Aide rapport Hijackthis malwaresbytes svp

Résolu
crooked1 Messages postés 10 Statut Membre -  
g!rly Messages postés 18462 Statut Contributeur -
Bonjour,

J'ai fais un scan avec malwaresbytes et spybot search & destroy et j'ai vu que j'étais infecté par smitfraud.
Je vous met les différents scan, pourriez vous m'aider à nettoyer cela.
D'avance merci,

Cordialement

Malwarebytes' Anti-Malware 1.26
Version de la base de données: 1103
Windows 5.1.2600 Service Pack 3

09/09/2008 08:38:13
mbam-log-2008-09-09 (08-38-13).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 226978
Temps écoulé: 5 hour(s), 45 minute(s), 11 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 30
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 71

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0b682cc1-fb40-4006-a5dd-99edd3c9095d} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{000000da-0786-4633-87c6-1aa7a4429ef1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{54645654-2225-4455-44a1-9f4543d34545} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c7f15e1-f31a-44fd-aa1a-2ec63aaffd3a} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000000da-0786-4633-87c6-1aa7a4429ef1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Classes\applications\accessdiver.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fwbd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\HolLol (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslagent (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Somefox (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\WINDOWS\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\AntiVirGear 3.7 (Rogue.AntiVirGear) -> Quarantined and deleted successfully.
C:\Program Files\akl (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Inet Delivery (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\2_mslagent.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\mslagent.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\uninstall.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\AntiVirGear 3.7\avrg.dat (Rogue.AntiVirGear) -> Quarantined and deleted successfully.
C:\Program Files\AntiVirGear 3.7\blacklist.txt (Rogue.AntiVirGear) -> Quarantined and deleted successfully.
C:\Program Files\AntiVirGear 3.7\ignored.lst (Rogue.AntiVirGear) -> Quarantined and deleted successfully.
C:\Program Files\akl\akl.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\akl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\uninstall.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\akl\unsetup.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Inet Delivery\inetdl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Inet Delivery\intdel.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sav.cpl (Rogue.SystemAntivirus2008) -> Quarantined and deleted successfully.
C:\WINDOWS\a.bat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\base64.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\FVProtect.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\userconfig9x.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\winsystem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip1.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip2.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip3.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zipped.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\iTunesMusic.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\akttzn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\anticipator.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtoolb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bsva-egihsg52.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dpcproxy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\emesx.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hoproxy.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\medup012.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\medup020.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msgp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msnbho.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mtr2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mwin32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\netode.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\newsd32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ps1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psof1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psoft1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regc64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regm64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Rundl1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sncntr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssurf022.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysreq.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\temp#01.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thun.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thun32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VBIEWER.OCX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcatchpi.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winlogonpc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsystem.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WINWGPX.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vbsys2.dll (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\90.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

SmitFraudFix v2.346

Rapport fait à 11:50:39,45, 09/09/2008
Executé à partir de C:\Documents and Settings\Propri‚taire\Mes documents\logiciels\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix

AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:15:24, on 09/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\WINDOWS\System32\Drivers\SAP\FD.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\ACT\Act for Windows\Act.Outlook.Service.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\WINDOWS\system32\hapwnyro.exe
C:\Program Files\PerSono\perstray.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
c:\program files\fichiers communs\protexis\license service\psiservice_2.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Propriétaire\Mes documents\logiciels\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www8.hp.com/fr/fr/home.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile - {D5233FCD-D258-4903-89B8-FB1568E7413D} - mscoree.dll (file missing)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [FD_SAP] C:\WINDOWS\System32\Drivers\SAP\FD.exe
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus Photo RX560 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBPE.EXE /FU "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\E_S28.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [enadm] C:\WINDOWS\system32\hapwnyro.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Joindre la page Web au contact ACT! - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
O9 - Extra 'Tools' menuitem: Joindre la page Web au contact ACT!... - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5125/mcfscan.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\program files\fichiers communs\protexis\license service\psiservice_2.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
End of file - 13759 bytes

Merci de votre attention

Configuration: Windows XP
Opera 9.52
Configuration: Windows XP
Firefox 2.0.0.11

7 réponses

  1. g!rly Messages postés 18462 Statut Contributeur 407
     
    Salut,

    Télécharge combofix.exe (par sUBs) sur ton Bureau.

    -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    -> Double clique combofix.exe.
    -> Tape sur la touche 1 (Yes) pour démarrer le scan.
    -> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt

    Avant d'utiliser ComboFix :

    -> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

    -> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

    Une fois fait, sur ton bureau double-clic sur Combofix.exe.

    - Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

    /!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

    - En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

    - Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

    -> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

    -> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

    -> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

    @+
    0
  2. crooked1 Messages postés 10 Statut Membre
     
    Tout d'abord merci de répondre, ensuite voila mon rapport combofix :

    ComboFix 08-09-05.12 - Propriétaire 2008-09-09 17:36:52.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.506 [GMT 2:00]
    Endroit: C:\Documents and Settings\Propriétaire\Mes documents\logiciels\ComboFix.exe
    * Création d'un nouveau point de restauration
    * Resident AV is active

    [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-08-09 to 2008-09-09 ))))))))))))))))))))))))))))))))))))
    .

    2008-09-09 12:05 . 2008-09-09 12:05 <REP> d-------- C:\Program Files\Opera
    2008-09-09 11:43 . 2008-09-09 11:50 4,796 --a------ C:\WINDOWS\system32\tmp.reg
    2008-09-09 10:50 . 2008-09-09 10:50 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-09-09 10:50 . 2008-09-09 10:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-09-09 08:58 . 2008-09-09 08:59 <REP> d-------- C:\Program Files\Executive Software
    2008-09-08 13:07 . 2008-09-08 13:07 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-09-08 13:07 . 2008-09-08 13:07 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
    2008-09-08 13:07 . 2008-09-08 13:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-09-08 13:07 . 2008-09-02 00:16 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-09-08 13:07 . 2008-09-02 00:16 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-09-08 09:36 . 2008-09-08 09:36 <REP> d-------- C:\Program Files\CCleaner
    2008-09-08 01:18 . 2008-09-08 01:18 105,952 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
    2008-09-08 01:11 . 2008-09-08 01:11 <REP> d-------- C:\WINDOWS\system32\fr
    2008-09-08 01:11 . 2008-09-08 01:11 <REP> d-------- C:\WINDOWS\system32\bits
    2008-09-08 01:08 . 2008-09-08 01:08 <REP> d-------- C:\WINDOWS\EHome
    2008-09-07 21:33 . 2008-09-07 21:33 <REP> d-------- C:\WINDOWS\l2schemas
    2008-09-07 21:29 . 2008-09-07 21:34 <REP> d-------- C:\WINDOWS\ServicePackFiles
    2008-09-05 18:28 . 2008-09-05 18:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\abynghcv
    2008-09-05 18:28 . 2008-09-05 18:28 81,920 --a------ C:\WINDOWS\system32\hapwnyro.exe
    2008-09-03 12:01 . 2008-04-11 21:05 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-09-09 15:24 952 --sha-w C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
    2008-09-09 06:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2008-09-08 08:10 --------- d-----w C:\Program Files\Java
    2008-09-08 07:48 --------- d-----w C:\Program Files\Google
    2008-09-07 23:08 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\McAfee
    2008-09-07 23:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-09-07 20:21 --------- d-----w C:\Program Files\Windows Media Connect 2
    2008-09-07 15:04 --------- d-----w C:\Program Files\Readiris Pro 10
    2008-09-07 15:04 --------- d-----w C:\Program Files\PerSono
    2008-09-07 15:04 --------- d-----w C:\Program Files\Microsoft Works
    2008-09-07 15:03 --------- d-----w C:\Program Files\DivX
    2008-09-07 15:03 --------- d-----w C:\Program Files\Cardiris 3 LE
    2008-09-07 15:03 --------- d-----w C:\Program Files\Apoint2K
    2008-09-07 13:40 --------- d-----w C:\Program Files\Microsoft SQL Server
    2008-09-05 07:14 --------- d-----w C:\Program Files\McAfee
    2008-09-04 11:49 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\U3
    2008-08-05 15:36 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\OpenOffice.org2
    2008-08-04 14:45 8,286 ----a-w C:\Documents and Settings\Propriétaire\Application Data\wklnhst.dat
    2008-07-31 08:55 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Canon
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
    2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
    2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
    2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es.dll
    2008-06-24 16:44 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
    2008-06-24 12:37 2,874 -c--a-w C:\Documents and Settings\Propriétaire\Application Data\SAS7_000.DAT
    2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
    2008-06-18 17:52 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2008-06-11 00:07 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
    2008-06-11 00:07 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2008-06-11 00:07 129,784 ------w C:\WINDOWS\system32\pxafs.dll
    2008-06-11 00:07 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
    2008-06-11 00:07 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2008-06-11 00:04 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2008-06-11 00:04 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2008-03-11 18:00 88 --sh--r C:\Documents and Settings\All Users\Application Data\78E01F653E.sys
    2007-12-26 13:17 32 -c--a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
    2007-08-27 15:22 278,528 -c--a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    2007-08-09 10:23 88 --sh--r C:\WINDOWS\system32\78E01F653E.sys
    2008-03-11 17:00 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
    "enadm"="C:\WINDOWS\system32\hapwnyro.exe" [2008-09-05 81920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
    "SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
    "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2005-02-08 159744]
    "Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2005-03-29 233534]
    "eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-05-04 794624]
    "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
    "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
    "SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [2007-02-09 36904]
    "FD_SAP"="C:\WINDOWS\System32\Drivers\SAP\FD.exe" [2007-09-25 202240]
    "McAfee Backup"="C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" [2007-01-22 4838952]
    "MBkLogOnHook"="C:\Program Files\McAfee\MBK\LogOnHook.exe" [2007-01-08 20480]
    "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]
    "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
    "OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
    "MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-04-14 172544]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]
    "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-03-26 1232896]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe [2004-11-04 258048]
    Post-it© Software Notes Lite.lnk - C:\Program Files\3M\PSNLite\PsnLite.exe [2004-10-15 2080768]
    Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 118784]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide de HP Photosmart Premier.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk
    backup=C:\WINDOWS\pss\Démarrage rapide de HP Photosmart Premier.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
    backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Perstray.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Perstray.lnk
    backup=C:\WINDOWS\pss\Perstray.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk]
    path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Club Internet.lnk
    backup=C:\WINDOWS\pss\Club Internet.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Dragon NaturallySpeaking.lnk]
    path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Dragon NaturallySpeaking.lnk
    backup=C:\WINDOWS\pss\Dragon NaturallySpeaking.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Act! Preloader]
    --------- 2007-10-23 21:58 393216 C:\Program Files\ACT\Act for Windows\ActSage.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Act.Outlook.Service]
    --------- 2007-10-23 21:55 9728 C:\Program Files\ACT\Act for Windows\Act.Outlook.Service.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    --a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
    --a------ 2005-06-20 21:15 344064 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Club-Internet_McciTrayApp]
    --a--c--- 2005-11-15 18:46 543232 C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CmSkyped8c8]
    --------- 2007-03-21 12:42 532480 C:\Program Files\Middleware\CmSkype.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    --a--c--- 2004-10-13 16:04 278528 C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
    --a------ 2007-10-25 17:37 2178832 C:\Program Files\Logitech\QuickCam\Quickcam.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2008-04-14 04:34 1695232 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
    --a------ 2008-03-26 18:41 1232896 C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
    --a------ 2008-04-16 12:53 1079808 C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2007-08-07 15:29 98304 C:\Program Files\QuickTime\qttask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
    --a------ 2003-09-29 16:00 155648 C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    --a------ 2007-09-01 10:18 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    --a------ 2008-04-17 11:04 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"="0x00000000"
    "UpdatesDisableNotify"="0x00000000"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\ACT\\Act for Windows\\ActSage.exe"=
    "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
    "C:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

    R2 MSSQL$ACT7;SQL Server (ACT7);C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
    S3 ATMELFVNETusb(AR)(R);ATMEL FVNETusb(AR)(R) Service for ATMEL USB FastVNET (AR);C:\WINDOWS\system32\DRIVERS\vnetusbr.sys [ ]
    Start Pending2 PSI_SVC_2;Protexis Licensing V2;c:\program files\fichiers communs\protexis\license service\psiservice_2.exe [2007-04-12 178752]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{96b6713e-7a77-11dd-9eb6-0015002df1c7}]
    \Shell\AutoRun\command - setupSNK.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b557da5e-7bb7-11dc-9d50-0015002df1c7}]
    \Shell\AutoRun\command - F:\setupSNK.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5592d12-2a7c-11dd-9e67-0015002df1c7}]
    \Shell\AutoRun\command - G:\LaunchU3.exe -a

    *Newly Created Service* - PROCEXP90
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    .
    .
    ------- Supplementary Scan -------
    .
    FireFox -: Profile - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\a8r9lroi.default\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-09 17:41:24
    Windows 5.1.2600 Service Pack 3 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????9?1?9?3??????? ???B?????????????hLC? ??????
    McAfee Backup = C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe?????????????????????????????????????????????????????????????????????????????????

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-09-09 17:43:38
    ComboFix-quarantined-files.txt 2008-09-09 15:43:13

    Pre-Run: 14,862,651,392 octets libres
    Post-Run: 14,854,717,440 octets libres

    229 --- E O F --- 2008-09-09 06:54:05

    J'attends donc ton aide avec impatience,

    Cordialement
    0
  3. g!rly Messages postés 18462 Statut Contributeur 407
     
    ;)

    Copie le texte ci-dessous :

    File::
    C:\WINDOWS\system32\hapwnyro.exe

    Registry::
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "enadm"=-

    Ouvre le Bloc-Notes puis colle le texte copié.
    (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

    http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

    Cela va relancer Combofix,

    Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

    Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

    Ne touche à rien tant que le scan n'est pas terminé.

    Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

    S'il n'y a pas de rédémarrage, poste quand même les rapports.

    @+
    0
    1. crooked1 Messages postés 10 Statut Membre
       
      bonjour,

      j'ai fais ce que vous m'aviez conseiller, voila donc les rapports :

      ComboFix 08-09-05.14 - Propriétaire 2008-09-10 9:37:34.2 - NTFSx86
      Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.452 [GMT 2:00]
      Endroit: C:\Documents and Settings\Propriétaire\Mes documents\logiciels\ComboFix.exe
      Command switches used :: C:\Documents and Settings\Propriétaire\Bureau\CFScript.txt
      * Création d'un nouveau point de restauration
      * Resident AV is active


      [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
      .

      (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
      .

      C:\WINDOWS\system32\hapwnyro.exe

      .
      ((((((((((((((((((((((((((((( Fichiers créés 2008-08-10 to 2008-09-10 ))))))))))))))))))))))))))))))))))))
      .

      2008-09-09 12:05 . 2008-09-09 12:05 <REP> d-------- C:\Program Files\Opera
      2008-09-09 11:43 . 2008-09-09 11:50 4,796 --a------ C:\WINDOWS\system32\tmp.reg
      2008-09-09 10:50 . 2008-09-09 10:50 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
      2008-09-09 10:50 . 2008-09-09 10:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2008-09-09 08:58 . 2008-09-09 08:59 <REP> d-------- C:\Program Files\Executive Software
      2008-09-08 13:07 . 2008-09-08 13:07 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
      2008-09-08 13:07 . 2008-09-08 13:07 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
      2008-09-08 13:07 . 2008-09-08 13:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
      2008-09-08 13:07 . 2008-09-02 00:16 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
      2008-09-08 13:07 . 2008-09-02 00:16 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
      2008-09-08 09:36 . 2008-09-08 09:36 <REP> d-------- C:\Program Files\CCleaner
      2008-09-08 01:18 . 2008-09-08 01:18 105,952 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
      2008-09-08 01:11 . 2008-09-08 01:11 <REP> d-------- C:\WINDOWS\system32\fr
      2008-09-08 01:11 . 2008-09-08 01:11 <REP> d-------- C:\WINDOWS\system32\bits
      2008-09-08 01:08 . 2008-09-08 01:08 <REP> d-------- C:\WINDOWS\EHome
      2008-09-07 21:33 . 2008-09-07 21:33 <REP> d-------- C:\WINDOWS\l2schemas
      2008-09-07 21:29 . 2008-09-07 21:34 <REP> d-------- C:\WINDOWS\ServicePackFiles
      2008-09-05 18:28 . 2008-09-05 18:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\abynghcv
      2008-09-03 12:01 . 2008-04-11 21:05 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-09-09 15:24 952 --sha-w C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
      2008-09-09 06:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
      2008-09-08 08:10 --------- d-----w C:\Program Files\Java
      2008-09-08 07:48 --------- d-----w C:\Program Files\Google
      2008-09-07 23:08 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\McAfee
      2008-09-07 23:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
      2008-09-07 20:21 --------- d-----w C:\Program Files\Windows Media Connect 2
      2008-09-07 15:04 --------- d-----w C:\Program Files\Readiris Pro 10
      2008-09-07 15:04 --------- d-----w C:\Program Files\PerSono
      2008-09-07 15:04 --------- d-----w C:\Program Files\Microsoft Works
      2008-09-07 15:03 --------- d-----w C:\Program Files\DivX
      2008-09-07 15:03 --------- d-----w C:\Program Files\Cardiris 3 LE
      2008-09-07 15:03 --------- d-----w C:\Program Files\Apoint2K
      2008-09-07 13:40 --------- d-----w C:\Program Files\Microsoft SQL Server
      2008-09-05 07:14 --------- d-----w C:\Program Files\McAfee
      2008-09-04 11:49 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\U3
      2008-08-05 15:36 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\OpenOffice.org2
      2008-08-04 14:45 8,286 ----a-w C:\Documents and Settings\Propriétaire\Application Data\wklnhst.dat
      2008-07-31 08:55 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Canon
      2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
      2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
      2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
      2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
      2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
      2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
      2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
      2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
      2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
      2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
      2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es.dll
      2008-06-24 16:44 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
      2008-06-24 12:37 2,874 -c--a-w C:\Documents and Settings\Propriétaire\Application Data\SAS7_000.DAT
      2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
      2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
      2008-06-18 17:52 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
      2008-06-11 00:07 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
      2008-06-11 00:07 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
      2008-06-11 00:07 129,784 ------w C:\WINDOWS\system32\pxafs.dll
      2008-06-11 00:07 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
      2008-06-11 00:07 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
      2008-06-11 00:04 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
      2008-06-11 00:04 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
      2008-03-11 18:00 88 --sh--r C:\Documents and Settings\All Users\Application Data\78E01F653E.sys
      2007-12-26 13:17 32 -c--a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
      2007-08-27 15:22 278,528 -c--a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
      2007-08-09 10:23 88 --sh--r C:\WINDOWS\system32\78E01F653E.sys
      2008-03-11 17:00 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
      .

      ((((((((((((((((((((((((((((( snapshot@2008-09-09_17.42.43.54 )))))))))))))))))))))))))))))))))))))))))
      .
      - 2008-09-09 15:20:55 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
      + 2008-09-10 07:12:22 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
      - 2008-09-09 15:20:55 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
      + 2008-09-10 07:12:22 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
      + 2008-09-10 07:12:22 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
      + 2008-09-10 07:26:11 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_220.dat
      .
      ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
      REGEDIT4

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
      "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
      "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
      "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
      "SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
      "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2005-02-08 159744]
      "Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2005-03-29 233534]
      "eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
      "hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-05-04 794624]
      "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
      "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
      "SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [2007-02-09 36904]
      "FD_SAP"="C:\WINDOWS\System32\Drivers\SAP\FD.exe" [2007-09-25 202240]
      "McAfee Backup"="C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" [2007-01-22 4838952]
      "MBkLogOnHook"="C:\Program Files\McAfee\MBK\LogOnHook.exe" [2007-01-08 20480]
      "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]
      "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
      "OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]
      "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-03-26 1232896]

      C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
      HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe [2004-11-04 258048]
      Post-it© Software Notes Lite.lnk - C:\Program Files\3M\PSNLite\PsnLite.exe [2004-10-15 2080768]
      Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 118784]

      [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
      "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

      [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide de HP Photosmart Premier.lnk]
      path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk
      backup=C:\WINDOWS\pss\Démarrage rapide de HP Photosmart Premier.lnkCommon Startup

      [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
      path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
      backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

      [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
      path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
      backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup

      [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Perstray.lnk]
      path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Perstray.lnk
      backup=C:\WINDOWS\pss\Perstray.lnkCommon Startup

      [HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk]
      path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Club Internet.lnk
      backup=C:\WINDOWS\pss\Club Internet.lnkStartup

      [HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Dragon NaturallySpeaking.lnk]
      path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Dragon NaturallySpeaking.lnk
      backup=C:\WINDOWS\pss\Dragon NaturallySpeaking.lnkStartup

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Act! Preloader]
      --------- 2007-10-23 21:58 393216 C:\Program Files\ACT\Act for Windows\ActSage.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Act.Outlook.Service]
      --------- 2007-10-23 21:55 9728 C:\Program Files\ACT\Act for Windows\Act.Outlook.Service.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
      --a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
      --a------ 2005-06-20 21:15 344064 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Club-Internet_McciTrayApp]
      --a--c--- 2005-11-15 18:46 543232 C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CmSkyped8c8]
      --------- 2007-03-21 12:42 532480 C:\Program Files\Middleware\CmSkype.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
      --a--c--- 2004-10-13 16:04 278528 C:\Program Files\iTunes\iTunesHelper.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
      --a------ 2007-10-25 17:37 2178832 C:\Program Files\Logitech\QuickCam\Quickcam.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
      --a------ 2008-04-14 04:34 1695232 C:\Program Files\Messenger\msmsgs.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
      --a------ 2008-03-26 18:41 1232896 C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
      --a------ 2008-04-16 12:53 1079808 C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
      --a------ 2007-08-07 15:29 98304 C:\Program Files\QuickTime\qttask.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
      --a------ 2003-09-29 16:00 155648 C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
      --a------ 2007-09-01 10:18 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
      --a------ 2008-04-17 11:04 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
      "DisableMonitoring"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
      "EnableFirewall"= 0 (0x0)

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "C:\\Program Files\\iTunes\\iTunes.exe"=
      "C:\\Program Files\\ACT\\Act for Windows\\ActSage.exe"=
      "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
      "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
      "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
      "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
      "C:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe"=

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
      "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

      R2 MSSQL$ACT7;SQL Server (ACT7);C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
      S3 ATMELFVNETusb(AR)(R);ATMEL FVNETusb(AR)(R) Service for ATMEL USB FastVNET (AR);C:\WINDOWS\system32\DRIVERS\vnetusbr.sys [ ]
      Start Pending2 PSI_SVC_2;Protexis Licensing V2;c:\program files\fichiers communs\protexis\license service\psiservice_2.exe [2007-04-12 178752]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{96b6713e-7a77-11dd-9eb6-0015002df1c7}]
      \Shell\AutoRun\command - setupSNK.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b557da5e-7bb7-11dc-9d50-0015002df1c7}]
      \Shell\AutoRun\command - F:\setupSNK.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5592d12-2a7c-11dd-9e67-0015002df1c7}]
      \Shell\AutoRun\command - G:\LaunchU3.exe -a
      .
      Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
      .

      **************************************************************************

      catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-09-10 09:43:00
      Windows 5.1.2600 Service Pack 3 NTFS

      Balayage processus cachés ...

      Balayage caché autostart entries ...

      HKLM\Software\Microsoft\Windows\CurrentVersion\Run
      Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????9?1?9?3??????? ???B?????????????hLC? ??????
      McAfee Backup = C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe?????????????????????????????????????????????????????????????????????????????????

      Balayage des fichiers cachés ...

      Scan terminé avec succès
      Les fichiers cachés: 0

      **************************************************************************
      .
      Temps d'accomplissement: 2008-09-10 9:45:25
      ComboFix-quarantined-files.txt 2008-09-10 07:45:05
      ComboFix2.txt 2008-09-09 15:43:40

      Pre-Run: 15,445,172,224 octets libres
      Post-Run: 15,416,594,432 octets libres

      231 --- E O F --- 2008-09-10 07:35:41


      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 10:08:54, on 10/09/2008
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16705)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
      C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\Program Files\McAfee\MBK\MBackMonitor.exe
      C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
      c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
      c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
      C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
      C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
      C:\Program Files\Apoint2K\Apoint.exe
      C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
      C:\Program Files\McAfee\MPF\MPFSrv.exe
      C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
      C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
      C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
      C:\Program Files\McAfee\MSK\MskSrver.exe
      C:\WINDOWS\System32\Drivers\SAP\FD.exe
      C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
      C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
      C:\Program Files\McAfee.com\Agent\mcagent.exe
      C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
      C:\Program Files\Apoint2K\Apntex.exe
      C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
      c:\program files\fichiers communs\protexis\license service\psiservice_2.exe
      C:\Program Files\SiteAdvisor\6261\SAService.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
      C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
      C:\WINDOWS\system32\SearchIndexer.exe
      C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\PROGRA~1\MICROS~2\rapimgr.exe
      C:\Program Files\3M\PSNLite\PsnLite.exe
      C:\Program Files\Windows Desktop Search\WindowsSearch.exe
      C:\PROGRA~1\3M\PSNLite\PSNGive.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
      C:\Program Files\HPQ\SHARED\HPQWMI.exe
      C:\WINDOWS\system32\SearchProtocolHost.exe
      C:\Documents and Settings\Propriétaire\Mes documents\logiciels\HiJackThis.exe
      C:\WINDOWS\system32\wuauclt.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www8.hp.com/fr/fr/home.html
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
      O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
      O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O2 - BHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile - {D5233FCD-D258-4903-89B8-FB1568E7413D} - mscoree.dll (file missing)
      O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
      O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
      O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
      O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
      O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
      O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
      O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
      O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
      O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
      O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
      O4 - HKLM\..\Run: [FD_SAP] C:\WINDOWS\System32\Drivers\SAP\FD.exe
      O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
      O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
      O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
      O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
      O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
      O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
      O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
      O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
      O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
      O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
      O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
      O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
      O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
      O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
      O9 - Extra button: Joindre la page Web au contact ACT! - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
      O9 - Extra 'Tools' menuitem: Joindre la page Web au contact ACT!... - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
      O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5125/mcfscan.cab
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
      O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
      O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
      O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
      O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
      O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
      O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
      O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
      O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
      O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
      O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
      O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
      O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\program files\fichiers communs\protexis\license service\psiservice_2.exe
      O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
      O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
      O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
      0
  4. g!rly Messages postés 18462 Statut Contributeur 407
     
    Salut crooked1,

    bien joué...

    * Télécharge OTMoveIt2 (de Old_Timer) sur ton bureau : http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
    * Double-clique sur OTMoveIt.exe pour lancer le programme,
    * Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste Custom List of Files/Folders to Move" :

    C:\Documents and Settings\All Users\Application Data\abynghcv

    * Clique sur MoveIt! pour lancer la suppression,
    * Le résultat appraraîtra dans le cadre Results.
    * Clique sur Exit pour fermer le programme.
    * Poste le rapport qui est situé ici : C:\\\_OTMoveIt\MovedFiles
    * Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.

    puis passe ceci :

    Télécharge Lop S&D (de Angeldark et Eric71) sur le Bureau :
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    [*]Double-clique sur Lop S&D.exe pour lancer l'installation,
    [*]Puis double-clique sur le raccourci Lop S&D présent sur le Bureau.
    [*]Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
    Le scan prend moins d'une minute.
    [*]A l'issue du scan, le bloc-notes va s'ouvrir avec le résultat de la recherche.
    [*]Enregistre le rapport LopR.txt sur le Bureau pour le retrouver facilement, sinon il sauvegardé à la racine de la partition système : C:\LopR.txt

    Post les deux rapports stp

    @+
    0
    1. crooked1 Messages postés 10 Statut Membre
       
      bonjour,

      voici les rapports:


      C:\Documents and Settings\All Users\Application Data\abynghcv moved successfully.

      OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09102008_133028



      --------------------\\ Lop S&D 4.2.4-2 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
      BIOS : Ver 1.00PARTTBLh
      USER : Propriétaire ( Administrator )
      BOOT : Normal boot
      Antivirus : McAfee VirusScan (Activated)
      Firewall : McAfee Personal Firewall (Activated)

      "C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
      Option : [1] ( 10/09/2008|13:34 )

      --------------------\\ Listing des dossiers dans APPLIC~1

      [11/03/2008|19:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACT
      [14/02/2008|13:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
      [07/08/2007|15:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
      [09/03/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BSD
      [16/12/2007|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BSD Concept
      [27/06/2008|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
      [09/08/2007|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
      [23/09/2007|23:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData
      [13/03/2008|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GeoConcept
      [29/08/2007|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
      [09/09/2008|08:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
      [24/09/2007|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
      [07/08/2007|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpqwmi
      [13/06/2008|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
      [07/08/2007|15:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
      [02/03/2008|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
      [23/02/2008|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
      [08/09/2008|13:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
      [18/10/2007|09:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
      [11/09/2007|09:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
      [05/01/2008|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
      [08/09/2008|01:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
      [08/08/2007|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
      [08/08/2007|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
      [11/09/2007|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
      [08/08/2007|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nuance
      [05/01/2008|11:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
      [17/02/2008|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
      [08/08/2007|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sage Software SB, Inc
      [11/03/2008|20:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sage Software, Inc
      [27/06/2008|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
      [12/09/2007|08:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
      [26/12/2007|15:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
      [29/08/2007|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
      [09/09/2008|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
      [08/08/2007|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
      [06/05/2008|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winferno

      [05/10/2007|10:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
      [07/08/2007|14:43] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

      [08/09/2008|00:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
      [11/09/2007|09:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\SiteAdvisor

      [22/09/2007|09:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google
      [22/09/2007|09:09] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia
      [25/04/2008|18:18] C:\DOCUME~1\NETWOR~1\APPLIC~1\McAfee
      [18/10/2007|14:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
      [31/08/2007|16:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Nuance
      [09/12/2007|09:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\SiteAdvisor

      [07/10/2007|19:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\3M
      [11/03/2008|19:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\ACT
      [19/12/2007|17:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
      [10/09/2007|10:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
      [07/08/2007|15:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
      [16/12/2007|15:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\BSD
      [26/01/2008|20:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\BSD Concept
      [08/08/2007|15:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\BSDh9
      [31/07/2008|10:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Canon
      [23/09/2007|15:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\DeepBurner
      [17/02/2008|18:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire
      [28/11/2007|16:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
      [14/03/2008|15:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
      [30/10/2007|19:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\HP
      [07/08/2007|15:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
      [12/03/2008|13:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
      [15/12/2007|13:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterVideo
      [11/03/2008|20:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\IsolatedStorage
      [08/12/2007|20:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
      [08/09/2008|13:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
      [08/09/2008|01:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\McAfee
      [05/08/2008|11:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
      [01/10/2007|13:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
      [05/01/2008|12:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nokia
      [05/01/2008|16:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nokia Multimedia Player
      [08/08/2007|17:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nuance
      [05/08/2008|17:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
      [09/09/2008|12:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Opera
      [05/01/2008|11:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\PC Suite
      [12/09/2007|22:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
      [27/06/2008|13:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\ScanSoft
      [23/01/2008|15:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\SiteAdvisor
      [27/06/2008|16:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype
      [27/06/2008|12:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\skypePM
      [03/09/2007|11:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
      [28/08/2007|13:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
      [01/10/2007|13:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback
      [11/02/2008|10:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template
      [04/09/2008|13:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\U3
      [27/01/2008|20:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
      [28/01/2008|01:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Windows Desktop Search

      --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

      [09/09/2008 09:02][--a------] C:\WINDOWS\tasks\rpc.job
      [11/09/2007 09:27][--a------] C:\WINDOWS\tasks\McDefragTask.job
      [11/09/2007 09:27][--a------] C:\WINDOWS\tasks\McQcTask.job
      [10/09/2008 13:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
      [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

      --------------------\\ Listing des dossiers dans C:\Program Files

      [07/10/2007|19:02] C:\Program Files\3M
      [14/09/2007|12:19] C:\Program Files\Acro Software
      [31/08/2007|13:18] C:\Program Files\ACT
      [25/06/2008|10:40] C:\Program Files\Adobe
      [29/11/2007|20:25] C:\Program Files\Ahead
      [07/08/2007|15:09] C:\Program Files\Analog Devices
      [07/09/2008|17:03] C:\Program Files\Apoint2K
      [27/06/2008|12:58] C:\Program Files\ArcSoft
      [18/10/2007|11:14] C:\Program Files\Astonsoft
      [07/08/2007|15:12] C:\Program Files\ATI Technologies
      [17/10/2007|12:44] C:\Program Files\Bluetooth PhoneManager
      [20/01/2008|20:25] C:\Program Files\BSD Concept
      [27/06/2008|13:05] C:\Program Files\Canon
      [27/06/2008|12:06] C:\Program Files\CanonBJ
      [07/09/2008|17:03] C:\Program Files\Cardiris 3 LE
      [08/09/2008|09:36] C:\Program Files\CCleaner
      [08/08/2007|18:49] C:\Program Files\Club-Internet
      [08/08/2007|18:42] C:\Program Files\Common Files
      [07/08/2007|14:40] C:\Program Files\ComPlus Applications
      [05/01/2008|11:53] C:\Program Files\DIFX
      [07/09/2008|17:03] C:\Program Files\DivX
      [08/08/2007|10:28] C:\Program Files\epson
      [09/09/2008|08:59] C:\Program Files\Executive Software
      [10/09/2008|09:41] C:\Program Files\Fichiers communs
      [08/09/2008|09:48] C:\Program Files\Google
      [14/09/2007|12:21] C:\Program Files\GPLGS
      [07/08/2007|15:23] C:\Program Files\Hewlett-Packard
      [24/05/2008|22:32] C:\Program Files\Hp
      [28/08/2007|13:27] C:\Program Files\HPQ
      [27/06/2008|12:58] C:\Program Files\InstallShield Installation Information
      [28/08/2007|13:22] C:\Program Files\Intel
      [03/09/2008|15:01] C:\Program Files\Internet Explorer
      [28/08/2007|13:28] C:\Program Files\InterVideo
      [07/08/2007|15:28] C:\Program Files\iPod
      [07/08/2007|15:28] C:\Program Files\iTunes
      [08/09/2008|10:10] C:\Program Files\Java
      [02/03/2008|21:05] C:\Program Files\Logitech
      [08/09/2008|13:07] C:\Program Files\Malwarebytes' Anti-Malware
      [05/09/2008|09:14] C:\Program Files\McAfee
      [11/09/2007|09:46] C:\Program Files\McAfee.com
      [08/09/2008|01:03] C:\Program Files\Messenger
      [24/05/2008|20:38] C:\Program Files\Microsoft ActiveSync
      [09/08/2007|14:26] C:\Program Files\Microsoft CAPICOM 2.1.0.2
      [07/08/2007|14:44] C:\Program Files\microsoft frontpage
      [05/08/2008|11:29] C:\Program Files\Microsoft Office
      [07/09/2008|15:40] C:\Program Files\Microsoft SQL Server
      [13/06/2008|14:15] C:\Program Files\Microsoft Visual Studio
      [07/09/2008|17:04] C:\Program Files\Microsoft Works
      [08/08/2007|16:52] C:\Program Files\Microsoft.NET
      [19/02/2008|14:33] C:\Program Files\Middleware
      [07/08/2007|16:09] C:\Program Files\MobiMate
      [08/09/2008|01:04] C:\Program Files\Movie Maker
      [10/09/2008|12:56] C:\Program Files\Mozilla Firefox
      [07/08/2007|14:39] C:\Program Files\MSN
      [07/08/2007|14:39] C:\Program Files\MSN Gaming Zone
      [28/08/2007|13:01] C:\Program Files\MSXML 4.0
      [24/08/2007|23:06] C:\Program Files\MSXML 6.0
      [05/04/2008|18:39] C:\Program Files\NAVIGON GmbH
      [08/09/2008|01:04] C:\Program Files\NetMeeting
      [27/01/2008|20:14] C:\Program Files\Neuf
      [13/06/2008|15:39] C:\Program Files\Nokia
      [08/08/2007|16:59] C:\Program Files\Nuance
      [07/08/2007|14:39] C:\Program Files\Online Services
      [13/11/2007|11:13] C:\Program Files\OpenOffice.org 2.3
      [09/09/2008|12:05] C:\Program Files\Opera
      [08/09/2008|01:09] C:\Program Files\Outlook Express
      [13/06/2008|15:35] C:\Program Files\PC Connectivity Solution
      [07/09/2008|17:04] C:\Program Files\PerSono
      [07/08/2007|15:29] C:\Program Files\QuickTime
      [07/09/2008|17:04] C:\Program Files\Readiris Pro 10
      [11/09/2007|12:43] C:\Program Files\Real
      [27/06/2008|13:01] C:\Program Files\ScanSoft
      [07/08/2007|14:42] C:\Program Files\Services en ligne
      [28/08/2007|16:38] C:\Program Files\SHARP 3G GSM USB Driver
      [24/05/2008|20:14] C:\Program Files\SiteAdvisor
      [26/12/2007|15:13] C:\Program Files\Skype
      [07/08/2007|15:31] C:\Program Files\Sonic
      [09/09/2008|10:50] C:\Program Files\Spybot - Search & Destroy
      [07/08/2007|15:04] C:\Program Files\Uninstall Information
      [08/08/2007|21:49] C:\Program Files\Windows Desktop Search
      [07/09/2008|22:21] C:\Program Files\Windows Media Connect 2
      [08/09/2008|01:04] C:\Program Files\Windows Media Player
      [08/09/2008|01:04] C:\Program Files\Windows NT
      [07/08/2007|14:42] C:\Program Files\WindowsUpdate
      [06/05/2008|13:28] C:\Program Files\Winferno
      [08/12/2007|20:15] C:\Program Files\WordView
      [07/08/2007|14:44] C:\Program Files\xerox

      --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

      [14/02/2008|13:22] C:\Program Files\Fichiers communs\Adobe
      [13/06/2008|14:15] C:\Program Files\Fichiers communs\DESIGNER
      [17/02/2008|18:18] C:\Program Files\Fichiers communs\FotoWire
      [29/08/2007|17:19] C:\Program Files\Fichiers communs\HP
      [07/08/2007|15:33] C:\Program Files\Fichiers communs\InstallShield
      [07/08/2007|15:33] C:\Program Files\Fichiers communs\Java
      [02/03/2008|21:15] C:\Program Files\Fichiers communs\LogiShrd
      [17/02/2008|18:14] C:\Program Files\Fichiers communs\Logitech
      [11/11/2007|14:31] C:\Program Files\Fichiers communs\McAfee
      [28/07/2008|09:59] C:\Program Files\Fichiers communs\Microsoft Shared
      [08/08/2007|18:42] C:\Program Files\Fichiers communs\Motive
      [07/08/2007|14:41] C:\Program Files\Fichiers communs\MSSoap
      [06/10/2007|11:42] C:\Program Files\Fichiers communs\Nero
      [13/06/2008|15:40] C:\Program Files\Fichiers communs\Nokia
      [07/08/2007|16:24] C:\Program Files\Fichiers communs\ODBC
      [13/06/2008|15:40] C:\Program Files\Fichiers communs\PCSuite
      [11/03/2008|19:47] C:\Program Files\Fichiers communs\Protexis
      [17/04/2008|11:07] C:\Program Files\Fichiers communs\Real
      [08/08/2007|16:59] C:\Program Files\Fichiers communs\Scansoft Shared
      [07/08/2007|14:41] C:\Program Files\Fichiers communs\Services
      [27/06/2008|12:01] C:\Program Files\Fichiers communs\Skype
      [29/08/2007|17:20] C:\Program Files\Fichiers communs\Sonic Shared
      [07/08/2007|16:24] C:\Program Files\Fichiers communs\SpeechEngines
      [07/08/2007|15:31] C:\Program Files\Fichiers communs\SureThing Shared
      [08/09/2008|01:09] C:\Program Files\Fichiers communs\System
      [07/08/2007|15:32] C:\Program Files\Fichiers communs\TiVo Shared
      [17/04/2008|11:08] C:\Program Files\Fichiers communs\xing shared

      --------------------\\ Process

      ( 64 Processes )

      ... OK !

      --------------------\\ Recherche avec S_Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Recherche de Fichiers / Dossiers Lop

      C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData
      C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData\globData.mk4

      --------------------\\ Verification du Registre

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

      ..... OK !

      --------------------\\ Verification du fichier Hosts

      Fichier Hosts PROPRE


      --------------------\\ Recherche de fichiers avec Catchme

      catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-09-10 13:35:46
      Windows 5.1.2600 Service Pack 3 NTFS
      scanning hidden processes ...
      scanning hidden files ...
      scan completed successfully
      hidden processes: 0
      hidden files: 0

      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !

      [F:16][D:2]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
      [F:22][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
      [F:91][D:4]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

      1 - "C:\Lop SD\LopR_1.txt" - 10/09/2008|13:38 - Option : [1]

      --------------------\\ Fin du rapport a 13:38:29

      Voila,
      merci de votre réponse

      @ +
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. g!rly Messages postés 18462 Statut Contributeur 407
     
    ok

    passe l´option 2 de lopsd et post le rapport

    puis

    passe ceci :

    Télécharge Clean:

    -> http://www.malekal.com/download/clean.zip

    -> Dézippe tout le contenu dans un dossier que tu auras cré au préalable (sur ton bureau par exemple). Double clic sur clean ou clean.cmd choisie l'option 1.

    Un rapport va s'ouvrir, copie et colle le contenu sur le forum.

    -> pour ceux ou celles qui auraient un doute sur comment deziper un fichier :

    http://www.tutopat.com/viewtopic.php?t=933&sid=34215b238376bfb22ef9e8eca9995914

    ps : si on te demande d´envoyer un fichier sur le site de malekal ne le fais pas, contente toi de suivre les indications de la fenêtre noire (cmd)

    @+
    0
    1. crooked1 Messages postés 10 Statut Membre
       
      voila les rapports :


      --------------------\\ Lop S&D 4.2.4-2 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
      BIOS : Ver 1.00PARTTBLh
      USER : Propriétaire ( Administrator )
      BOOT : Normal boot
      Antivirus : McAfee VirusScan (Activated)
      Firewall : McAfee Personal Firewall (Activated)

      "C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
      Option : [2] ( 10/09/2008|14:01 )


      \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData\globData.mk4
      Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData

      \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


      --------------------\\ Listing des dossiers dans APPLIC~1

      [11/03/2008|19:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACT
      [14/02/2008|13:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
      [07/08/2007|15:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
      [09/03/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BSD
      [16/12/2007|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BSD Concept
      [27/06/2008|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
      [09/08/2007|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
      [13/03/2008|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GeoConcept
      [29/08/2007|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
      [09/09/2008|08:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
      [24/09/2007|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
      [07/08/2007|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpqwmi
      [13/06/2008|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
      [07/08/2007|15:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
      [02/03/2008|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
      [23/02/2008|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
      [08/09/2008|13:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
      [18/10/2007|09:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
      [11/09/2007|09:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
      [05/01/2008|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
      [10/09/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
      [08/08/2007|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
      [08/08/2007|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
      [11/09/2007|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
      [08/08/2007|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nuance
      [05/01/2008|11:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
      [17/02/2008|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
      [08/08/2007|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sage Software SB, Inc
      [11/03/2008|20:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sage Software, Inc
      [27/06/2008|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
      [12/09/2007|08:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
      [26/12/2007|15:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
      [29/08/2007|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
      [09/09/2008|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
      [08/08/2007|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
      [06/05/2008|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winferno

      [05/10/2007|10:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
      [07/08/2007|14:43] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

      [08/09/2008|00:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
      [11/09/2007|09:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\SiteAdvisor

      [22/09/2007|09:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google
      [22/09/2007|09:09] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia
      [25/04/2008|18:18] C:\DOCUME~1\NETWOR~1\APPLIC~1\McAfee
      [18/10/2007|14:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
      [31/08/2007|16:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Nuance
      [09/12/2007|09:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\SiteAdvisor

      [07/10/2007|19:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\3M
      [11/03/2008|19:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\ACT
      [19/12/2007|17:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
      [10/09/2007|10:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
      [07/08/2007|15:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
      [16/12/2007|15:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\BSD
      [26/01/2008|20:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\BSD Concept
      [08/08/2007|15:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\BSDh9
      [31/07/2008|10:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Canon
      [23/09/2007|15:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\DeepBurner
      [17/02/2008|18:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire
      [28/11/2007|16:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
      [14/03/2008|15:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
      [30/10/2007|19:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\HP
      [07/08/2007|15:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
      [12/03/2008|13:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
      [15/12/2007|13:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterVideo
      [11/03/2008|20:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\IsolatedStorage
      [08/12/2007|20:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
      [08/09/2008|13:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
      [08/09/2008|01:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\McAfee
      [05/08/2008|11:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
      [01/10/2007|13:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
      [05/01/2008|12:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nokia
      [05/01/2008|16:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nokia Multimedia Player
      [08/08/2007|17:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nuance
      [05/08/2008|17:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
      [09/09/2008|12:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Opera
      [05/01/2008|11:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\PC Suite
      [12/09/2007|22:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
      [27/06/2008|13:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\ScanSoft
      [23/01/2008|15:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\SiteAdvisor
      [27/06/2008|16:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype
      [27/06/2008|12:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\skypePM
      [03/09/2007|11:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
      [28/08/2007|13:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
      [01/10/2007|13:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback
      [11/02/2008|10:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template
      [04/09/2008|13:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\U3
      [27/01/2008|20:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
      [28/01/2008|01:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\Windows Desktop Search

      --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

      [09/09/2008 09:02][--a------] C:\WINDOWS\tasks\rpc.job
      [11/09/2007 09:27][--a------] C:\WINDOWS\tasks\McDefragTask.job
      [11/09/2007 09:27][--a------] C:\WINDOWS\tasks\McQcTask.job
      [10/09/2008 13:45][--ah-----] C:\WINDOWS\tasks\SA.DAT
      [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

      --------------------\\ Listing des dossiers dans C:\Program Files

      [07/10/2007|19:02] C:\Program Files\3M
      [14/09/2007|12:19] C:\Program Files\Acro Software
      [31/08/2007|13:18] C:\Program Files\ACT
      [25/06/2008|10:40] C:\Program Files\Adobe
      [29/11/2007|20:25] C:\Program Files\Ahead
      [07/08/2007|15:09] C:\Program Files\Analog Devices
      [07/09/2008|17:03] C:\Program Files\Apoint2K
      [27/06/2008|12:58] C:\Program Files\ArcSoft
      [18/10/2007|11:14] C:\Program Files\Astonsoft
      [07/08/2007|15:12] C:\Program Files\ATI Technologies
      [17/10/2007|12:44] C:\Program Files\Bluetooth PhoneManager
      [20/01/2008|20:25] C:\Program Files\BSD Concept
      [27/06/2008|13:05] C:\Program Files\Canon
      [27/06/2008|12:06] C:\Program Files\CanonBJ
      [07/09/2008|17:03] C:\Program Files\Cardiris 3 LE
      [08/09/2008|09:36] C:\Program Files\CCleaner
      [08/08/2007|18:49] C:\Program Files\Club-Internet
      [08/08/2007|18:42] C:\Program Files\Common Files
      [07/08/2007|14:40] C:\Program Files\ComPlus Applications
      [05/01/2008|11:53] C:\Program Files\DIFX
      [07/09/2008|17:03] C:\Program Files\DivX
      [08/08/2007|10:28] C:\Program Files\epson
      [09/09/2008|08:59] C:\Program Files\Executive Software
      [10/09/2008|09:41] C:\Program Files\Fichiers communs
      [08/09/2008|09:48] C:\Program Files\Google
      [14/09/2007|12:21] C:\Program Files\GPLGS
      [07/08/2007|15:23] C:\Program Files\Hewlett-Packard
      [24/05/2008|22:32] C:\Program Files\Hp
      [28/08/2007|13:27] C:\Program Files\HPQ
      [27/06/2008|12:58] C:\Program Files\InstallShield Installation Information
      [28/08/2007|13:22] C:\Program Files\Intel
      [03/09/2008|15:01] C:\Program Files\Internet Explorer
      [28/08/2007|13:28] C:\Program Files\InterVideo
      [07/08/2007|15:28] C:\Program Files\iPod
      [07/08/2007|15:28] C:\Program Files\iTunes
      [08/09/2008|10:10] C:\Program Files\Java
      [02/03/2008|21:05] C:\Program Files\Logitech
      [08/09/2008|13:07] C:\Program Files\Malwarebytes' Anti-Malware
      [05/09/2008|09:14] C:\Program Files\McAfee
      [11/09/2007|09:46] C:\Program Files\McAfee.com
      [08/09/2008|01:03] C:\Program Files\Messenger
      [24/05/2008|20:38] C:\Program Files\Microsoft ActiveSync
      [09/08/2007|14:26] C:\Program Files\Microsoft CAPICOM 2.1.0.2
      [07/08/2007|14:44] C:\Program Files\microsoft frontpage
      [05/08/2008|11:29] C:\Program Files\Microsoft Office
      [07/09/2008|15:40] C:\Program Files\Microsoft SQL Server
      [13/06/2008|14:15] C:\Program Files\Microsoft Visual Studio
      [07/09/2008|17:04] C:\Program Files\Microsoft Works
      [08/08/2007|16:52] C:\Program Files\Microsoft.NET
      [19/02/2008|14:33] C:\Program Files\Middleware
      [07/08/2007|16:09] C:\Program Files\MobiMate
      [08/09/2008|01:04] C:\Program Files\Movie Maker
      [10/09/2008|12:56] C:\Program Files\Mozilla Firefox
      [07/08/2007|14:39] C:\Program Files\MSN
      [07/08/2007|14:39] C:\Program Files\MSN Gaming Zone
      [28/08/2007|13:01] C:\Program Files\MSXML 4.0
      [24/08/2007|23:06] C:\Program Files\MSXML 6.0
      [05/04/2008|18:39] C:\Program Files\NAVIGON GmbH
      [08/09/2008|01:04] C:\Program Files\NetMeeting
      [27/01/2008|20:14] C:\Program Files\Neuf
      [13/06/2008|15:39] C:\Program Files\Nokia
      [08/08/2007|16:59] C:\Program Files\Nuance
      [07/08/2007|14:39] C:\Program Files\Online Services
      [13/11/2007|11:13] C:\Program Files\OpenOffice.org 2.3
      [09/09/2008|12:05] C:\Program Files\Opera
      [08/09/2008|01:09] C:\Program Files\Outlook Express
      [13/06/2008|15:35] C:\Program Files\PC Connectivity Solution
      [07/09/2008|17:04] C:\Program Files\PerSono
      [07/08/2007|15:29] C:\Program Files\QuickTime
      [07/09/2008|17:04] C:\Program Files\Readiris Pro 10
      [11/09/2007|12:43] C:\Program Files\Real
      [27/06/2008|13:01] C:\Program Files\ScanSoft
      [07/08/2007|14:42] C:\Program Files\Services en ligne
      [28/08/2007|16:38] C:\Program Files\SHARP 3G GSM USB Driver
      [24/05/2008|20:14] C:\Program Files\SiteAdvisor
      [26/12/2007|15:13] C:\Program Files\Skype
      [07/08/2007|15:31] C:\Program Files\Sonic
      [09/09/2008|10:50] C:\Program Files\Spybot - Search & Destroy
      [07/08/2007|15:04] C:\Program Files\Uninstall Information
      [08/08/2007|21:49] C:\Program Files\Windows Desktop Search
      [07/09/2008|22:21] C:\Program Files\Windows Media Connect 2
      [08/09/2008|01:04] C:\Program Files\Windows Media Player
      [08/09/2008|01:04] C:\Program Files\Windows NT
      [07/08/2007|14:42] C:\Program Files\WindowsUpdate
      [06/05/2008|13:28] C:\Program Files\Winferno
      [08/12/2007|20:15] C:\Program Files\WordView
      [07/08/2007|14:44] C:\Program Files\xerox

      --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

      [14/02/2008|13:22] C:\Program Files\Fichiers communs\Adobe
      [13/06/2008|14:15] C:\Program Files\Fichiers communs\DESIGNER
      [17/02/2008|18:18] C:\Program Files\Fichiers communs\FotoWire
      [29/08/2007|17:19] C:\Program Files\Fichiers communs\HP
      [07/08/2007|15:33] C:\Program Files\Fichiers communs\InstallShield
      [07/08/2007|15:33] C:\Program Files\Fichiers communs\Java
      [02/03/2008|21:15] C:\Program Files\Fichiers communs\LogiShrd
      [17/02/2008|18:14] C:\Program Files\Fichiers communs\Logitech
      [11/11/2007|14:31] C:\Program Files\Fichiers communs\McAfee
      [28/07/2008|09:59] C:\Program Files\Fichiers communs\Microsoft Shared
      [08/08/2007|18:42] C:\Program Files\Fichiers communs\Motive
      [07/08/2007|14:41] C:\Program Files\Fichiers communs\MSSoap
      [06/10/2007|11:42] C:\Program Files\Fichiers communs\Nero
      [13/06/2008|15:40] C:\Program Files\Fichiers communs\Nokia
      [07/08/2007|16:24] C:\Program Files\Fichiers communs\ODBC
      [13/06/2008|15:40] C:\Program Files\Fichiers communs\PCSuite
      [11/03/2008|19:47] C:\Program Files\Fichiers communs\Protexis
      [17/04/2008|11:07] C:\Program Files\Fichiers communs\Real
      [08/08/2007|16:59] C:\Program Files\Fichiers communs\Scansoft Shared
      [07/08/2007|14:41] C:\Program Files\Fichiers communs\Services
      [27/06/2008|12:01] C:\Program Files\Fichiers communs\Skype
      [29/08/2007|17:20] C:\Program Files\Fichiers communs\Sonic Shared
      [07/08/2007|16:24] C:\Program Files\Fichiers communs\SpeechEngines
      [07/08/2007|15:31] C:\Program Files\Fichiers communs\SureThing Shared
      [08/09/2008|01:09] C:\Program Files\Fichiers communs\System
      [07/08/2007|15:32] C:\Program Files\Fichiers communs\TiVo Shared
      [17/04/2008|11:08] C:\Program Files\Fichiers communs\xing shared

      --------------------\\ Process

      ( 69 Processes )

      ... OK !

      --------------------\\ Recherche avec S_Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Recherche de Fichiers / Dossiers Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Verification du Registre

      ..... OK !

      --------------------\\ Verification du fichier Hosts

      Fichier Hosts PROPRE


      --------------------\\ Recherche de fichiers avec Catchme

      catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-09-10 14:04:42
      Windows 5.1.2600 Service Pack 3 NTFS
      scanning hidden processes ...
      scanning hidden files ...
      scan completed successfully
      hidden processes: 0
      hidden files: 0

      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !


      [F:20][D:2]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
      [F:22][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
      [F:91][D:4]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

      1 - "C:\Lop SD\LopR_1.txt" - 10/09/2008|13:38 - Option : [1]
      2 - "C:\Lop SD\LopR_2.txt" - 10/09/2008|14:10 - Option : [2]

      --------------------\\ Fin du rapport a 14:10:31


      10/09/2008 a 14:12:11,39

      *** Recherche des fichiers dans C:

      *** Recherche des fichiers dans C:\WINDOWS\

      *** Recherche des fichiers dans C:\WINDOWS\system32

      *** Recherche des fichiers dans C:\Program Files
      *** Fin du rapport !

      Merci de la réponse
      0
  7. g!rly Messages postés 18462 Statut Contributeur 407
     
    cool ;)

    Comment va le pc maintenant ?

    Pour verifier :

    Fais un scan en ligne Kaspersky avec Internet Explorer :
    https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
    -> Click sur Démarrer Online-Scanner
    -> Click maintenant sur J'accepte.
    -> Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
    -> Patiente pendant l'installation des Mises à jour.
    -> Choisis par la suite l'analyse du Poste de travail.
    -> Sauvegarde puis colle le rapport généré en fin d'analyse.

    @+
    0
    1. crooked1 Messages postés 10 Statut Membre
       
      bonjour,

      j'ai fais un scan spybot et déjà il ne trouve plus ' smitfraud' :-). Je vais lancer un scan également. En tout cas merci beaucoup pour l'aide.

      Bonne après-midi.
      0
  8. g!rly Messages postés 18462 Statut Contributeur 407
     
    Ok
    De rien`
    @+
    0