Bonjour à tous jai un petit probléme de virus que avast ma trouver mais qu'il n'arrive pas a supprimé si quelqu'un pouver m'aider sa serai sympa SVP

Salut, commences par ceci : 1- Télécharges et installes le logiciel HijackThis : ici ftp://ftp.commentcamarche.com/download/HJTInstall.exe ou ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe ou ici https://www.clubic.com/telecharger-fiche17891-hijackthis.html -->Cliques sur le setup pour lancer l'installe : laisses toi guider et ne modifies pas les paramètres d'installation . A la fin de l'installe , le prg ce lance automatiquement : fermes le en cliquant sur la croix rouge . Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme : "C:\ program files\Trend Micro\HijackThis\HijackThis.exe " . ( ne lance pas ce prg pour l'instant et fais la suite ... ) 2- Télécharges Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau. -> http://images.malwareremoval.com/random/RSIT.exe ! Déconnecte toi et fermes toutes tes applications en cours ! Double-clique sur " RSIT.exe " pour le lancer . -> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " . * Devant l'option "List files/folders created ..." , tu choisis : 2 months * cliques ensuite sur " Continue " pour lancer l'analyse ... -> laisses faire le scan et ne touche pas au PC ... Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note). Postes le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ... ( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )

info.txt logfile of random's system information tool 1.04 2008-10-13 12:54:18 ======Uninstall list====== -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 7.0.5 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70500000002} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assist TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x40c Atheros Client Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71D658CF-4E0D-4DA8-AA67-8C0B6F1C01FE}\setup.exe" -l0x40c Atheros Wireless LAN MiniPCI card Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05832D65-6EDB-4D32-BA78-BCD0E2B91C02}\setup.exe" -l0x40c ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Commandes TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x40c UNINSTALL Correctif pour Windows XP (KB893357)-->"C:\WINDOWS\$NtUninstallKB893357$\spuninst\spuninst.exe" Correctif pour Windows XP (KB894871)-->"C:\WINDOWS\$NtUninstallKB894871$\spuninst\spuninst.exe" Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif Windows XP - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Correctif Windows XP - KB885855-->C:\WINDOWS\$NtUninstallKB885855$\spuninst\spuninst.exe Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Correctif Windows XP - KB889673-->C:\WINDOWS\$NtUninstallKB889673$\spuninst\spuninst.exe Correctif Windows XP - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Correctif Windows XP - KB893056-->C:\WINDOWS\$NtUninstallKB893056$\spuninst\spuninst.exe Correctif Windows XP - KB895200-->"C:\WINDOWS\$NtUninstallKB895200$\spuninst\spuninst.exe" Gestion d'énergie TOSHIBA-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll" Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F} Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll" High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall InterVideo WinDVD Creator 2-->"C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL InterVideo WinDVD for TOSHIBA-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040} K-Lite Codec Pack 4.1.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c} Manuels TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EB6332B-AF02-457C-A31C-835458C5B48B}\setup.exe" -l0x40c -removeonly Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Office OneNote 2003-->MsiExec.exe /I{91A1040C-6000-11D3-8CFE-0150048383C9} Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB893066)-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896688)-->"C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mozilla Firefox (1.5)-->C:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5 (fr)" Outil de diagnostic PC TOSHIBA-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.isu" Panneau de contrôle ATI-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x40c REMOVE Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly Réducteur de bruit lect. CD/DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x40c Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Son virtuel TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\Setup.exe" /uninstall Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} Star Wars Jedi Knight Jedi Academy-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}\Setup.exe" -l0x9 Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x40c UNINSTALL TOSHIBA Hotkey Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64DD71BC-3109-4C88-9AD3-D5422644B722}\setup.exe" -l0x40c TOSHIBA Software Modem-->Tosmreg -U TOSHIBA TouchPad ON/Off Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{69BE47C2-36FE-4397-8199-85D8EAE69982}\setup.exe" -l0x40c TOSHIBA Utilities-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}\setup.exe" -l0x40c Touch and Launch-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D96E2B1-D9AC-46E0-9073-425C5F63E338}\setup.exe" Utilitaire de zoom TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\Setup.exe" -l0x40c Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll ======Security center information====== AV: avast! antivirus 4.8.1229 [VPS 081012-0] ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel "PROCESSOR_REVISION"=0d08 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------

voila c'est fait merci de m'aider

c'est fait j'etais pas assez patient quand jappuyer sur F8 xD [b]SDFix: Version 1.235 [/b] Run by Guillaume on 13/10/2008 at 14:42 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix [b]Checking Services [/b]: Rootkit Found : C:\WINDOWS\system32\drivers\ATI1FNXX.sys - Rootkit Pandex/Cutwail - Protect.sys C:\WINDOWS\system32\drivers\ATI2LSXX.sys - Rootkit Pandex/Cutwail - Protect.sys C:\WINDOWS\system32\drivers\ATI3CJXX.sys - Rootkit Pandex/Cutwail - Protect.sys C:\WINDOWS\system32\drivers\ATI7HOXX.sys - Rootkit Pandex/Cutwail - Protect.sys [b]Name [/b]: tcpsr [b]Path [/b]: \??\C:\WINDOWS\System32\drivers\tcpsr.sys tcpsr - Deleted Restoring Default Security Values Restoring Default Hosts File Restoring Default Desktop Wallpaper Rebooting [b]Checking Files [/b]: Trojan Files Found: C:\WINDOWS\system32\FBHQRARD.dll - Deleted C:\WINDOWS\system32\phcrbgj0eg21.bmp - Deleted C:\autorun.inf - Deleted C:\Documents and Settings\Guillaume\Local Settings\Temp\.tt16.tmp.exe - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt100.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt105.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt10B.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt112.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt11A.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt11F.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt124.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt12B.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt13.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt132.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt138.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt13E.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt14.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt143.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt147.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt14C.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt14F.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt15.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt16.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt17.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt18.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt19.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt1B.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt1FD.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt22.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt23A.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt241.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt246.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt256.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt26.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt28.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt2A.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt2D.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt34.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt39.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt3A.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt3C.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt3D.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt43.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt46.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt47.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt4A.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt4C.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt4F.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt52.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt53.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt56.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt58.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt5D.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt5E.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt60.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt65.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt66.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt67.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt69.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt6B.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt6D.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt72.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt73.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt77.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt7A.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt7D.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt83.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt89.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt8B.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt95.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt9F.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttA9.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttB.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttB2.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttB6.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttBA.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttBE.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttC2.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttC8.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttD3.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttDB.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttDF.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttE.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttEB.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttF.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttF4.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttF7.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.ttFB.tmp - Deleted C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\.tt16.tmp.exe - Deleted C:\WINDOWS\system32\rs32net.exe - Deleted C:\WINDOWS\system32\drivers\ATI1FNXX.sys - Deleted C:\WINDOWS\system32\drivers\ATI2LSXX.sys - Deleted C:\WINDOWS\system32\drivers\ATI3CJXX.sys - Deleted C:\WINDOWS\system32\drivers\ATI7HOXX.sys - Deleted Removing Temp Files [b]ADS Check [/b]: [b]Final Check [/b]: catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-13 14:57:46 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 [b]Remaining Services [/b]: Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [b]Remaining Files [/b]: File Backups: - C:\SDFix\backups\backups.zip [b]Files with Hidden Attributes [/b]: [b]Finished![/b]

Pb trojan-gen rootkit-gen

Réponse 21 / 31