Redirection indésirable

jh.explorer Messages postés 23 Statut Membre -  
jh.explorer Messages postés 23 Statut Membre -
Bonjour,

gros souci de redirection avec IE. Pendant l'utilisation de ggogle ou autre moteur de recherche quand je clique un des liens de ma recherche, et bien, je tombe sur des site pas tres tres souhaité !!!

Merci pour votre aide !!
Configuration: Windows XP
Internet Explorer 7.0

6 réponses

  1. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Salut,

    - Télécharge HijackThis V 2.02 (HijackThis Installer) :
    http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

    - Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

    - Clique sur Install ensuite sur I Accept

    - Clique sur Do a scan system and save log file

    - Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
    0
  2. jh.explorer Messages postés 23 Statut Membre
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:01:29, on 07/08/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\PRESAR~1\Presario\XPHWWRP4\plugin\bin\pchbutton.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\IoctlSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - _{08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: WINXML2 Class - {314A5833-8490-4a3b-904A-110444F25E50} - C:\WINDOWS\wxmlua.dll
    O2 - BHO: {d101971b-95b3-4fca-bb14-947d4ef0b153} - {351b0fe4-d749-41bb-acf4-3b59b179101d} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7AE18E39-FBCA-4A77-9CAC-FBE5AC809027} - (no file)
    O2 - BHO: (no name) - {8444F263-2A79-4FB1-AC07-41B0A2FC7A95} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [Anti Trojan Elite] C:\Program Files\Anti Trojan Elite\TJEnder.exe :NO
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\PRESAR~1\Presario\XPHWWRP4\plugin\bin\pchbutton.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /M "Stylus DX4800" /EF "HKCU"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.1.1.0/ImageUploader5.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {CE74A05D-ED12-473A-97F8-85FB0E2F479F} (dlControl.UserControl1) - http://www.livemetallica.com/nugster/dlControl.CAB
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://jeuxentelechargement.orange.fr/online2/zuma/oberongamesloader.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6C623B2B-2931-4063-89F1-79A5DAD5C85E}: NameServer = 80.10.246.1,81.253.149.2
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    0
  3. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    - Télécharge et installe MalwareByte's Anti-Malware :
    http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm

    - Mets-le à jour

    - Redémarre en mode sans échec (Recommandé) :
    https://www.malekal.com/demarrer-windows-mode-sans-echec/

    - Choisis ta session habituelle

    - Fais un scan complet avec MalwareByte's Anti-Malware

    - Supprime tout ce que le logiciel trouve, enregistre le rapport

    - Redémarre en mode normal et poste le rapport ici

    Tutorial :
    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    0
  4. jh.explorer Messages postés 23 Statut Membre
     
    Malwarebytes' Anti-Malware 1.24
    Version de la base de données: 1031
    Windows 5.1.2600 Service Pack 2

    06:57:15 08/08/2008
    mbam-log-8-8-2008 (06-57-15).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 135399
    Temps écoulé: 2 hour(s), 46 minute(s), 40 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 16
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 3
    Fichier(s) infecté(s): 10

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\chilkatmail2.chilkatemail2 (Rogue.AntiSpamBoy) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\chilkatmail2.chilkatemail2.1 (Rogue.AntiSpamBoy) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\chilkatmail2.chilkatemailbundle2 (Rogue.AntiSpamBoy) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\chilkatmail2.chilkatemailbundle2.1 (Rogue.AntiSpamBoy) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\chilkatmail2.chilkatmailman2 (Rogue.AntiSpamBoy) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\chilkatmail2.chilkatmailman2.1 (Rogue.AntiSpamBoy) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9869efb4-18e9-11d3-a837-00104b9e30b5} (Trojan.Agent) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Products\rdomain (Rogue.PCVirusless) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Products\prodname (Rogue.PCVirusless) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Products\compname (Rogue.PCVirusless) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Documents and Settings\Propriétaire\Local Settings\Temp\NI.UGA6PV_0001_N122M1202 (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\SalesMon (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\SalesMon\Data (Rogue.Multiple) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Documents and Settings\Propriétaire\Local Settings\Temp\NI.UGA6PV_0001_N122M1202\settings.ini (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Temp\NI.UGA6PV_0001_N122M1202\setup.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Temp\NI.UGA6PV_0001_N122M1202\setup.len (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\Program Files\KB25746.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\KB26917.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\KB50333.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\BMaf024cd5.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Application Data\RBXML550.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Propriétaire\Local Settings\Temp\CmdLineExt03.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    /!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

    ---> Double-clique sur Combofix.exe
    Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
    Accepte en cliquant sur "Oui"

    ---> Mets-le en langue française F
    Tape sur la touche 1 (Yes) pour démarrer le scan.

    /!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

    En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

    Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

    /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

    Note : Le rapport se trouve également là : C:\ComboFix.txt
    0
  7. jh.explorer Messages postés 23 Statut Membre
     
    voici le rapport combo

    ComboFix 08-08-08.08 - Propriétaire 2008-08-09 19:24:20.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.397 [GMT 2:00]
    Endroit: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration
    * Resident AV is active

    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\bapqlrgm.ini
    C:\WINDOWS\system32\bbueoqob.ini
    C:\WINDOWS\system32\ctwpifnf.ini
    C:\WINDOWS\system32\dqwtooqo.ini
    C:\WINDOWS\system32\evklacje.ini
    C:\WINDOWS\system32\gfcmlrsq.ini
    C:\WINDOWS\system32\gowdeyee.ini
    C:\WINDOWS\system32\imlghxef.ini
    C:\WINDOWS\system32\khgmdrbb.ini
    C:\WINDOWS\system32\klnmp.ini
    C:\WINDOWS\system32\klnmp.ini2
    C:\WINDOWS\system32\kqbtaolp.ini
    C:\WINDOWS\system32\ltmigwuk.ini
    C:\WINDOWS\system32\mkdwdtiu.ini
    C:\WINDOWS\system32\nejgpbsy.ini
    C:\WINDOWS\system32\nffnaxcs.ini
    C:\WINDOWS\system32\nomoxxgh.ini
    C:\WINDOWS\system32\pdycvujv.ini
    C:\WINDOWS\system32\pyobyrxd.ini
    C:\WINDOWS\system32\uqptdbfb.ini
    C:\WINDOWS\system32\wwrixsih.ini
    C:\WINDOWS\system32\xbtfmvbo.ini
    C:\WINDOWS\system32\xctnktka.ini
    C:\WINDOWS\system32\xcytjtbn.ini
    C:\WINDOWS\system32\ymcxmmjo.ini
    C:\WINDOWS\system32\ywvegspr.ini

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-07-09 to 2008-08-09 ))))))))))))))))))))))))))))))))))))
    .

    2008-08-09 16:34 . 2008-06-14 19:33 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
    2008-08-09 16:18 . 2008-08-09 16:18 <REP> d-------- C:\WINDOWS\system32\fr
    2008-08-09 16:18 . 2008-08-09 16:18 <REP> d-------- C:\WINDOWS\l2schemas
    2008-08-09 15:36 . 2008-04-14 04:33 712,704 --------- C:\WINDOWS\system32\windowscodecs.dll
    2008-08-09 15:36 . 2008-04-14 04:33 346,112 --------- C:\WINDOWS\system32\windowscodecsext.dll
    2008-08-09 15:36 . 2008-04-14 04:33 276,992 --------- C:\WINDOWS\system32\wmphoto.dll
    2008-08-09 15:36 . 2008-04-14 04:33 69,120 --------- C:\WINDOWS\system32\wlanapi.dll
    2008-08-09 15:34 . 2008-04-14 04:33 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll
    2008-08-09 15:33 . 2008-04-14 04:33 651,264 --------- C:\WINDOWS\system32\dot3ui.dll
    2008-08-09 15:32 . 2008-04-14 04:33 136,192 --------- C:\WINDOWS\system32\aaclient.dll
    2008-08-09 12:05 . 2008-08-09 12:05 131,584 --a------ C:\Program Files\KB40115.exe
    2008-08-09 12:05 . 2008-08-09 12:05 126,976 --a------ C:\WINDOWS\wxml73885.dll
    2008-08-08 19:47 . 2008-08-09 12:11 <REP> d-------- C:\Program Files\EvilLyrics
    2008-08-08 17:40 . 2008-08-08 17:41 <REP> d-------- C:\WINDOWS\ERUNT
    2008-08-07 20:13 . 2008-08-07 20:13 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2008-08-07 20:11 . 2004-01-01 12:22 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
    2008-08-07 20:11 . 2004-01-01 09:48 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
    2008-08-07 20:11 . 2004-01-01 09:48 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
    2008-08-07 20:11 . 2005-12-28 06:49 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
    2008-08-07 20:11 . 2005-12-28 06:48 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
    2008-08-07 20:11 . 2005-12-28 06:48 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
    2008-08-07 20:11 . 2005-12-28 06:48 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
    2008-08-07 20:11 . 2004-01-01 09:48 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
    2008-08-07 20:11 . 2004-01-01 12:14 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Sonic
    2008-08-07 20:11 . 2004-01-01 12:52 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\SampleView
    2008-08-07 20:11 . 2008-08-07 20:11 <REP> d-------- C:\Documents and Settings\Administrateur
    2008-08-06 19:30 . 2008-08-09 16:43 <REP> d-------- C:\fixwareout
    2008-08-05 23:26 . 2008-08-07 20:07 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-08-05 23:26 . 2008-08-05 23:26 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
    2008-08-05 23:26 . 2008-08-05 23:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-08-05 23:26 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-08-05 23:26 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-08-04 20:32 . 2008-08-04 20:32 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\NeroDigital™
    2008-08-01 21:48 . 2008-08-01 21:48 131,072 --a------ C:\WINDOWS\wxmlua.dll
    2008-07-30 13:53 . 2008-07-30 13:53 131,072 --a------ C:\WINDOWS\winxml2c.dll
    2008-07-26 03:35 . 2008-07-26 03:35 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
    2008-07-25 14:32 . 2008-07-25 14:32 <REP> d-------- C:\Program Files\AxBx
    2008-07-25 06:43 . 2008-07-25 06:46 <REP> d-------- C:\Program Files\SpywareBlaster
    2008-07-24 16:20 . 2008-07-24 18:44 <REP> d-------- C:\Program Files\Anti Trojan Elite
    2008-07-23 18:25 . 2008-07-23 18:25 <REP> d-------- C:\Program Files\Nero
    2008-07-23 18:25 . 2008-07-23 18:28 <REP> d-------- C:\Program Files\Fichiers communs\Nero
    2008-07-23 18:25 . 2008-07-23 18:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Nero
    2008-07-23 18:20 . 2008-07-23 18:20 131,072 --a------ C:\WINDOWS\xml2u32i.dll
    2008-07-20 18:55 . 2008-07-20 18:55 <REP> d-------- C:\Program Files\PowerISO

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-08-09 17:33 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2008-08-09 17:22 --------- d-----w C:\Program Files\Wanadoo
    2008-08-05 16:45 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Azureus
    2008-08-04 21:34 --------- d-----w C:\Program Files\eMule
    2008-08-03 21:17 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 2
    2008-07-30 17:35 --------- d-----w C:\Program Files\Windows Live Safety Center
    2008-07-30 13:51 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Screenshot Sender
    2008-07-26 01:35 --------- d-----w C:\Program Files\Fichiers communs\Real
    2008-07-25 20:11 --------- d-----w C:\Program Files\Acoustica Beatcraft
    2008-07-25 04:47 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-07-25 04:36 --------- d-----w C:\Program Files\Steinberg
    2008-07-25 04:34 --------- d-----w C:\Program Files\LimeWire
    2008-07-25 04:32 --------- d-----w C:\Program Files\HP
    2008-07-25 04:29 --------- d-----w C:\Program Files\AviSynth 2.5
    2008-07-24 09:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-07-23 16:41 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Nero
    2008-07-21 10:11 --------- d-----w C:\Program Files\Fichiers communs\Ahead
    2008-07-18 12:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania
    2008-07-11 18:24 --------- d-----w C:\Program Files\Azureus
    2008-07-07 07:40 56,108 ----a-w C:\WINDOWS\system32\drivers\scdemu.sys
    2008-06-24 14:06 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe
    2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
    2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
    2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
    2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
    2008-06-18 23:52 --------- d-----w C:\Program Files\Fichiers communs\BitDefender
    2008-06-17 09:41 --------- d-----w C:\Program Files\GIMP-2.0
    2008-06-17 09:39 --------- d-----w C:\Program Files\Winamp
    2008-06-16 21:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus
    2008-06-16 08:12 --------- d-----w C:\Program Files\DivX
    2008-06-15 12:09 --------- d-----w C:\Program Files\Ripp-it_AM
    2008-06-15 04:11 568 ----a-w C:\reecmuxmkv.bat
    2008-06-15 00:09 --------- d-----w C:\Program Files\VirtualDub
    2008-06-14 22:59 --------- d-----w C:\Program Files\Fichiers communs\AVSMedia
    2008-06-14 17:33 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
    2008-06-12 12:33 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Steinberg
    2008-06-06 12:54 972,072 ----a-w C:\WINDOWS\UNRecode.exe
    2008-06-06 12:54 95,600 ----a-w C:\WINDOWS\system32\NeroCo.dll
    2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
    2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
    2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
    2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
    2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
    2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
    2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
    2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
    2008-05-22 22:22 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
    2008-05-22 22:22 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2008-05-22 22:19 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    2008-05-22 22:19 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
    2008-05-22 22:19 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2008-05-22 22:18 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
    2007-05-25 13:48 88,576 ---ha-w C:\Documents and Settings\Propriétaire\Application Data\rbap550.dll
    2007-05-25 13:48 38,912 ---ha-w C:\Documents and Settings\Propriétaire\Application Data\RBShell550.dll
    2007-05-25 13:48 29,184 ---ha-w C:\Documents and Settings\Propriétaire\Application Data\RBInternetEncodings550.dll
    2005-12-27 23:10 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    2006-12-01 21:32 8 --sh--r C:\WINDOWS\system32\C2C79C0203.sys
    2006-12-01 21:37 2,516 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E61EB7E6-0C75-32EE-AB12-51854441931D}]
    2008-08-09 12:05 126976 --a------ C:\WINDOWS\wxml73885.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-06-01 12:46 196608]
    "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-31 00:25 67128]
    "WOOKIT"="C:\Program Files\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360]
    "Acme.PCHButton"="C:\PROGRA~1\PRESAR~1\Presario\XPHWWRP4\plugin\bin\pchbutton.exe" [2004-01-01 12:42 159744]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-19 13:12 68856]
    "RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-08-21 10:27 495616]
    "EPSON Stylus DX4800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE" [2005-02-02 06:00 98304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04 52736]
    "UpdateManager"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-19 09:01 110592]
    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2003-11-03 17:50 221184]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-07-15 12:42 4112384]
    "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
    "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2004-07-15 12:42 81920]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-05-21 20:11 221184]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-06-01 12:09 458752]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-06-01 12:03 217088]
    "EPSON Stylus DX4800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE" [2005-02-02 06:00 98304]
    "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 17:44 61440]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-02-20 14:06 741376]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
    "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-06-24 18:16 368640]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-10-19 21:16 286720]
    "NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2008-06-19 09:53 570664]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 09:31 2221352]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-07-26 03:33 185896]
    "nwiz"="nwiz.exe" [2004-07-15 12:42 843776 C:\WINDOWS\system32\nwiz.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 10:01 437160]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "NoBandCustomize"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.mpegacm"= mpegacm.acm
    "msacm.ulmp3acm"= ulmp3acm.acm
    "msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\vio\dvacm.acm
    "MIDI1"= WGDRVR32.DLL
    "WAVE1"= WGDRVR32.DLL
    "VIDC.X264"= x264vfw.dll
    "vidc.i420"= i420vfw.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    --a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2007-10-19 21:16 286720 C:\Program Files\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    --a------ 2007-07-19 13:12 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\StubInstaller.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\Neoact\\Carom3D\\update.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "C:\\WINDOWS\\system32\\mshta.exe"=
    "C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
    "C:\\Program Files\\Xi\\NetXfer\\NetTransport.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"=
    "C:\\Program Files\\Maïdo Production\\IziSpot 4\\IziSpot.exe"=
    "C:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"=
    "C:\\Program Files\\FlightGear\\bin\\win32\\fgfs.exe"=
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
    "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "C:\\Program Files\\PromptPilote\\PromptPilote.exe"=
    "C:\\Documents and Settings\\Propriétaire\\Mes documents\\Jeux\\racer053b4\\racer053b4\\racer.exe"=
    "C:\\Documents and Settings\\Propriétaire\\Mes documents\\Jeux\\racer053b4\\racer053b4\\tracked.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "C:\\Program Files\\BitDownload\\BitDownload.exe"=
    "C:\\Program Files\\wamp\\Apache2\\bin\\httpd.exe"=
    "C:\\Documents and Settings\\Propriétaire\\Mes documents\\Jeux\\nexuiz-23\\Nexuiz\\nexuiz.exe"=
    "X:\\Program Files\\MC2\\Sniper Elite\\SniperElite.exe"=
    "C:\\Documents and Settings\\Propriétaire\\Local Settings\\Temp\\Nero Web\\SetupXu.exe"=
    "C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
    "C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
    "C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
    "C:\\WINDOWS\\system32\\java.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\WINDOWS\\system32\\fxsclnt.exe"=
    "C:\\Program Files\\Winsos\\winsos.exe"=
    "C:\\Program Files\\Podmailing\\podmailing.exe"=
    "C:\\Program Files\\TmNationsForever\\TmForever.exe"=
    "C:\WINDOWS\winlogon.exe"= C:\WINDOWS\winlogon.exe
    "C:\\Program Files\\eMule\\eMule.exe"=
    "C:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "4662:TCP"= 4662:TCP:TCP 4662
    "4672:UDP"= 4672:UDP:UDP 4672
    "4661:TCP"= 4661:TCP:TCP 4661
    "4665:UDP"= 4665:UDP:UDP 4665

    R1 Asapi;Asapi;C:\WINDOWS\system32\drivers\Asapi.sys [2002-04-17 20:27]
    S3 ATE_PROCMON;ATE_PROCMON;C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
    S3 Boonty Games;Boonty Games;C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-06-21 14:30]
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 15:18]
    S3 gAGP440p;gAGP440p;C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\gAGP440p.sys []
    S3 MagixASIODrv;MAGIX_ASIO_BoostDriver;C:\MAGIX\ms2005_deLuxe\mxasio.sys [2002-04-16 13:10]
    S3 UsbSagCom;SAGEM Full USB Driver;C:\WINDOWS\system32\DRIVERS\UsbSagCom.sys [2005-04-07 11:24]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 20:45]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 20:45]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx REG_MULTI_SZ scan

    *Newly Created Service* - PROCEXP90
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

    2008-08-09 C:\WINDOWS\Tasks\MP Scheduled Scan.job
    - C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]

    2008-08-08 C:\WINDOWS\Tasks\User_Feed_Synchronization-{43D4BF56-7D2D-46E5-B324-489926120209}.job
    - C:\WINDOWS\system32\msfeedssync.exe [2006-10-17 12:58]
    .
    - - - - ORPHANS REMOVED - - - -

    BHO-{351b0fe4-d749-41bb-acf4-3b59b179101d} - (no file)
    BHO-{7AE18E39-FBCA-4A77-9CAC-FBE5AC809027} - (no file)
    BHO-{8444F263-2A79-4FB1-AC07-41B0A2FC7A95} - (no file)
    HKLM-Run-Anti Trojan Elite - C:\Program Files\Anti Trojan Elite\TJEnder.exe
    HKLM-Run-VTTimer - VTTimer.exe
    MSConfigStartUp-NeroFilterCheck - C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    MSConfigStartUp-WinampAgent - C:\Program Files\Winamp\winampa.exe
    MSConfigStartUp-AlcxMonitor - ALCXMNTR.EXE

    .
    ------- Supplementary Scan -------
    .
    FireFox -: Profile - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\nvla8in7.default\
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.msn.fr/
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 2\plugins\npdivx32.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 2\plugins\npDivxPlayerPlugin.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 2\plugins\npnul32.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 2\plugins\nppdf32.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 2\plugins\nppl3260.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 2\plugins\npqtplugin.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 2\plugins\npqtplugin2.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 2\plugins\npqtplugin3.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 2\plugins\npqtplugin4.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 2\plugins\npqtplugin5.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 2\plugins\npqtplugin6.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 2\plugins\npqtplugin7.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 2\plugins\nprjplug.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 2\plugins\nprpjplug.dll

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-09 19:33:51
    Windows 5.1.2600 Service Pack 3 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-08-09 19:43:33
    ComboFix-quarantined-files.txt 2008-08-09 17:42:21

    Pre-Run: 16,076,111,872 octets libres
    Post-Run: 16,038,002,688 octets libres

    315 --- E O F --- 2008-08-09 15:13:15
    0