157] - F:\img193.jpg
[18/04/2009 12:08|--a------|1625614] - F:\img192.jpg
[17/04/2009 23:49|--a------|1436598] - F:\img191.jpg
[17/04/2009 23:41|--a------|1354723] - F:\img190.jpg
[17/04/2009 23:37|--a------|1270408] - F:\img189.jpg
[05/03/2009 15:03|--a------|7608960] - F:\Respiratoire IV.pptx

################## [ Vaccination ]

# C:\autorun.inf -> Folder created by UsbFix.
# D:\autorun.inf -> Folder created by UsbFix.
# F:\autorun.inf -> Folder created by UsbFix.

################## [ Cracks / Keygens / Serials ]

# -> Nothing found !

################## [ ! Fin du rapport # UsbFix V3.017 ! ]

Re
1)Pour supprimer tous ces fichiers:
[14/04/2009 20:06|--ah-----|268] - C:\sqmdata00.sqm
[14/04/2009 20:06|--ah-----|148] - C:\sqmdata01.sqm
[29/04/2009 18:54|--ah-----|268] - C:\sqmdata02.sqm
[29/04/2009 20:42|--ah-----|268] - C:\sqmdata03.sqm
[29/04/2009 22:56|--ah-----|268] - C:\sqmdata04.sqm
[30/04/2009 08:36|--ah-----|268] - C:\sqmdata05.sqm
[09/05/2009 01:26|--ah-----|268] - C:\sqmdata06.sqm
[09/05/2009 12:31|--ah-----|268] - C:\sqmdata07.sqm
[09/01/2009 11:34|--ah-----|268] - C:\sqmdata08.sqm
[07/02/2009 20:46|--ah-----|268] - C:\sqmdata09.sqm
[07/02/2009 22:06|--ah-----|268] - C:\sqmdata10.sqm
[09/02/2009 14:28|--ah-----|268] - C:\sqmdata11.sqm
[09/02/2009 19:48|--ah-----|268] - C:\sqmdata12.sqm
[09/02/2009 19:51|--ah-----|268] - C:\sqmdata13.sqm
[09/02/2009 21:23|--ah-----|268] - C:\sqmdata14.sqm
[18/03/2009 21:39|--ah-----|268] - C:\sqmdata15.sqm
[20/03/2009 00:07|--ah-----|268] - C:\sqmdata16.sqm
[21/03/2009 23:16|--ah-----|268] - C:\sqmdata17.sqm
[24/03/2009 15:50|--ah-----|268] - C:\sqmdata18.sqm
[25/03/2009 17:10|--ah-----|268] - C:\sqmdata19.sqm
[14/04/2009 20:06|--ah-----|136] - C:\sqmnoopt00.sqm
[29/04/2009 18:54|--ah-----|244] - C:\sqmnoopt01.sqm
[29/04/2009 20:42|--ah-----|244] - C:\sqmnoopt02.sqm
[29/04/2009 22:56|--ah-----|244] - C:\sqmnoopt03.sqm
[30/04/2009 08:36|--ah-----|244] - C:\sqmnoopt04.sqm
[09/05/2009 01:26|--ah-----|244] - C:\sqmnoopt05.sqm
[09/05/2009 12:31|--ah-----|244] - C:\sqmnoopt06.sqm
[09/01/2009 10:59|--ah-----|244] - C:\sqmnoopt07.sqm
[09/01/2009 11:34|--ah-----|244] - C:\sqmnoopt08.sqm
[07/02/2009 20:46|--ah-----|244] - C:\sqmnoopt09.sqm
[07/02/2009 22:06|--ah-----|244] - C:\sqmnoopt10.sqm
[09/02/2009 14:28|--ah-----|244] - C:\sqmnoopt11.sqm
[09/02/2009 19:48|--ah-----|244] - C:\sqmnoopt12.sqm
[09/02/2009 19:51|--ah-----|244] - C:\sqmnoopt13.sqm
[09/02/2009 21:23|--ah-----|244] - C:\sqmnoopt14.sqm
[18/03/2009 21:39|--ah-----|244] - C:\sqmnoopt15.sqm
[20/03/2009 00:07|--ah-----|244] - C:\sqmnoopt16.sqm
[21/03/2009 23:16|--ah-----|244] - C:\sqmnoopt17.sqm
[24/03/2009 15:50|--ah-----|244] - C:\sqmnoopt18.sqm
[25/03/2009 17:10|--ah-----|244] - C:\sqmnoopt19.sqm

regarde ici:http://www.commentcamarche.net/faq/sujet 8488 fichiers sqmdata sqm et sqmnoopt sqm

2)reposte un rapport hijackthis stp

je n,arrive pas a voire les fichiers .sqm

voici le rapport :
Logfile of HijackThis v1.99.1
Scan saved at 15:47:18, on 09/05/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\windows\System32\svchost.exe
C:\windows\System32\cmd.exe
C:\windows\explorer.exe
C:\windows\system32\notepad.exe
C:\windows\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O5 "LPT1:" /M "Stylus C45"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [InternetCalls] "C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_SDB.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [MediaDICO38] C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe Lancement
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Save Flash by &GetFlash - C:\PROGRA~1\GetFlash\getflash.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {6E704581-CCAE-46D2-9C64-20D724B3624E} (UnagiAx Class) - http://radaol-prod-web-rr.streamops.aol.com/mediaplugin/3.0.84.2/win32/unagi3.0.84.2.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A36E80C-0625-416A-A39D-0ED743972542}: NameServer = 41.221.20.4 193.251.169.165
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)

Merci pour ton aide,
Tout marche a merveille.

Re
Merci pour ton aide,mais de rien
et bonne continuation
@+