Bonjour, j'aimerais savoir si un torjan peut avoir pour effet de redémarrer le système 1 exploitation(windows). je doit en avoir un qui m'oblige à désinstaller mon anti virus parce que quand il le détecte le système se plante et redémarre. J'utilise panda titanium 2007-anti virus + anti spyware (2) mais il est actuellement désinstaler, j'ai également utilisé cureit sans succès. Que puis je faire?

bonjour, Télécharge sur le bureau ftp://ftp.commentcamarche.com/download/HJTInstall.exe = Clic-droit sur Hijackthis = Extraire ici ( ou extraire sans confirmation ou tout ou unzip) = clic droit sur Hijackthis ==> renommer ==> écrire : test.exe ( à la place de hijackthis.exe) <== Important =Double-clic dessus = Clic Do a system scan and save the log =coller le rapport si problème voir l'aide http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm @+

Torjan

Réponse 21 / 98

int main Messages postés 80 Statut Membre 3

ok a tout a l'heur et merci

Réponse 22 / 98

ep44 Messages postés 7432 Statut Contributeur 3

ok @+

Réponse 23 / 98

int main Messages postés 80 Statut Membre 3

Je suis de retour mais sans rapport sa prend trop de temps de télechager. Je possede déjà <h2>panda titanium 2007-antivirus + antispyware(2).exe</h2> si je l'instal et que je lance l'analyse en mode sans échec sa passe ou il me faut forcement antivir et zoneAlarme

Réponse 24 / 98

ep44 Messages postés 7432 Statut Contributeur 3

tu peux installer l'antivirus que tu veux
mais il faut aussi un parefeu
donc si t'en à pas prend zone alarme

et oui fait une analyse en mode sans échec avec l'antivirus de ton choix

je te proposais antivir car c'est ce qu'il à de mieux en ce moment et gratuit ;-)
à toi de voir le principal c'est que tu en installe un
@+

Réponse 25 / 98

int main Messages postés 80 Statut Membre 3

ok je prendrais zone alarme avec lui le téléchargement avance bien mais celui de antivir rame.

Merci pour tes précieux conseils je lance l'analyse avec panda.
@+

Réponse 26 / 98

ep44 Messages postés 7432 Statut Contributeur 3

ok mais pas deux antivirus sur ton pc
@+

Réponse 27 / 98

ep44 Messages postés 7432 Statut Contributeur 3

Bonsoir int main,

t'en es ou ?

@+

Réponse 28 / 98

int main Messages postés 80 Statut Membre 3

slt
C'est plus compliqué que je le croyais j'arrive même pas à installer l'anti virus à chaque fois que je l'installe et que je redémarre, mon pc
se coupe immédiatement. et pire j'arrive plus à télécharger ma connexion ADSL ne me permet plus de télécharger ni antivir ni le parfeu. La je sait vraiment plus quoi faire.
Ps J'ai installer panda titanium 2007-antivirus + antispyware(2) et Dr Web tous deux ont pour effet de couper mon système d'exploitation, je doit donc redémarrer en mode sans échec pour les désinstaller. :'(

Réponse 29 / 98

int main Messages postés 80 Statut Membre 3

Bonsoir Ep44. j'ai oublié de mentionner l'apparition d'un message d'erreur:
L'instruction à "0x10013f90" emploie l'adresse mémoire "0x7d986bfd". la mémoire ne peut pas être "read".

Réponse 30 / 98

ep44 Messages postés 7432 Statut Contributeur 3

Bonsoir

bon tu arrive donc à redemarrer ton pc mais tu n'arrive pas à installer ton antivirus
essaye celui que je t'ai indiqué ensuite tient moi au courant
pour ton message d'erreur je fait des recherches
@+

Réponse 31 / 98

int main Messages postés 80 Statut Membre 3

Bonsoir
Je vient d'achever le téléchargement d'antivir je l'ai installé et je lance actu une mise à jour. IL détecte torjan horse TR/Crypt.NSPM.Gen qui je croit ne peut être supprimé j'ai pas très bien compris
Le parfeu doit aussi être lancé en mode sans échec?

Bonne nuit et encore merci pour ton aide précieuse

Réponse 32 / 98

int main Messages postés 80 Statut Membre 3

Slt j'ai enfin pu terminer l'analyse et voici le rapport généré par hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:30:47, on 08/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\VIRTUA~2\VDJP.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ViOrb\ViOrb.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\CreativesFiles\Shareaza.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Free Download Manager\fdm.exe
E:\eMule\emule.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
R3 - URLSearchHook: Secured_eMule toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSecu.dll
R3 - URLSearchHook: torrent_search toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, explorer.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC.dll (file missing)
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\CreativesFiles\Plugins\RazaWebHook.dll
O2 - BHO: Secured_eMule toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSecu.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: torrent_search toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
O3 - Toolbar: Secured_eMule toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSecu.dll
O3 - Toolbar: torrent_search toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinSysM] C:\WINDOWS\338448M.exe
O4 - HKLM\..\Run: [SpeedBitVideoAccelerator] "E:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
O4 - HKLM\..\Run: [Userinit] C:\WINDOWS\system32\cologsver.exe
O4 - HKLM\..\Run: [mobiswing] C:\PROGRA~1\VIRTUA~2\VDJP.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Barsaka] e explorer.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ViOrb] C:\Program Files\ViOrb\ViOrb.exe
O4 - HKCU\..\Run: [WinButler] C:\Documents and Settings\Enyce.ANICE\Application Data\WinButler\WinButler.exe
O4 - HKCU\..\Run: [IDMan] D:\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Shareaza] "C:\CreativesFiles\Shareaza.exe" -tray
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - HKCU\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\aro.exe -rem
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [eMuleAutoStart] E:\eMule\emule.exe -AutoStart
O4 - HKLM\..\Policies\Explorer\Run: [MSDWG32] LYLoadbr.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDCG32 ] LYLeador.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDOG32] LYLoador.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDSG32] LYLoadar.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDMG32] LYLoadmr.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDHG32] LYLoadhr.exe
O4 - HKLM\..\Policies\Explorer\Run: [MSDQG32] LYLoadqr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1957994488-854245398-839522115-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Gnampa')
O4 - HKUS\S-1-5-21-1957994488-854245398-839522115-1004\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Gnampa')
O4 - HKUS\S-1-5-21-1957994488-854245398-839522115-1004\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Gnampa')
O4 - HKUS\S-1-5-21-1957994488-854245398-839522115-1004\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (User 'Gnampa')
O4 - HKUS\S-1-5-21-1957994488-854245398-839522115-1004\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Gnampa')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Download all links with IDM - D:\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - D:\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with &Shareaza - res://C:\CreativesFiles\Plugins\RazaWebHook.dll/3000
O8 - Extra context menu item: Download with IDM - D:\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{DB0F1B17-7C77-4958-BA40-6EDD59D700A7}: NameServer = 206.82.130.195 209.244.0.3
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - D:\Ares\chatServer.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: VideoAcceleratorService - Unknown owner - E:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe (file missing)
O24 - Desktop Component 0: (no name) - http://www.bahai-biblio.org/...

Réponse 33 / 98

int main Messages postés 80 Statut Membre 3

Encore moi je sais que je ne devrais pas sans ton autorisation mais j'ai téléchargé Lop S&D et j'ai lancé une recherche. J'ai lus sur le forum cette solution proposé au fait que c:\ ne puisse plus s'ouvrir il me demande lorsque je double clique sur lui avec qu'elle logiciel il doit s'ouvrir. Je t'enverrait le rapport si tu le juge nécessaires.

Réponse 34 / 98

ep44 Messages postés 7432 Statut Contributeur 3

Bonsoir int main,
tu peux poster ce rapport

fais aussi ceci
Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/Combo-Fix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix,
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

Réponse 35 / 98

int main Messages postés 80 Statut Membre 3

le rapport en question:

-----------------------------[ Lop S&D 2.2.8 ]---------------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Enyce ] [ "C:\Program Files\Lop SD" ]
[ 08/02/2008 | 19:29:47,31 ] [ PC : ANICE ]
[ MAJ : 08-02-2008 | 01:44 ]

-------------[ Listing des dossiers dans Application Data ]------------

[15/11/2005|22:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[15/11/2005|22:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[11/11/2007|03:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[29/01/2008|16:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[28/01/2008|23:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[28/01/2008|23:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[31/10/2007|14:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[31/10/2007|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[08/02/2008|04:20] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.
[08/02/2008|04:20] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\..
[08/02/2008|02:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\addr_file.html
[02/12/2007|22:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[29/11/2007|06:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[12/11/2005|16:47] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[28/01/2008|23:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\avg7
[08/02/2008|00:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira
[28/01/2008|23:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
[15/11/2005|23:47] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\BVRP Software
[11/11/2007|03:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
[01/02/2008|11:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Downloaded Installations
[07/02/2008|17:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\FreeDownloadManager.ORG
[24/11/2007|20:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[30/11/2007|19:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[11/11/2005|10:58] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Pinnacle
[11/11/2007|10:04] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime
[28/01/2008|23:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\RoboForm
[24/11/2007|12:15] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[07/02/2008|15:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP
[09/12/2007|02:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Trymedia
[12/11/2005|16:34] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TuneUp Software
[11/11/2007|09:42] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[17/11/2005|20:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Live Toolbar
[28/01/2008|23:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[08/02/2008|04:20] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion

[15/11/2005|22:07] C:\DOCUME~1\anice\APPLIC~1\.
[15/11/2005|22:07] C:\DOCUME~1\anice\APPLIC~1\..
[31/10/2007|14:58] C:\DOCUME~1\anice\APPLIC~1\desktop.ini
[31/10/2007|14:33] C:\DOCUME~1\anice\APPLIC~1\Identities
[31/10/2007|14:41] C:\DOCUME~1\anice\APPLIC~1\Microsoft

[15/11/2005|22:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[15/11/2005|22:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[31/10/2007|14:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[31/10/2007|14:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[15/11/2005|22:07] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\.
[15/11/2005|22:07] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\..
[11/11/2007|03:38] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\desktop.ini
[11/11/2007|05:53] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft

[24/11/2007|12:17] C:\DOCUME~1\Enyce\APPLIC~1\.
[24/11/2007|12:17] C:\DOCUME~1\Enyce\APPLIC~1\..
[31/10/2007|17:07] C:\DOCUME~1\Enyce\APPLIC~1\Adobe
[03/11/2005|15:52] C:\DOCUME~1\Enyce\APPLIC~1\Apple Computer
[03/11/2005|15:59] C:\DOCUME~1\Enyce\APPLIC~1\BitTorrent
[03/11/2005|15:36] C:\DOCUME~1\Enyce\APPLIC~1\Copernic
[31/10/2007|15:57] C:\DOCUME~1\Enyce\APPLIC~1\desktop.ini
[03/11/2005|15:57] C:\DOCUME~1\Enyce\APPLIC~1\Google
[09/11/2005|18:48] C:\DOCUME~1\Enyce\APPLIC~1\Help
[31/10/2007|16:30] C:\DOCUME~1\Enyce\APPLIC~1\Identities
[03/11/2005|15:39] C:\DOCUME~1\Enyce\APPLIC~1\InstallShield
[03/11/2005|15:54] C:\DOCUME~1\Enyce\APPLIC~1\Macromedia
[09/11/2005|18:43] C:\DOCUME~1\Enyce\APPLIC~1\Microsoft
[03/11/2005|15:32] C:\DOCUME~1\Enyce\APPLIC~1\Mozilla
[03/11/2005|16:15] C:\DOCUME~1\Enyce\APPLIC~1\Real
[04/11/2005|23:36] C:\DOCUME~1\Enyce\APPLIC~1\Stardock
[04/11/2005|23:44] C:\DOCUME~1\Enyce\APPLIC~1\Styler
[03/11/2005|15:50] C:\DOCUME~1\Enyce\APPLIC~1\Talkback
[09/11/2005|18:42] C:\DOCUME~1\Enyce\APPLIC~1\vlc
[31/10/2007|17:05] C:\DOCUME~1\Enyce\APPLIC~1\Webshots

[05/12/2007|21:52] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\$_hpcst$.hpc
[08/02/2008|06:17] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\.
[08/02/2008|06:17] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\..
[08/02/2008|19:05] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\.googlewebacchosts
[02/12/2007|12:30] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Adobe
[02/12/2007|22:47] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\AdobeUM
[30/11/2007|21:41] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Ahead
[28/11/2007|02:02] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\aoe3trial_Downloader
[14/11/2005|19:02] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Apple Computer
[03/12/2007|00:18] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\AVG7
[04/12/2007|19:15] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\AVS4YOU
[16/12/2007|09:27] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\AVSMedia
[16/12/2007|23:13] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\BitDownload
[30/11/2007|06:06] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\BitTorrent
[11/11/2007|09:48] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Copernic
[11/11/2007|03:38] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\desktop.ini
[29/11/2007|16:04] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Dev-Cpp
[16/12/2007|11:48] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\DMCache
[13/12/2007|09:00] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\eMule
[07/02/2008|23:11] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Free Download Manager
[25/11/2007|02:09] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Google
[25/11/2007|00:26] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Help
[11/11/2007|06:46] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Identities
[16/12/2007|11:49] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\IDM
[23/11/2007|21:33] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\InstallShield
[09/12/2007|02:40] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Macromedia
[01/12/2007|10:00] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Media Player Classic
[15/01/2008|21:18] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Microsoft
[28/11/2007|22:37] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Moyea
[24/11/2007|19:35] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Mozilla
[09/12/2007|02:40] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\PlayFirst
[11/11/2005|17:20] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Real
[05/02/2008|05:22] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Sammsoft
[31/01/2008|09:22] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Shareaza
[17/12/2007|06:56] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\ShoppingReport
[08/12/2007|08:09] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Styler
[07/02/2008|15:15] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Talkback
[29/01/2008|17:38] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\U3
[30/11/2007|21:20] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Uniblue
[22/01/2008|13:08] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\ViStart
[11/11/2005|10:38] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\vlc
[11/11/2005|10:46] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Webshots
[08/02/2008|06:18] C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\WinButler

[15/11/2005|22:07] C:\DOCUME~1\Gnampa\APPLIC~1\.
[15/11/2005|22:07] C:\DOCUME~1\Gnampa\APPLIC~1\..
[10/11/2005|19:06] C:\DOCUME~1\Gnampa\APPLIC~1\Adobe
[31/10/2007|15:57] C:\DOCUME~1\Gnampa\APPLIC~1\desktop.ini
[02/11/2005|14:18] C:\DOCUME~1\Gnampa\APPLIC~1\DivX
[31/10/2005|20:04] C:\DOCUME~1\Gnampa\APPLIC~1\Identities
[02/11/2005|14:18] C:\DOCUME~1\Gnampa\APPLIC~1\Media Player Classic
[02/11/2005|14:23] C:\DOCUME~1\Gnampa\APPLIC~1\Microsoft
[03/11/2005|17:12] C:\DOCUME~1\Gnampa\APPLIC~1\Real
[05/11/2005|15:18] C:\DOCUME~1\Gnampa\APPLIC~1\Styler

[06/12/2007|09:15] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\$_hpcst$.hpc
[07/02/2008|18:09] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\.
[07/02/2008|18:09] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\..
[08/02/2008|18:24] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\.googlewebacchosts
[30/11/2007|09:12] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\Adobe
[04/12/2007|09:21] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\Ahead
[04/12/2007|09:17] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\Apple Computer
[03/12/2007|02:01] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\AVG7
[17/12/2007|20:58] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\Babylon
[11/11/2007|03:38] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\desktop.ini
[04/12/2007|09:20] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\DivX
[07/02/2008|20:03] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\Free Upload Manager
[03/12/2007|16:22] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\Google
[11/11/2007|10:26] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\Identities
[30/11/2007|09:09] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\Macromedia
[07/12/2007|22:00] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\Microsoft
[30/11/2007|09:05] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\Mozilla
[11/11/2005|23:44] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\Real
[28/11/2007|15:24] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\Tibia
[27/11/2007|12:26] C:\DOCUME~1\GNAMPA~1.ANI\APPLIC~1\VersionTracker Pro

[15/11/2005|22:07] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\.
[15/11/2005|22:07] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\..
[15/11/2005|22:07] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft

[03/12/2007|01:57] C:\DOCUME~1\LOCALS~1.000\APPLIC~1\.
[03/12/2007|01:57] C:\DOCUME~1\LOCALS~1.000\APPLIC~1\..
[03/12/2007|01:57] C:\DOCUME~1\LOCALS~1.000\APPLIC~1\AVG7
[05/12/2007|06:17] C:\DOCUME~1\LOCALS~1.000\APPLIC~1\Microsoft

[03/12/2007|00:18] C:\DOCUME~1\NETWOR~1.000\APPLIC~1\.
[03/12/2007|00:18] C:\DOCUME~1\NETWOR~1.000\APPLIC~1\..
[03/12/2007|00:18] C:\DOCUME~1\NETWOR~1.000\APPLIC~1\AVG7
[05/12/2007|06:17] C:\DOCUME~1\NETWOR~1.000\APPLIC~1\Microsoft
[26/11/2007|06:59] C:\DOCUME~1\NETWOR~1.000\APPLIC~1\Mozilla

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[28/01/2008 21:22][--a------] C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job [--270--]
[25/11/2007 17:31][--a------] C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job [--392--]
[08/02/2008 12:35][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]
[28/09/2001 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [--65--]
[08/02/2008 19:26][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job [--254--]
[27/01/2008 08:47][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--282--]

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[08/02/2008|19:29] C:\Program Files\.
[08/02/2008|19:29] C:\Program Files\..
[19/01/2008|18:39] C:\Program Files\.autoreg
[31/10/2007|16:41] C:\Program Files\Adobe
[05/02/2008|05:21] C:\Program Files\Advanced Registry Optimizer
[29/11/2007|06:38] C:\Program Files\Apple Software Update
[05/02/2008|05:06] C:\Program Files\Ares
[07/02/2008|15:10] C:\Program Files\Ascentive
[20/01/2008|18:18] C:\Program Files\AskTBar
[16/01/2008|01:07] C:\Program Files\a-squared Free
[03/02/2008|19:42] C:\Program Files\AtomixMP3
[08/02/2008|00:38] C:\Program Files\Avira
[05/12/2007|06:14] C:\Program Files\AviSynth 2.5
[15/11/2005|13:58] C:\Program Files\AvRack
[11/12/2007|00:05] C:\Program Files\AVS4YOU
[16/12/2007|09:25] C:\Program Files\AVSMedia
[11/11/2007|09:45] C:\Program Files\BearShare Applications
[09/12/2007|02:37] C:\Program Files\BFG
[14/12/2007|18:47] C:\Program Files\BitComet
[19/12/2007|13:43] C:\Program Files\BitDownload
[01/12/2007|09:35] C:\Program Files\BitTorrent
[16/12/2007|23:13] C:\Program Files\BitTorrent Fastest Tool
[01/02/2008|23:23] C:\Program Files\Blagues
[06/12/2007|15:33] C:\Program Files\Carrie the Caregiver
[08/02/2008|00:50] C:\Program Files\CCleaner
[03/11/2005|16:00] C:\Program Files\Copernic Agent
[10/11/2005|18:44] C:\Program Files\CSO-DAX COMPILATOR
[07/02/2008|15:10] C:\Program Files\DAP
[27/12/2007|15:27] C:\Program Files\Doctor Web, Ltd
[29/12/2007|19:02] C:\Program Files\DrWeb
[03/12/2007|02:43] C:\Program Files\EasyPHP1-7
[03/11/2005|15:59] C:\Program Files\EasyPHP1-8
[01/12/2007|01:32] C:\Program Files\eMule
[31/10/2007|16:33] C:\Program Files\eRightSoft
[10/11/2005|23:43] C:\Program Files\ESET
[21/01/2008|21:49] C:\Program Files\F1lzr
[05/12/2007|22:58] C:\Program Files\Fichiers communs
[07/02/2008|17:53] C:\Program Files\Free Download Manager
[16/01/2008|00:32] C:\Program Files\GameTop.com
[01/12/2007|17:21] C:\Program Files\Google
[03/12/2007|00:17] C:\Program Files\Grisoft
[10/11/2005|23:53] C:\Program Files\HHD Software
[07/02/2008|13:13] C:\Program Files\InstallShield Installation Information
[04/02/2008|22:00] C:\Program Files\Internet Explorer
[31/10/2007|16:58] C:\Program Files\iPod
[05/02/2008|05:05] C:\Program Files\iTunes
[10/11/2005|23:38] C:\Program Files\Kaspersky Lab
[15/01/2008|14:04] C:\Program Files\K-Lite Codec Pack
[22/01/2008|13:02] C:\Program Files\LClock
[26/12/2007|14:26] C:\Program Files\Live_TV
[08/02/2008|19:29] C:\Program Files\Lop SD
[05/02/2008|05:06] C:\Program Files\Messenger
[03/11/2005|00:16] C:\Program Files\Micro Application
[05/02/2008|05:06] C:\Program Files\Microsoft ActiveSync
[15/11/2005|22:07] C:\Program Files\microsoft frontpage
[17/11/2005|00:20] C:\Program Files\Microsoft Games
[05/12/2007|22:58] C:\Program Files\Microsoft Office
[12/11/2005|14:11] C:\Program Files\Movie Maker
[14/12/2007|18:47] C:\Program Files\Moyea
[08/02/2008|18:27] C:\Program Files\Mozilla Firefox
[14/12/2007|18:57] C:\Program Files\MSECache
[31/10/2007|14:24] C:\Program Files\MSN
[31/10/2007|14:24] C:\Program Files\MSN Gaming Zone
[05/02/2008|05:05] C:\Program Files\MSN Messenger
[27/11/2007|06:54] C:\Program Files\MSXML 4.0
[31/10/2007|17:14] C:\Program Files\My Drivers
[04/02/2008|23:31] C:\Program Files\Navilog1
[14/01/2008|07:47] C:\Program Files\Neoact
[12/11/2005|16:22] C:\Program Files\Nero
[27/11/2007|06:50] C:\Program Files\NetAccelerator
[31/10/2007|14:26] C:\Program Files\NetMeeting
[28/01/2008|13:40] C:\Program Files\Notepad++
[31/10/2007|14:25] C:\Program Files\Online Services
[03/11/2005|18:18] C:\Program Files\Ontrack
[29/01/2008|15:53] C:\Program Files\Outlook Express
[28/01/2008|19:22] C:\Program Files\Panda Software
[10/11/2005|23:39] C:\Program Files\Pcsx2
[03/11/2005|15:53] C:\Program Files\PDF2Word
[10/11/2005|23:55] C:\Program Files\Personal Media Manager
[10/11/2005|23:35] C:\Program Files\Pinnacle
[16/01/2008|00:46] C:\Program Files\Pool 'm Up
[12/11/2005|13:36] C:\Program Files\PowerQuest
[10/11/2005|23:44] C:\Program Files\PQDVD
[23/11/2007|22:08] C:\Program Files\Project64 1.6
[04/02/2008|22:00] C:\Program Files\QuickTime
[03/11/2005|15:45] C:\Program Files\Real
[31/10/2005|19:51] C:\Program Files\Realtek
[15/11/2005|13:58] C:\Program Files\Realtek AC97
[01/11/2005|09:02] C:\Program Files\Realtek Sound Manager
[03/12/2007|03:37] C:\Program Files\ReflexiveArcade
[01/11/2005|09:35] C:\Program Files\S3
[07/02/2008|13:32] C:\Program Files\Secured eMule
[17/12/2007|06:56] C:\Program Files\Secured_eMule
[31/10/2007|14:27] C:\Program Files\Services en ligne
[29/01/2008|16:43] C:\Program Files\Shareaza
[15/01/2008|19:37] C:\Program Files\Shareaza Applications
[08/02/2008|07:11] C:\Program Files\ShoppingReport
[27/11/2007|14:27] C:\Program Files\Siber Systems
[04/01/2008|03:18] C:\Program Files\SlySoft
[10/11/2005|23:43] C:\Program Files\SmartSound Software
[10/11/2005|23:49] C:\Program Files\Sony Setup
[05/02/2008|05:06] C:\Program Files\Spybot - Search & Destroy
[22/01/2008|13:02] C:\Program Files\Styler
[05/02/2008|05:05] C:\Program Files\SuperCopier2
[02/02/2008|20:26] C:\Program Files\Thomson
[02/02/2008|20:57] C:\Program Files\Thomson SpeedTouch
[17/12/2007|16:14] C:\Program Files\torrent_search
[04/02/2008|21:59] C:\Program Files\Total Video Converter
[02/02/2008|18:37] C:\Program Files\Trend Micro
[22/01/2008|13:02] C:\Program Files\TrueTransparency
[31/10/2007|14:33] C:\Program Files\Uninstall Information
[26/07/2002|17:02] C:\Program Files\UNWISE.EXE
[03/11/2005|15:27] C:\Program Files\Venturi2
[01/11/2005|00:21] C:\Program Files\VIA
[11/11/2005|00:11] C:\Program Files\VideoLAN
[05/02/2008|05:06] C:\Program Files\ViOrb
[05/02/2008|05:05] C:\Program Files\Virtual DJ
[08/12/2007|19:08] C:\Program Files\VirtualDJ
[22/01/2008|13:08] C:\Program Files\Vista Sidebar
[24/11/2007|12:18] C:\Program Files\VistaCodecPack
[22/01/2008|13:08] C:\Program Files\ViStart
[22/01/2008|13:13] C:\Program Files\VisualTooltip
[04/02/2008|22:00] C:\Program Files\Webshots
[25/11/2007|16:21] C:\Program Files\Windows Live
[30/11/2007|19:05] C:\Program Files\Windows Live Favorites
[29/01/2008|16:26] C:\Program Files\Windows Live Toolbar
[25/11/2007|09:09] C:\Program Files\Windows Media Bonus Pack for Windows XP
[31/10/2007|16:42] C:\Program Files\Windows Media Connect 2
[05/02/2008|05:06] C:\Program Files\Windows Media Player
[31/10/2007|14:24] C:\Program Files\Windows NT
[31/10/2007|14:27] C:\Program Files\WindowsUpdate
[22/01/2008|13:30] C:\Program Files\WinFlip
[17/12/2007|19:50] C:\Program Files\WinHTTrack
[04/02/2008|23:38] C:\Program Files\WinRAR
[31/10/2007|14:29] C:\Program Files\xerox
[08/02/2008|00:49] C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[05/12/2007|22:58] C:\Program Files\Fichiers communs\.
[05/12/2007|22:58] C:\Program Files\Fichiers communs\..
[31/10/2007|16:43] C:\Program Files\Fichiers communs\Adobe
[12/11/2005|16:24] C:\Program Files\Fichiers communs\Ahead
[16/12/2007|09:27] C:\Program Files\Fichiers communs\AVSMedia
[11/11/2005|00:12] C:\Program Files\Fichiers communs\CIEL
[03/11/2005|16:00] C:\Program Files\Fichiers communs\Copernic
[05/12/2007|22:58] C:\Program Files\Fichiers communs\Designer
[23/11/2007|19:44] C:\Program Files\Fichiers communs\G DATA
[31/10/2005|19:51] C:\Program Files\Fichiers communs\InstallShield
[05/12/2007|22:59] C:\Program Files\Fichiers communs\Microsoft Shared
[31/10/2007|14:26] C:\Program Files\Fichiers communs\MSSoap
[31/10/2007|14:58] C:\Program Files\Fichiers communs\ODBC
[03/11/2005|15:45] C:\Program Files\Fichiers communs\Real
[31/10/2007|14:26] C:\Program Files\Fichiers communs\Services
[31/10/2007|14:58] C:\Program Files\Fichiers communs\SpeechEngines
[24/11/2007|07:29] C:\Program Files\Fichiers communs\System
[25/11/2007|16:21] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[31/10/2007|17:12] C:\Program Files\Fichiers communs\Wise Installation Wizard
[03/11/2005|15:45] C:\Program Files\Fichiers communs\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\PlayFirst
C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\PlayFirst\spongebobdash
C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Bitdownload
C:\DOCUME~1\ENYCE~1.ANI\APPLIC~1\Bitdownload\Data
C:\Program Files\Bitdownload
C:\Program Files\Bitdownload\BitDownload.TRC

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-08 19:31:38
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:126][Doss:14] C:\DOCUME~1\ENYCE~1.ANI\LOCALS~1\Temp
/!\ [Fich:9][Doss:0] C:\DOCUME~1\ENYCE~1.ANI\Cookies
/!\ [Fich:174][Doss:4] C:\DOCUME~1\ENYCE~1.ANI\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:31:53,37 ]----------------------

Réponse 36 / 98

int main Messages postés 80 Statut Membre 3

Euh pardon y'a plusieur rapport qui sont généré à savoir:
-run.sed
-ComboDel.txt
-ComboFix.txt
-pend.txt
Je sais pas lequel je doit envoyer en attendant voici loe rapport de ComboFix.txt tu me dira si je doit en envoyer d'autres

ComboFix 08-01-30.1 - Enyce 2008-02-08 22:30:39.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.32 [GMT 0:00]
Endroit: C:\Documents and Settings\Enyce.ANICE\Bureau\Combo-Fix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\Documents and Settings\Enyce.ANICE\Application Data\ShoppingReport
C:\Documents and Settings\Enyce.ANICE\Application Data\ShoppingReport\cs\Config.xml
C:\Documents and Settings\Enyce.ANICE\Favoris\.url
C:\Program Files\ShoppingReport
E:\Autorun.inf . . . . Echec de suppression

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-08 to 2008-02-08 ))))))))))))))))))))))))))))))))))))
.

2008-02-08 19:29 . 2008-02-08 19:31 <REP> d-------- C:\Program Files\Lop SD
2008-02-08 04:20 . 2008-02-08 04:20 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion
2008-02-08 00:49 . 2008-02-08 00:50 <REP> d-------- C:\Program Files\CCleaner
2008-02-08 00:38 . 2008-02-08 00:38 <REP> d-------- C:\Program Files\Avira
2008-02-07 23:36 . 2008-02-08 20:18 <REP> d----c--- C:\Downloads
2008-02-07 18:09 . 2008-02-07 20:03 <REP> d-------- C:\Documents and Settings\Gnampa.ANICE\Application Data\Free Upload Manager
2008-02-07 17:53 . 2008-02-07 17:53 <REP> d-------- C:\Program Files\Free Download Manager
2008-02-07 17:53 . 2008-02-07 23:11 <REP> d-------- C:\Documents and Settings\Enyce.ANICE\Application Data\Free Download Manager
2008-02-07 17:53 . 2008-02-07 17:53 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\FreeDownloadManager.ORG
2008-02-07 15:15 . 2008-02-07 15:15 <REP> d-------- C:\Documents and Settings\Enyce.ANICE\Application Data\Talkback
2008-02-07 13:09 . 2008-02-07 15:10 <REP> d-------- C:\Program Files\Ascentive
2008-02-07 13:09 . 1998-06-18 00:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-02-05 05:22 . 2008-02-05 05:22 <REP> d-------- C:\Documents and Settings\Enyce.ANICE\Application Data\Sammsoft
2008-02-05 05:21 . 2008-02-05 05:21 <REP> d-------- C:\Program Files\Advanced Registry Optimizer
2008-02-03 13:30 . 2007-10-21 10:30 4,461 --a------ C:\WINDOWS\system32\gnc.exe
2008-02-03 02:41 . 2008-02-03 02:42 <REP> d----c--- C:\Nouveau dossier
2008-02-02 21:50 . 2008-02-03 12:25 3,486 --a------ C:\WINDOWS\system32\tmp.reg
2008-02-02 21:49 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-02-02 21:49 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-02-02 21:49 . 2008-02-02 00:55 83,456 --a------ C:\WINDOWS\system32\VACFix.exe
2008-02-02 21:49 . 2008-01-27 14:37 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-02-02 21:49 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-02-02 21:49 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-02-02 21:37 . 2008-02-04 23:31 <REP> d-------- C:\Program Files\Navilog1
2008-02-02 19:57 . 2008-02-02 20:26 <REP> d-------- C:\Program Files\Thomson
2008-02-02 18:37 . 2008-02-02 18:37 <REP> d-------- C:\Program Files\Trend Micro
2008-02-01 11:32 . 2008-02-01 11:32 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Downloaded Installations
2008-01-31 19:24 . 2008-01-31 19:24 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-31 19:24 . 2008-01-31 19:24 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-31 13:35 . 2008-01-31 13:35 8,571 --a------ C:\grab00000.jpg
2008-01-30 20:38 . 2008-02-05 05:06 <REP> d-------- C:\CreativesFiles
2008-01-29 16:45 . 2007-11-11 03:38 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-01-29 16:45 . 2007-11-11 03:38 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-01-29 16:45 . 2007-11-11 05:49 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-01-29 16:45 . 2007-11-11 03:38 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-01-29 16:45 . 2005-11-15 22:07 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-01-29 16:45 . 2007-11-11 03:38 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-01-29 16:45 . 2005-11-15 22:07 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-01-28 19:22 . 2008-01-28 19:22 <REP> d-------- C:\Program Files\Panda Software
2008-01-28 13:35 . 2008-01-28 13:40 <REP> d-------- C:\Program Files\Notepad++
2008-01-22 13:02 . 2008-01-22 13:30 <REP> d-------- C:\Program Files\WinFlip
2008-01-22 13:02 . 2008-01-22 13:13 <REP> d-------- C:\Program Files\VisualTooltip
2008-01-22 13:02 . 2008-01-22 13:08 <REP> d-------- C:\Program Files\ViStart
2008-01-22 13:02 . 2008-01-22 13:08 <REP> d-------- C:\Program Files\Vista Sidebar
2008-01-22 13:02 . 2008-02-05 05:06 <REP> d-------- C:\Program Files\ViOrb
2008-01-22 13:02 . 2008-01-22 13:02 <REP> d-------- C:\Program Files\TrueTransparency
2008-01-22 13:02 . 2008-01-22 13:02 <REP> d-------- C:\Program Files\LClock
2008-01-22 13:02 . 2007-04-15 01:32 7,333,376 --a------ C:\WINDOWS\system32\vistaui.exe
2008-01-22 13:02 . 2006-12-11 01:15 498,176 --a------ C:\WINDOWS\system32\logon.scr
2008-01-22 13:02 . 2004-09-20 01:27 172,032 --a------ C:\WINDOWS\system32\LClock.cpl
2008-01-22 13:02 . 2007-11-25 22:11 49,208 --a------ C:\WINDOWS\system32\vistartup.bmp
2008-01-22 12:57 . 2008-01-22 12:57 161,862 --a------ C:\WINDOWS\Icon_2.ico
2008-01-21 20:57 . 2008-01-21 21:49 <REP> d-------- C:\Program Files\F1lzr
2008-01-21 20:57 . 2008-02-01 23:23 <REP> d-------- C:\Program Files\Blagues
2008-01-21 20:57 . 1996-11-06 13:04 302,592 --a------ C:\WINDOWS\unin040c.exe
2008-01-21 20:57 . 1999-02-18 01:22 44,544 --a------ C:\WINDOWS\system32\Gif89.dll
2008-01-21 20:42 . 2008-01-21 20:42 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-01-20 18:21 . 2008-02-08 00:38 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2008-01-20 18:18 . 2008-01-20 18:18 <REP> d-------- C:\Program Files\AskTBar
2008-01-17 21:24 . 2008-02-04 21:59 <REP> d-------- C:\Program Files\Total Video Converter
2008-01-16 00:46 . 2008-01-16 00:46 <REP> d-------- C:\Program Files\Pool 'm Up
2008-01-16 00:46 . 2008-01-23 21:38 867 --a------ C:\WINDOWS\Poolemup.ini
2008-01-16 00:32 . 2008-01-16 00:32 <REP> d-------- C:\Program Files\GameTop.com
2008-01-15 19:37 . 2008-01-15 19:37 <REP> d-------- C:\Program Files\Shareaza Applications
2008-01-15 14:03 . 2008-01-15 14:04 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-01-14 07:47 . 2008-01-14 07:47 <REP> d-------- C:\Program Files\Neoact
2008-01-14 07:47 . 2006-08-16 21:27 139,264 --a------ C:\WINDOWS\NeoUninstall.exe
2008-01-14 07:47 . 2008-01-14 07:47 26 --a------ C:\WINDOWS\neosetup.INI

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-08 06:18 --------- d-----w C:\Documents and Settings\Enyce.ANICE\Application Data\WinButler
2008-02-08 00:49 --------- d-----w C:\Program Files\Yahoo!
2008-02-07 15:10 --------- d-----w C:\Program Files\DAP
2008-02-07 15:07 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-02-07 13:32 --------- d-----w C:\Program Files\Secured eMule
2008-02-07 13:13 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-05 05:06 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-02-05 05:06 --------- d-----w C:\Program Files\Ares
2008-02-05 05:05 --------- d-----w C:\Program Files\Virtual DJ
2008-02-05 05:05 --------- d-----w C:\Program Files\SuperCopier2
2008-02-05 05:05 --------- d-----w C:\Program Files\MSN Messenger
2008-02-05 05:05 --------- d-----w C:\Program Files\iTunes
2008-02-04 22:00 --------- d-----w C:\Program Files\Webshots
2008-02-04 22:00 --------- d-----w C:\Program Files\QuickTime
2008-02-03 19:42 --------- d-----w C:\Program Files\AtomixMP3
2008-02-02 20:57 --------- d-----w C:\Program Files\Thomson SpeedTouch
2008-01-31 09:22 --------- d-----w C:\Documents and Settings\Enyce.ANICE\Application Data\Shareaza
2008-01-29 17:38 --------- d-----w C:\Documents and Settings\Enyce.ANICE\Application Data\U3
2008-01-29 16:43 --------- d-----w C:\Program Files\Shareaza
2008-01-29 16:26 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-01-28 23:36 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
2008-01-28 23:36 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\RoboForm
2008-01-28 23:36 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\AVS4YOU
2008-01-28 23:36 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\avg7
2008-01-22 13:08 --------- d-----w C:\Documents and Settings\Enyce.ANICE\Application Data\ViStart
2008-01-22 13:02 --------- d-----w C:\Program Files\Styler
2008-01-19 18:39 10 ----a-w C:\Program Files\.autoreg
2008-01-16 01:07 --------- d-----w C:\Program Files\a-squared Free
2008-01-04 03:18 --------- d-----w C:\Program Files\SlySoft
2007-12-29 19:02 --------- d-----w C:\Program Files\DrWeb
2007-12-28 03:50 724,992 ----a-w C:\WINDOWS\iun6002.exe
2007-12-27 15:27 --------- d-----w C:\Program Files\Doctor Web, Ltd
2007-12-26 14:26 --------- d-----w C:\Program Files\Live_TV
2007-12-19 13:43 --------- d-----w C:\Program Files\BitDownload
2007-12-17 20:58 --------- d-----w C:\Documents and Settings\Gnampa.ANICE\Application Data\Babylon
2007-12-17 19:50 --------- d-----w C:\Program Files\WinHTTrack
2007-12-17 16:14 --------- d-----w C:\Program Files\torrent_search
2007-12-17 06:56 --------- d-----w C:\Program Files\Secured_eMule
2007-12-16 23:13 --------- d-----w C:\Program Files\BitTorrent Fastest Tool
2007-12-16 23:13 --------- d-----w C:\Documents and Settings\Enyce.ANICE\Application Data\BitDownload
2007-12-16 11:49 --------- d-----w C:\Documents and Settings\Enyce.ANICE\Application Data\IDM
2007-12-16 11:48 --------- d-----w C:\Documents and Settings\Enyce.ANICE\Application Data\DMCache
2007-12-16 09:27 --------- d-----w C:\Program Files\Fichiers communs\AVSMedia
2007-12-16 09:27 --------- d-----w C:\Documents and Settings\Enyce.ANICE\Application Data\AVSMedia
2007-12-16 09:25 --------- d-----w C:\Program Files\AVSMedia
2007-12-14 18:57 --------- d-----w C:\Program Files\MSECache
2007-12-14 18:47 --------- d-----w C:\Program Files\Moyea
2007-12-14 18:47 --------- d-----w C:\Program Files\BitComet
2007-12-13 09:00 --------- d-----w C:\Documents and Settings\Enyce.ANICE\Application Data\eMule
2007-12-11 00:05 --------- d-----w C:\Program Files\AVS4YOU
2007-12-09 02:40 --------- d-----w C:\Documents and Settings\Enyce.ANICE\Application Data\PlayFirst
2007-12-09 02:38 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia
2007-12-09 02:37 --------- d-----w C:\Program Files\BFG
2007-12-08 19:08 --------- d-----w C:\Program Files\VirtualDJ
2007-12-08 08:09 --------- d-----w C:\Documents and Settings\Enyce.ANICE\Application Data\Styler
2007-12-06 11:08 720,896 ----a-w C:\WINDOWS\iun6002ev.exe
2007-11-23 21:32 14,338,496 ----a-w C:\drweb-444-win-fr.exe
2002-07-26 17:02 153,088 ----a-w C:\Program Files\UNWISE.EXE
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1d1b60fd-b21f-4b9a-8a5f-64e8544828d7}]
2007-05-27 13:17 1326104 --a------ C:\Program Files\Secured_eMule\tbSecu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
{2318C2B1-4965-11D4-9B18-009027A5CD4F}
{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF}
{B69A9DB4-D0A1-4722-B56B-F20757A29CDF}
{1D1B60FD-B21F-4B9A-8A5F-64E8544828D7}
{F14B0CCD-AA41-4406-AB68-C5DE9D85B4A3}
{D2F8F919-690B-4EA2-9FA7-A203D1E04F75}

[HKEY_CLASSES_ROOT\clsid\{1d1b60fd-b21f-4b9a-8a5f-64e8544828d7}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{1D1B60FD-B21F-4B9A-8A5F-64E8544828D7}"= C:\Program Files\Secured_eMule\tbSecu.dll [2007-05-27 13:17 1326104]

[HKEY_CLASSES_ROOT\clsid\{1d1b60fd-b21f-4b9a-8a5f-64e8544828d7}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [ ]
"SuperCopier2.exe"="C:\Program Files\SuperCopier2\SuperCopier2.exe" [2006-07-07 16:45 1052672]
"RocketDock"="C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe" [2006-05-14 20:47 344064]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-10-28 16:25 94208]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 16:24 1694208]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-30 20:43 68856]
"ViOrb"="C:\Program Files\ViOrb\ViOrb.exe" [2007-11-19 13:01 163840]
"WinButler"="C:\Documents and Settings\Enyce.ANICE\Application Data\WinButler\WinButler.exe" [ ]
"IDMan"="D:\Internet Download Manager\IDMan.exe" [ ]
"ares"="C:\Program Files\Ares\Ares.exe" [2007-05-04 00:32 961024]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2005-11-15 19:44 1200128]
"Shareaza"="C:\CreativesFiles\Shareaza.exe" [2008-01-01 17:49 4739072]
"AROReminder"="C:\Program Files\Advanced Registry Optimizer\aro.exe" [2007-07-23 09:34 2084480]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]
"Performance Center"="C:\Program Files\Ascentive\Performance Center\ApcMain.exe" [2007-08-06 12:51 3039232]
"Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [2008-01-29 21:12 2449455]
"eMuleAutoStart"="E:\eMule\emule.exe" [2007-05-13 14:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41 282624]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-11-11 10:35 185632]
"RaidTool"="C:\Program Files\VIA\RAID\raid_tool.exe" [2005-04-26 03:22 589824]
"VTTimer"="VTTimer.exe" [2005-03-07 12:33 53248 C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2005-03-11 02:33 147456 C:\WINDOWS\system32\VTTrayp.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-01 16:51 257088]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 13:42 77824 C:\WINDOWS\soundman.exe]
"SpeedBitVideoAccelerator"="E:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe" [ ]
"Userinit"="C:\WINDOWS\system32\cologsver.exe" [ ]
"mobiswing"="C:\PROGRA~1\VIRTUA~2\VDJP.exe" [2007-11-25 17:58 36864]
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 19:21 57344]
"Barsaka"="e explorer.exe" []
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38 866816]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-08 02:28 249896]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 16:09 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoLogOff"= 1 (0x1)
"NoSetFolders"= 1 (0x1)
"DisallowRun"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun]
"1"= cmd.exe
"2"= mmc.exe
"3"= rstrui.exe
"4"= regedit.exe
"5"= regedt32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]

R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys [2005-04-26 03:22]
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2004-08-19 16:10]
S2 sbbotdi;sbbotdi;E:\PROGRA~1\SPEEDB~1\sbbotdi.sys []
S2 VideoAcceleratorService;VideoAcceleratorService;E:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe -start []
S3 ComFiltr;Panda Anti-Dialer;C:\WINDOWS\system32\DRIVERS\COMFiltr.sys []
S3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys []
S3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys []
S3 ST330;ST330;C:\WINDOWS\system32\drivers\st330.sys [2005-11-17 13:17]
S3 STBUS;STBUS;C:\WINDOWS\system32\drivers\stbus.sys [2005-11-17 13:17]
S3 STETH;SpeedTouch Ethernet Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\steth.sys [2007-11-23 19:52]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
\Shell\AutoRun\command - C:\i.cmd
\Shell\explore\Command - C:\i.cmd
\Shell\open\Command - C:\i.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\i.cmd
\Shell\explore\Command - E:\i.cmd
\Shell\open\Command - E:\i.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0310e481-9ce4-11dc-afb5-000e509ec6d9}]
\Shell\AutoOpen\command - H:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{03443dae-58fd-11da-9da8-000e509ec6d9}]
\Shell\Auto\command - H:\auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07b00dc4-b65a-11dc-bc5b-000e509ec6d9}]
\Shell\AutoRun\command - D:\fooool.exe
\Shell\explore\Command - D:\fooool.exe
\Shell\open\Command - D:\fooool.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0dd59e6b-5481-11da-8147-000e509ec6d9}]
\Shell\Auto\command - D:\auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1a65b4b6-ba0e-11dc-b247-000e509ec6d9}]
\Shell\AutoRun\command - D:\awda2.exe
\Shell\explore\Command - D:\awda2.exe
\Shell\open\Command - D:\awda2.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{27c86dc8-579b-11da-8af5-000e509ec6d9}]
\Shell\Auto\command - I:\auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{49a4c0d6-9de7-11dc-afba-000e509ec6d9}]
\Shell\Auto\command - wscript "Sex City.jpg.wsf"
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "Sex City.jpg.wsf"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4da81968-b22a-11dc-9d8f-000e509ec6d9}]
\Shell\AutoRun\command - H:\fooool.exe
\Shell\explore\Command - H:\fooool.exe
\Shell\open\Command - H:\fooool.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5e02bfc5-56cc-11da-8ae9-000e509ec6d9}]
\Shell\AutoOpen\command - K:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5e5a7e08-b9e7-11dc-bc67-000e509ec6d9}]
\Shell\Auto\command - wscript "Sex City.jpg.wsf"
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "Sex City.jpg.wsf"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{70041877-55d5-11da-814b-0016ec69bd1d}]
\Shell\AutoRun\command - F:\ntde1ect.com
\Shell\explore\Command - F:\ntde1ect.com
\Shell\open\Command - F:\ntde1ect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{808ecb3e-d272-11dc-bebf-000e509ec6d9}]
\Shell\AutoRun\command - F:\i.cmd
\Shell\explore\Command - F:\i.cmd
\Shell\open\Command - F:\i.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8092ac20-52ce-11da-99f5-0016ec69bd1d}]
\Shell\Auto\command - H:\auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8092b1ef-52ce-11da-99f5-0016ec69bd1d}]
\Shell\Auto\command - H:\auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ac493902-a031-11dc-afd0-000e509ec6d9}]
\Shell\Auto\command - wscript "Sex City.jpg.wsf"
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "Sex City.jpg.wsf"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad166175-590d-11da-9da9-000e509ec6d9}]
\Shell\Auto\command - D:\auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b21d0dc0-9e90-11dc-afc5-000e509ec6d9}]
\Shell\AutoRun\command - F:\xn1i9x.com
\Shell\explore\Command - F:\xn1i9x.com
\Shell\open\Command - F:\xn1i9x.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bb1ee985-55e0-11da-8150-000e509ec6d9}]
\Shell\Auto\command - D:\auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e835578e-d35e-11dc-92c6-806d6172696f}]
\Shell\AutoRun\command - D:\i.cmd
\Shell\explore\Command - D:\i.cmd
\Shell\open\Command - D:\i.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1c74b22-9f24-11dc-afc9-000e509ec6d9}]
\Shell\AutoRun\command - i.cmd
\Shell\explore\Command - i.cmd
\Shell\open\Command - i.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb890658-5464-11da-8145-806d6172696f}]
\Shell\Auto\command - D:\auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb890659-5464-11da-8145-806d6172696f}]
\Shell\Auto\command - I:\auto.exe
\Shell\AutoOpen\command - I:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-01-27 08:47:46 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-28 21:22:00 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2007-11-25 17:31:34 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-02-08 22:26:03 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"

Réponse 37 / 98

ep44 Messages postés 7432 Statut Contributeur 3

Bonjour refais hijack stp
ainsi que clean en option 2et en mode sans echec et pote le rapport
@+

Réponse 38 / 98

int main Messages postés 80 Statut Membre 3

Bonjour Ep44
rapport hijacthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:27, on 2008-02-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\VIRTUA~2\VDJP.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ViOrb\ViOrb.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\CreativesFiles\Shareaza.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Ascentive\Performance Center\ApcMain.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
E:\eMule\emule.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
R3 - URLSearchHook: Secured_eMule toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSecu.dll
R3 - URLSearchHook: torrent_search toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC.dll (file missing)
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\CreativesFiles\Plugins\RazaWebHook.dll
O2 - BHO: Secured_eMule toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSecu.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: torrent_search toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
O2 - BHO: (no name) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
O3 - Toolbar: Secured_eMule toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSecu.dll
O3 - Toolbar: torrent_search toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SpeedBitVideoAccelerator] "E:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
O4 - HKLM\..\Run: [Userinit] C:\WINDOWS\system32\cologsver.exe
O4 - HKLM\..\Run: [mobiswing] C:\PROGRA~1\VIRTUA~2\VDJP.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Barsaka] e explorer.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ViOrb] C:\Program Files\ViOrb\ViOrb.exe
O4 - HKCU\..\Run: [WinButler] C:\Documents and Settings\Enyce.ANICE\Application Data\WinButler\WinButler.exe
O4 - HKCU\..\Run: [IDMan] D:\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Shareaza] "C:\CreativesFiles\Shareaza.exe" -tray
O4 - HKCU\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\aro.exe -rem
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [eMuleAutoStart] E:\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Download all links with IDM - D:\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - D:\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with &Shareaza - res://C:\CreativesFiles\Plugins\RazaWebHook.dll/3000
O8 - Extra context menu item: Download with IDM - D:\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{DB0F1B17-7C77-4958-BA40-6EDD59D700A7}: NameServer = 206.82.130.195 209.244.0.3
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - D:\Ares\chatServer.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: VideoAcceleratorService - Unknown owner - E:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe (file missing)
O24 - Desktop Component 0: (no name) - http://www.bahai-biblio.org/...

Réponse 39 / 98

int main Messages postés 80 Statut Membre 3

et rapport clean

Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 2008-02-09 a 13:35:41.60

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32

Réponse 40 / 98

ep44 Messages postés 7432 Statut Contributeur 3

maintenant on va faire un scan en ligne

avec bitdefender et colle le rapport

https://www.bitdefender.com/toolbox/

un tuto
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
@+

Torjan

98 réponses

Votre réponse

Discussions similaires

Newsletters