Probleme privacy_danger...au secours !!

armmani Messages postés 29 Statut Membre -  
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   -
Bonjour,
j'ai un message d'erreur qui s'affiche...'file:///c:/windows/privacy_danger/index.htm' fichier introuvable.... c'est l'horreur mon bureau est tout blanc..impossible de mettre un arriere plan..et mon pc rame..
quelqu'un peut il m'aider ??

Merci d'avance..
Configuration: Windows XP
Internet Explorer 7.0

16 réponses

  1. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Salut,

    - Télécharge SmitfraudFix (de de S!Ri, balltrap34 et moe31) :
    http://siri.urz.free.fr/Fix/SmitfraudFix.exe ou http://www.geekstogo.com/forum/files/file/6-smitfraudfix/

    - Enregistre-le sur le bureau

    - Double-clique sur SmitfraudFix.exe et choisis l'option 1 puis Entrée

    - Un rapport sera généré, poste-le dans ta prochaine réponse.

    [*] process.exe est détecté par certains antivirus comme étant un risktool. Il ne s'agit pas d'un virus mais d'un utilitaire destiné à mettre fin à des processus.[*]

    ** Ne fais l'étape 2 que si on te le demande, on doit d'abord examiner le premier rapport de SmitfraudFix
    0
  2. armmani Messages postés 29 Statut Membre
     
    voici le rapport...désolé...ça met du temps mon pc rame enormémént...

    SmitFraudFix v2.329

    Rapport fait à 20:52:08.14, 2008-07-08
    Executé à partir de C:\Documents and Settings\ludo\Bureau\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Le type du système de fichiers est NTFS
    Fix executé en mode normal

    »»»»»»»»»»»»»»»»»»»»»»»» Process

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
    C:\Program Files\Securitoo\av_fw\fswsclds.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\CASIO\Photo Loader\Plauto.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\cmd.exe

    »»»»»»»»»»»»»»»»»»»»»»»» hosts

    Fichier hosts corrompu !

    127.0.0.1 www.legal-at-spybot.info
    127.0.0.1 legal-at-spybot.info

    »»»»»»»»»»»»»»»»»»»»»»»» C:\

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\ludo

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\ludo\Application Data

    »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ludo\Favoris

    »»»»»»»»»»»»»»»»»»»»»»»» Bureau

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

    »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

    »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="file:///C:\\WINDOWS\\privacy_danger\\index.htm"
    "SubscribedURL"=""
    "FriendlyName"="Privacy Protection"

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Ma page d'accueil"

    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» VACFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» 404Fix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    404Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
    "System"=""

    »»»»»»»»»»»»»»»»»»»»»»»» Rustock

    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    Description: 802.11 USB Wireless LAN Adapter #3 - Miniport d'ordonnancement de paquets
    DNS Server Search Order: 192.168.1.1

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{B6C01047-2B33-435F-8F11-AE708B822CE9}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{B6C01047-2B33-435F-8F11-AE708B822CE9}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{B6C01047-2B33-435F-8F11-AE708B822CE9}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

    »»»»»»»»»»»»»»»»»»»»»»»» Fin
    0
  3. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    - Redémarre ton ordinateur en mode sans échec :
    https://blog.sosordi.net/

    - Double-clique sur SmitfraudFix.exe, choisis l'option 2 et Entrée

    - Réponds O(oui) à ces deux questions si elles te sont posées

    Voulez-vous nettoyer le registre ?
    Corriger le fichier infecté ?

    - Un rapport sera généré, sauvegarde-le sur le bureau

    - Redémarre en mode normal

    - Poste lle rapport SmitfraudFix et un nouveau rapport HijackThis.
    0
  4. armmani Messages postés 29 Statut Membre
     
    ..ok j'arrive mettre un arriere plan et mon pc rame beaucoup moins...
    pas reusi a mettre le rapport option 2......

    que dois je faire ??
    le probleme est il reglé ?
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    - Télécharge et installe MalwareByte's Anti-Malware :
    http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm

    - Mets-le à jour

    - Redémarre en mode sans échec (Recommandé) :
    https://www.malekal.com/demarrer-windows-mode-sans-echec/

    - Choisis ta session habituelle

    - Fais un scan complet avec MalwareByte's Anti-Malware

    - Supprime tout ce que le logiciel trouve, enregistre le rapport

    - Redémarre en mode normal et poste le rapport ici

    Tutorial :
    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    0
  7. armmani Messages postés 29 Statut Membre
     
    voici le rapport :

    Malwarebytes' Anti-Malware 1.20
    Version de la base de données: 932
    Windows 5.1.2600 Service Pack 2

    14:35:16 2008-07-09
    mbam-log-7-9-2008 (14-35-16).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 114911
    Temps écoulé: 1 hour(s), 46 minute(s), 0 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 1
    Clé(s) du Registre infectée(s): 10
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 6

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\tuvWnonm.dll (Trojan.Vundo) -> Unloaded module successfully.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{33da9e3c-935e-4ec2-977d-afe3a3b5e727} (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33da9e3c-935e-4ec2-977d-afe3a3b5e727} (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvwnonm (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\sqvgnrpx.bbpq (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\sqvgnrpx.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{33da9e3c-935e-4ec2-977d-afe3a3b5e727} (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\fdxbameg (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\fsrpknov (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP68\A0020969.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP68\A0021042.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP68\A0021058.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\ebaq.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\tuvWnonm.dll (Trojan.Vundo) -> Delete on reboot.
    C:\WINDOWS\gpefaowr.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    0
  8. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Relance MAM, va dans Quarantaine et supprime tout

    - Télécharge HijackThis V 2.02 (HijackThis Installer) :
    http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

    - Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

    - Clique sur Install ensuite sur I Accept

    - Clique sur Do a scan system and save log file

    - Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
    0
  9. armmani Messages postés 29 Statut Membre
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:15:33, on 2008-07-09
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
    C:\Program Files\Securitoo\av_fw\fswsclds.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\CASIO\Photo Loader\Plauto.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wuauclt.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {33DA9E3C-935E-4EC2-977D-AFE3A3B5E727} - C:\WINDOWS\system32\tuvWnonm.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: (no name) - {C90BCD88-8C6A-4733-8523-A607F1C1373E} - C:\WINDOWS\system32\tuvUlJCt.dll (file missing)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: sqvgnrpx - {1BFB720F-B45D-43FF-8AE1-54C86718DE99} - C:\WINDOWS\sqvgnrpx.dll (file missing)
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Supervision de Photo Loader.lnk = C:\Program Files\CASIO\Photo Loader\Plauto.exe
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
    O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
    O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://jeux.wanadoo.fr/online2/zuma/zylomgamesplayer.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
    O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://wanadoofr.oberon-media.com/online2/diner_dash/DinerDash.1.0.0.58.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
    O20 - Winlogon Notify: tuvWnonm - C:\WINDOWS\SYSTEM32\tuvWnonm.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe
    O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
    0
  10. armmani Messages postés 29 Statut Membre
     
    que dois je faire maintenant?
    0
  11. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    T'es infecté par Vundo.

    ---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    /!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

    ---> Double-clique sur Combofix.exe
    Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
    Accepte en cliquant sur "Oui"

    ---> Mets-le en langue française F
    Tape sur la touche 1 (Yes) pour démarrer le scan.

    /!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

    En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

    Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

    /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

    Note : Le rapport se trouve également là : C:\ComboFix.txt
    0
  12. armmani Messages postés 29 Statut Membre
     
    Et voila le rapport :

    ComboFix 08-07-08.9 - ludo 2008-07-09 19:19:07.3 - NTFSx86
    Endroit: C:\Documents and Settings\ludo\Bureau\ComboFix.exe

    [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ---- Previous Run -------
    .
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\cup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\customer_cup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\heart.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_down.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_up.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\plates.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\ticket.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\tray.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\music\mainmenumusic.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_bring_check_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_diner.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_food_ready_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_gain_heart_1.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_pencil_write_2.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_rollover_1.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_seat_people_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\choosedifficulty.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\credits.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\flo_lose.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\flo_win.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\help1.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\help2.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\highscores.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelintro.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelintro_mask.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelover.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelover_mask.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\mainmenu.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\popup.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\popup_mask.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upgradegrid.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upgradetitle.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upsell.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowleft_blue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowleft_yellow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowright_blue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowright_yellow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\back_blue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\back_yellow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backchalk.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backchalkup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backtomenu_blue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backtomenu_yellow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\cancel.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\cancelup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\career.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\career_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\close.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\closeup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\continue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\continueover.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\credits_blue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\credits_yellow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\download_blue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\download_yellow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\easy.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\easy_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\endlessshift.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\endlessshift_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\hard.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\hard_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\help.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\help_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\highscores.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\highscores_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\instructions_blue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\instructions_yellow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\letsplay.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\letsplayover.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\medium.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\medium_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\moreinfo.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\moreinfoup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\off.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\off_on.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\on.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\on_on.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\pause.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\pauseover.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quit.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitgame.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitgameover.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitover.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\resumegame.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\resumegameover.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\submit.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\submitup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\tryagain.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\tryagainover.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\upgrade_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\upgrade_up.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewglobal.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewglobalup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewhighscore.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewhighscoreon.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewlocal.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewlocalup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\comics\webcomic.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\career.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\customer.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\endless.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\global.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\powerups.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\cook.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\cook.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\stove.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\arrow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\click.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\click2.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\grab.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\open.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\idle.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\idle.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\lower.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\lower.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\upper.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\upper.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts\arial.mvec
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts\komikaaxis.mvec
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\chair.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\chair.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dirt2top.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dirt4top.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dishcart.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dishcart.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_off.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_on1.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_on2.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\ticketstation.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\ticketstation.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowdown.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowdownon.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowleft.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowlefton.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowright.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowrighton.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowupon.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\p1icon.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\textedit.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\title.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_a.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_b.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_c.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_a.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_b.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_c.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_d.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_a.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_b.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_c.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_d.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\fifth_level_diner.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\first_level_diner.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\fourth_level_diner.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\second_level_diner.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\playfirst_logo.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\background.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food1.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food1.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food2.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food2.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food3.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food3.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\frames\upgrade_0001.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\2top.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\2top.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\4top.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\4top.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\upgrades.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\tableshadow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\choosedifficulty.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\chooseplayer.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\chooserestaurant.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\credits.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\game.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\gothighscore.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\help.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\help2.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscore.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscoreinfo.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscoresubmit.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\levelintro.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\levelover.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\loading.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\mainloop.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\mainmenu.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\ok.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\pause.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\style.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\tutorialintro.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\upgrade.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\upsell.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\webcomic.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\yesno.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash\gamelabsplash.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash\playfirst_logo.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\strings.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\angersmoke.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\angersmoke.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\chairflags.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\chairflags.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\check.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\checkmark.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\clock.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\closed.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\closingtime.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\coinflip.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\coinflip.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\dollar.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\coffee.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\tables.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\wallpaper.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\expert.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\expertscore.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\foodpoof.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\foodpoof.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\fork_timer.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\goalcompleted.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\heartgrow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\heartgrow.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\jar.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\jar.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\level.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\level_career.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\score.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\sound.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\staroff.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\staron.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tablenumber.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tablenumberup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\traynumber.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorial_character.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorialarrow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorialbox.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgradeanim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgradeanim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\drinks.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\maitred.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\oven.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\select.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\shoes.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\stereo.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\table.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\dinerdash.exe
    C:\WINDOWS\Downloaded Program Files\USDR6V_0002_D17M2407NetInstaller.exe
    C:\WINDOWS\system32\drivers\fad.sys
    C:\WINDOWS\system32\oeminfo.ini
    C:\WINDOWS\system32\tCJlUvut.ini
    C:\WINDOWS\system32\tCJlUvut.ini2
    C:\WINDOWS\system32\tuvWnonm.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_npf

    ((((((((((((((((((((((((((((( Fichiers créés 2008-06-09 to 2008-07-09 ))))))))))))))))))))))))))))))))))))
    .

    2008-07-08 22:51 . 2008-07-08 22:51 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2008-07-08 22:50 . 2004-08-20 11:30 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
    2008-07-08 22:50 . 2004-08-20 11:30 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
    2008-07-08 22:50 . 2004-08-20 11:30 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
    2008-07-08 22:50 . 2004-08-20 11:42 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
    2008-07-08 22:50 . 2004-08-20 11:30 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
    2008-07-08 22:50 . 2005-04-19 04:15 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
    2008-07-08 22:50 . 2005-04-19 04:16 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
    2008-07-08 22:50 . 2005-04-19 04:16 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\You've Got Pictures Screensaver
    2008-07-08 22:50 . 2005-04-19 04:19 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Jasc Software Inc
    2008-07-08 22:50 . 2008-07-08 22:50 <REP> d-------- C:\Documents and Settings\Administrateur
    2008-07-08 22:44 . 2008-07-08 22:44 <REP> d-------- C:\Documents and Settings\ludo\Application Data\Malwarebytes
    2008-07-08 22:43 . 2008-07-08 22:45 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-07-08 22:43 . 2008-07-08 22:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-07-08 22:43 . 2008-07-07 17:35 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-07-08 22:43 . 2008-07-07 17:35 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-07-08 21:03 . 2008-07-08 22:02 2,036 --a------ C:\WINDOWS\system32\tmp.reg
    2008-07-08 20:43 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
    2008-07-08 20:43 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
    2008-07-08 20:43 . 2008-05-29 09:35 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
    2008-07-08 20:43 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
    2008-07-08 20:43 . 2008-07-02 13:33 82,432 --a------ C:\WINDOWS\system32\IEDFix.C.exe
    2008-07-08 20:43 . 2008-05-23 18:21 81,920 --a------ C:\WINDOWS\system32\404Fix.exe
    2008-07-08 20:43 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2008-07-08 20:43 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
    2008-07-08 20:43 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
    2008-07-06 20:18 . 2008-07-06 20:18 <REP> d-------- C:\Documents and Settings\ludo\Application Data\vlc
    2008-07-06 19:12 . 2008-07-07 20:43 <REP> d-------- C:\Program Files\VideoLAN
    2008-07-01 19:42 . 2008-03-05 15:56 3,786,760 --a------ C:\WINDOWS\system32\D3DX9_37.dll
    2008-07-01 19:41 . 2008-07-01 19:41 <REP> d-------- C:\WINDOWS\Logs
    2008-07-01 19:40 . 2008-07-01 19:40 <REP> d--h-c--- C:\Documents and Settings\All Users\Application Data\{D69E3569-8909-42B8-ACE5-A7351D3562E2}
    2008-07-01 19:25 . 2008-07-01 19:25 <REP> d-------- C:\Program Files\Utherverse Digital Inc
    2008-06-24 17:40 . 2008-06-24 17:40 <REP> d-------- C:\Documents and Settings\ludo\Application Data\Flood Light Games
    2008-06-24 17:40 . 2008-06-24 17:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Flood Light Games
    2008-06-24 17:38 . 2008-06-24 17:38 <REP> d-------- C:\Program Files\GamesBar
    2008-06-24 17:38 . 2008-06-24 17:38 <REP> d-------- C:\Program Files\Fichiers communs\Oberon Media

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-07-09 16:50 88,576 ----a-w C:\WINDOWS\Internet Logs\xDB57.tmp
    2008-07-07 22:00 983,552 ----a-w C:\WINDOWS\Internet Logs\xDB55.tmp
    2008-07-07 22:00 2,238,464 ----a-w C:\WINDOWS\Internet Logs\xDB56.tmp
    2008-06-30 17:35 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-06-26 19:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
    2008-06-26 19:43 --------- d-----w C:\Documents and Settings\ludo\Application Data\Calendrier Xtra
    2008-06-18 13:37 --------- d-----w C:\Program Files\Yahoo!
    2008-06-14 22:43 729,088 ----a-w C:\WINDOWS\Internet Logs\xDB54.tmp
    2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
    2008-06-02 21:42 100,864 ----a-w C:\WINDOWS\Internet Logs\xDB53.tmp
    2008-06-01 21:35 169,472 ----a-w C:\WINDOWS\Internet Logs\xDB52.tmp
    2008-05-30 12:19 507,400 ----a-w C:\WINDOWS\system32\XAudio2_1.dll
    2008-05-30 12:18 238,088 ----a-w C:\WINDOWS\system32\xactengine3_1.dll
    2008-05-30 12:17 65,032 ----a-w C:\WINDOWS\system32\XAPOFX1_0.dll
    2008-05-30 12:17 25,608 ----a-w C:\WINDOWS\system32\X3DAudio1_4.dll
    2008-05-30 12:11 467,984 ----a-w C:\WINDOWS\system32\d3dx10_38.dll
    2008-05-30 12:11 3,850,760 ----a-w C:\WINDOWS\system32\D3DX9_38.dll
    2008-05-30 12:11 1,491,992 ----a-w C:\WINDOWS\system32\D3DCompiler_38.dll
    2008-05-29 21:58 304,128 ----a-w C:\WINDOWS\Internet Logs\xDB51.tmp
    2008-05-25 10:17 80,384 ----a-w C:\WINDOWS\Internet Logs\xDB50.tmp
    2008-05-23 21:35 47,104 ----a-w C:\WINDOWS\Internet Logs\xDB4F.tmp
    2008-05-22 21:47 49,152 ----a-w C:\WINDOWS\Internet Logs\xDB4E.tmp
    2008-05-22 09:28 45,056 ----a-w C:\WINDOWS\Internet Logs\xDB4D.tmp
    2008-05-21 23:29 173,056 ----a-w C:\WINDOWS\Internet Logs\xDB4C.tmp
    2008-05-19 21:26 51,712 ----a-w C:\WINDOWS\Internet Logs\xDB4B.tmp
    2008-05-19 09:32 45,056 ----a-w C:\WINDOWS\Internet Logs\xDB4A.tmp
    2008-05-18 21:55 266,752 ----a-w C:\WINDOWS\Internet Logs\xDB49.tmp
    2008-05-15 11:55 328,704 ----a-w C:\WINDOWS\Internet Logs\xDB48.tmp
    2008-05-12 20:57 210,432 ----a-w C:\WINDOWS\Internet Logs\xDB47.tmp
    2008-05-08 21:47 114,688 ----a-w C:\WINDOWS\Internet Logs\xDB46.tmp
    2008-05-07 10:34 26,624 ----a-w C:\WINDOWS\Internet Logs\xDB45.tmp
    2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2008-05-07 00:14 332,288 ----a-w C:\WINDOWS\Internet Logs\xDB44.tmp
    2008-05-02 23:02 142,848 ----a-w C:\WINDOWS\Internet Logs\xDB43.tmp
    2008-04-30 23:09 351,744 ----a-w C:\WINDOWS\Internet Logs\xDB42.tmp
    2008-04-28 17:06 141,312 ----a-w C:\WINDOWS\Internet Logs\xDB41.tmp
    2008-04-26 22:12 311,296 ----a-w C:\WINDOWS\Internet Logs\xDB40.tmp
    2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-04-22 15:59 67,584 ----a-w C:\WINDOWS\Internet Logs\xDB3F.tmp
    2008-04-21 09:21 37,376 ----a-w C:\WINDOWS\Internet Logs\xDB3E.tmp
    2008-04-20 21:24 337,408 ----a-w C:\WINDOWS\Internet Logs\xDB3D.tmp
    2008-04-15 22:28 89,088 ----a-w C:\WINDOWS\Internet Logs\xDB3C.tmp
    2008-04-14 21:09 283,136 ----a-w C:\WINDOWS\Internet Logs\xDB3B.tmp
    2008-04-13 19:46 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
    2008-04-11 20:36 49,664 ----a-w C:\WINDOWS\Internet Logs\xDB3A.tmp
    2008-04-10 21:44 238,592 ----a-w C:\WINDOWS\Internet Logs\xDB39.tmp
    2006-06-20 17:43 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    2006-05-26 23:47 774,144 -c--a-w C:\Program Files\RngInterstitial.dll
    2005-04-27 17:17 442,173 --sh--w C:\WINDOWS\msagent\crba.bak1
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C90BCD88-8C6A-4733-8523-A607F1C1373E}]
    C:\WINDOWS\system32\tuvUlJCt.dll [BU]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{1BFB720F-B45D-43FF-8AE1-54C86718DE99}"= "C:\WINDOWS\sqvgnrpx.dll" [BU]

    [HKEY_CLASSES_ROOT\clsid\{1bfb720f-b45d-43ff-8ae1-54c86718de99}]
    [HKEY_CLASSES_ROOT\sqvgnrpx.1]
    [HKEY_CLASSES_ROOT\TypeLib\{4FD5D703-3426-4B22-BA98-D092B8D06136}]
    [HKEY_CLASSES_ROOT\sqvgnrpx]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 10:59 204288]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02 919280]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
    "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-10-19 08:59 155648]
    "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-19 08:59 126976]
    "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 13:00 110592 C:\WINDOWS\system32\bthprops.cpl]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Supervision de Photo Loader.lnk - C:\Program Files\CASIO\Photo Loader\Plauto.exe [2007-12-25 23:59:08 217088]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3codec"= l3codecp.acm
    "VIDC.YV12"= yv12vfw.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
    backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Supervision de Photo Loader.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Supervision de Photo Loader.lnk
    backup=C:\WINDOWS\pss\Supervision de Photo Loader.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^TrayMin.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\TrayMin.lnk
    backup=C:\WINDOWS\pss\TrayMin.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath]
    --a------ 2004-06-09 16:37 40960 C:\WINDOWS\VM_STI.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
    C:\Program Files\CCleaner\ccleaner.exe [BU]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
    --------- 2004-10-12 16:54 57344 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM]
    --a------ 2003-09-03 21:12 221184 C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    --a------ 2007-08-15 20:15 271672 C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OSCD_Creator]
    --a------ 2004-10-31 12:21 408576 c:\dell\PREODM.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2007-06-29 06:24 286720 C:\Program Files\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
    -ra------ 2005-10-26 17:17 159744 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
    --a------ 2004-10-14 20:42 1404928 C:\Program Files\Analog Devices\Core\smax4pnp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2003-11-19 18:48 32881 C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    --------- 2006-11-03 10:59 204288 C:\Program Files\Windows Media Player\wmpnscfg.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
    R2 Fswsclds;F-Secure Windows Security Center Legacy Detection Service;C:\Program Files\Securitoo\av_fw\fswsclds.exe [2006-06-29 20:23]
    R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 11:12]
    S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\WINDOWS\system32\DRIVERS\ManyCam.sys []
    S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 10:42]
    S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 10:42]
    S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 10:42]
    S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 10:42]
    S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 10:42]
    S4 Boonty Games;Boonty Games;C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe []

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2005-04-23 22:45:12 C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2008-07-09 17:15:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-07-09 19:26:42
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-07-09 19:35:45
    ComboFix-quarantined-files.txt 2008-07-09 17:35:26

    Pre-Run: 59,551,649,792 octets libres
    Post-Run: 59,533,791,232 octets libres

    506 --- E O F --- 2008-06-20 21:00:40
    0
  13. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Télécharge le fichier CFScript et enregistre-le sur ton bureau :
    http://www.zshare.net/

    ---> Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :
    http://img.photobucket.com/albums/v666/sUBs/CFScript.gif

    [*] Une fenêtre bleue va apparaître : au message qui apparaît (Type 1 to continue, or 2 to abort), tape 1 puis valide.

    [*] Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
    Ne touche à rien tant que le scan n'est pas terminé.

    [*] Une fois le scan achevé, un rapport va s'afficher : poste-le

    [*] Si le fichier ne s'ouvre pas, il se trouve ici C:\ComboFix.txt
    0
  14. armmani Messages postés 29 Statut Membre
     
    voila le rapport :

    ComboFix 08-07-09.5 - ludo 2008-07-10 12:32:17.3 - NTFSx86
    Endroit: C:\Documents and Settings\ludo\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\ludo\Bureau\cfscript.txt
    * Création d'un nouveau point de restauration

    [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\GamesBar
    C:\Program Files\GamesBar\Localization-French.ini
    .
    ---- Previous Run -------
    .
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\system32\ahbdvlvx.dll
    C:\WINDOWS\system32\khfGaxyY.dll
    C:\WINDOWS\system32\oeminfo.ini
    C:\WINDOWS\system32\xvlvdbha.ini
    C:\WINDOWS\system32\YyxaGfhk.ini
    C:\WINDOWS\system32\YyxaGfhk.ini2

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-06-10 to 2008-07-10 ))))))))))))))))))))))))))))))))))))
    .

    2008-07-09 23:25 . 2008-07-09 23:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Adsl Software Ltd
    2008-07-09 22:53 . 2008-07-09 22:53 112,256 --a------ C:\WINDOWS\system32\xdtshc.dll
    2008-07-09 22:53 . 2008-07-09 22:53 112,256 --a------ C:\WINDOWS\system32\wlqugqek.dll
    2008-07-09 22:33 . 2008-07-09 22:33 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-07-09 22:33 . 2008-07-09 22:33 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-07-09 21:41 . 2008-07-09 22:40 <REP> d-------- C:\RECYCLER(2)
    2008-07-08 22:51 . 2008-07-08 22:51 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2008-07-08 22:50 . 2004-08-20 11:30 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
    2008-07-08 22:50 . 2004-08-20 11:30 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
    2008-07-08 22:50 . 2004-08-20 11:30 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
    2008-07-08 22:50 . 2004-08-20 11:42 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
    2008-07-08 22:50 . 2004-08-20 11:30 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
    2008-07-08 22:50 . 2005-04-19 04:15 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
    2008-07-08 22:50 . 2005-04-19 04:16 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
    2008-07-08 22:50 . 2005-04-19 04:16 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\You've Got Pictures Screensaver
    2008-07-08 22:50 . 2005-04-19 04:19 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Jasc Software Inc
    2008-07-08 22:50 . 2008-07-09 22:42 <REP> d-------- C:\Documents and Settings\Administrateur
    2008-07-08 22:44 . 2008-07-08 22:44 <REP> d-------- C:\Documents and Settings\ludo\Application Data\Malwarebytes
    2008-07-08 22:43 . 2008-07-08 22:45 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-07-08 22:43 . 2008-07-08 22:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-07-08 22:43 . 2008-07-07 17:35 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-07-08 22:43 . 2008-07-07 17:35 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-07-08 21:03 . 2008-07-08 22:02 2,036 --a------ C:\WINDOWS\system32\tmp.reg
    2008-07-08 20:43 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
    2008-07-08 20:43 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
    2008-07-08 20:43 . 2008-05-29 09:35 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
    2008-07-08 20:43 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
    2008-07-08 20:43 . 2008-07-02 13:33 82,432 --a------ C:\WINDOWS\system32\IEDFix.C.exe
    2008-07-08 20:43 . 2008-05-23 18:21 81,920 --a------ C:\WINDOWS\system32\404Fix.exe
    2008-07-08 20:43 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2008-07-08 20:43 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
    2008-07-08 20:43 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
    2008-07-08 17:53 . 2008-07-08 19:35 933 --ahs---- C:\WINDOWS\system32\tCJlUvut.ini
    2008-07-07 23:11 . 2008-07-07 23:11 28,288 --a------ C:\WINDOWS\system32\tuvWnonm.dll
    2008-07-06 20:18 . 2008-07-06 20:18 <REP> d-------- C:\Documents and Settings\ludo\Application Data\vlc
    2008-07-06 19:12 . 2008-07-07 20:43 <REP> d-------- C:\Program Files\VideoLAN
    2008-07-01 19:42 . 2008-03-05 15:56 3,786,760 --a------ C:\WINDOWS\system32\D3DX9_37.dll
    2008-07-01 19:41 . 2008-07-01 19:41 <REP> d-------- C:\WINDOWS\Logs
    2008-07-01 19:40 . 2008-07-01 19:40 <REP> d--h-c--- C:\Documents and Settings\All Users\Application Data\{D69E3569-8909-42B8-ACE5-A7351D3562E2}
    2008-07-01 19:25 . 2008-07-01 19:25 <REP> d-------- C:\Program Files\Utherverse Digital Inc
    2008-06-24 17:40 . 2008-06-24 17:40 <REP> d-------- C:\Documents and Settings\ludo\Application Data\Flood Light Games
    2008-06-24 17:40 . 2008-06-24 17:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Flood Light Games
    2008-06-24 17:38 . 2008-06-24 17:38 <REP> d-------- C:\Program Files\Fichiers communs\Oberon Media

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-07-10 09:52 171,008 ----a-w C:\WINDOWS\Internet Logs\xDB59.tmp
    2008-07-09 16:50 88,576 ----a-w C:\WINDOWS\Internet Logs\xDB57.tmp
    2008-07-09 16:37 2,260,480 ----a-w C:\WINDOWS\Internet Logs\xDB58.tmp
    2008-07-07 22:00 983,552 ----a-w C:\WINDOWS\Internet Logs\xDB55.tmp
    2008-07-07 22:00 2,238,464 ----a-w C:\WINDOWS\Internet Logs\xDB56.tmp
    2008-06-30 17:35 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-06-26 19:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
    2008-06-26 19:43 --------- d-----w C:\Documents and Settings\ludo\Application Data\Calendrier Xtra
    2008-06-18 13:37 --------- d-----w C:\Program Files\Yahoo!
    2008-06-14 22:43 729,088 ----a-w C:\WINDOWS\Internet Logs\xDB54.tmp
    2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
    2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\dllcache\bthport.sys
    2008-06-02 21:42 100,864 ----a-w C:\WINDOWS\Internet Logs\xDB53.tmp
    2008-06-01 21:35 169,472 ----a-w C:\WINDOWS\Internet Logs\xDB52.tmp
    2008-05-30 12:19 507,400 ----a-w C:\WINDOWS\system32\XAudio2_1.dll
    2008-05-30 12:18 238,088 ----a-w C:\WINDOWS\system32\xactengine3_1.dll
    2008-05-30 12:17 65,032 ----a-w C:\WINDOWS\system32\XAPOFX1_0.dll
    2008-05-30 12:17 25,608 ----a-w C:\WINDOWS\system32\X3DAudio1_4.dll
    2008-05-30 12:11 467,984 ----a-w C:\WINDOWS\system32\d3dx10_38.dll
    2008-05-30 12:11 3,850,760 ----a-w C:\WINDOWS\system32\D3DX9_38.dll
    2008-05-30 12:11 1,491,992 ----a-w C:\WINDOWS\system32\D3DCompiler_38.dll
    2008-05-29 21:58 304,128 ----a-w C:\WINDOWS\Internet Logs\xDB51.tmp
    2008-05-25 10:17 80,384 ----a-w C:\WINDOWS\Internet Logs\xDB50.tmp
    2008-05-23 21:35 47,104 ----a-w C:\WINDOWS\Internet Logs\xDB4F.tmp
    2008-05-22 21:47 49,152 ----a-w C:\WINDOWS\Internet Logs\xDB4E.tmp
    2008-05-22 09:28 45,056 ----a-w C:\WINDOWS\Internet Logs\xDB4D.tmp
    2008-05-21 23:29 173,056 ----a-w C:\WINDOWS\Internet Logs\xDB4C.tmp
    2008-05-19 21:26 51,712 ----a-w C:\WINDOWS\Internet Logs\xDB4B.tmp
    2008-05-19 09:32 45,056 ----a-w C:\WINDOWS\Internet Logs\xDB4A.tmp
    2008-05-18 21:55 266,752 ----a-w C:\WINDOWS\Internet Logs\xDB49.tmp
    2008-05-15 11:55 328,704 ----a-w C:\WINDOWS\Internet Logs\xDB48.tmp
    2008-05-12 20:57 210,432 ----a-w C:\WINDOWS\Internet Logs\xDB47.tmp
    2008-05-08 21:47 114,688 ----a-w C:\WINDOWS\Internet Logs\xDB46.tmp
    2008-05-08 12:28 202,752 ------w C:\WINDOWS\system32\dllcache\rmcast.sys
    2008-05-07 10:34 26,624 ----a-w C:\WINDOWS\Internet Logs\xDB45.tmp
    2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2008-05-07 05:15 1,293,824 ------w C:\WINDOWS\system32\dllcache\quartz.dll
    2008-05-07 00:14 332,288 ----a-w C:\WINDOWS\Internet Logs\xDB44.tmp
    2008-05-02 23:02 142,848 ----a-w C:\WINDOWS\Internet Logs\xDB43.tmp
    2008-04-30 23:09 351,744 ----a-w C:\WINDOWS\Internet Logs\xDB42.tmp
    2008-04-28 17:06 141,312 ----a-w C:\WINDOWS\Internet Logs\xDB41.tmp
    2008-04-26 22:12 311,296 ----a-w C:\WINDOWS\Internet Logs\xDB40.tmp
    2008-04-23 20:16 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2008-04-22 15:59 67,584 ----a-w C:\WINDOWS\Internet Logs\xDB3F.tmp
    2008-04-22 07:41 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2008-04-22 07:41 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
    2008-04-22 07:39 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2008-04-21 09:21 37,376 ----a-w C:\WINDOWS\Internet Logs\xDB3E.tmp
    2008-04-20 21:24 337,408 ----a-w C:\WINDOWS\Internet Logs\xDB3D.tmp
    2008-04-20 05:07 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
    2008-04-15 22:28 89,088 ----a-w C:\WINDOWS\Internet Logs\xDB3C.tmp
    2008-04-14 21:09 283,136 ----a-w C:\WINDOWS\Internet Logs\xDB3B.tmp
    2008-04-13 19:46 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
    2008-04-11 20:36 49,664 ----a-w C:\WINDOWS\Internet Logs\xDB3A.tmp
    2008-04-10 21:44 238,592 ----a-w C:\WINDOWS\Internet Logs\xDB39.tmp
    2006-06-20 17:43 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    2006-05-26 23:47 774,144 -c--a-w C:\Program Files\RngInterstitial.dll
    2005-04-27 17:17 442,173 --sh--w C:\WINDOWS\msagent\crba.bak1
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{33DA9E3C-935E-4EC2-977D-AFE3A3B5E727}]
    2008-07-07 23:11 28288 --a------ C:\WINDOWS\system32\tuvWnonm.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6cd181a9-3f86-4898-ab2f-5e7b15741488}]
    2008-07-09 22:53 112256 --a------ C:\WINDOWS\system32\xdtshc.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 10:59 204288]
    "WinSpywareProtect"="C:\Documents and Settings\All Users\Application Data\Adsl Software Ltd\WinSpywareProtect\Winspywareprotect.exe" [2008-07-09 23:26 1241600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02 919280]
    "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-10-19 08:59 155648]
    "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-19 08:59 126976]
    "d4e3bbf4"="C:\WINDOWS\system32\ahbdvlvx.dll" [BU]
    "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 13:00 110592 C:\WINDOWS\system32\bthprops.cpl]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Supervision de Photo Loader.lnk - C:\Program Files\CASIO\Photo Loader\Plauto.exe [2007-12-25 23:59:08 217088]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{33DA9E3C-935E-4EC2-977D-AFE3A3B5E727}"= "C:\WINDOWS\system32\tuvWnonm.dll" [2008-07-07 23:11 28288]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tuvWnonm]
    2008-07-07 23:11 28288 C:\WINDOWS\system32\tuvWnonm.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3codec"= l3codecp.acm
    "VIDC.YV12"= yv12vfw.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
    backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Supervision de Photo Loader.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Supervision de Photo Loader.lnk
    backup=C:\WINDOWS\pss\Supervision de Photo Loader.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^TrayMin.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\TrayMin.lnk
    backup=C:\WINDOWS\pss\TrayMin.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath]
    --a------ 2004-06-09 16:37 40960 C:\WINDOWS\VM_STI.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
    C:\Program Files\CCleaner\ccleaner.exe [BU]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
    --------- 2004-10-12 16:54 57344 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM]
    --a------ 2003-09-03 21:12 221184 C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    --a------ 2007-08-15 20:15 271672 C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OSCD_Creator]
    --a------ 2004-10-31 12:21 408576 c:\dell\PREODM.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
    -ra------ 2005-10-26 17:17 159744 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
    --a------ 2004-10-14 20:42 1404928 C:\Program Files\Analog Devices\Core\smax4pnp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    --------- 2006-11-03 10:59 204288 C:\Program Files\Windows Media Player\wmpnscfg.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2005-04-23 22:45:12 C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2008-07-10 10:15:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-07-10 12:42:05
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    **************************************************************************
    .
    --------------------- DLLs a chargé sous des processus courants ---------------------

    PROCESS: C:\WINDOWS\system32\winlogon.exe
    -> C:\WINDOWS\system32\tuvWnonm.dll
    .
    Temps d'accomplissement: 2008-07-10 12:55:54
    ComboFix-quarantined-files.txt 2008-07-10 10:54:40
    ComboFix2.txt 2008-07-09 17:35:49

    Pre-Run: 59,097,776,128 octets libres
    Post-Run: 59,093,504,000 octets libres

    226 --- E O F --- 2008-06-20 21:00:40
    0
  15. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Refais un coup de Malwarebytes' Anti-Malware.
    0
  16. armmani Messages postés 29 Statut Membre
     
    ca y est.... maintenant j'ai des pubs qui s'affichent sans arret....
    0
  17. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Tu as refait le scan avec MAM ?
    0