Se connecter / S'enregistrer
Votre question

probleme avec kesenjangansocial.exe

Tags :
  • barre de tache
  • Sécurité
Dernière réponse : dans Sécurité et virus
18 Février 2008 21:17:58

Bonsoir,

Voilà j'ai un souci avec kesenjangansocial. Au demarrage de mon ordinateur il me met un message comme quoi : " C:\WINDOWS\KesenjanganSocial.exe" est introuvable.

J'ai fais un scan avec bitdefender mais celui ci ne trouve aucun virus.
J'ai été voir sur des forums des solutions mais rien ne fonctionne.

A cause de ca des que je me connecte à internet, il affiche la page web mais il enleve la barre des taches et pour retrouver mon bureau et ma barre des taches il faut que je redemarre mon ordi.

Ca m'a causé aussi un autre probleme : j'avais 9500 fichiers pos au format TMP dans le lecteur C:\ et dans mes documents, mais ca j'ai reussi à les supprimer apres mon scan de bitdefender. Je le precise juste au cas ou.

Voila en attendant une reponse, je remercie ce qui lise et qui je le souhaite me repondront.

A bientot.

Autres pages sur : probleme kesenjangansocial exe

18 Février 2008 21:26:21

Salut.

Poste un rapport Hijackthis comme expliqué sur ce lien :
http://www.infos-du-net.com/forum/271838-11-tuto-utilis...
Il est essentiel qu'Hijackthis ait été renommé en Hjt avant de lancer le scan et qu'il soit placé dans son propre dossier ailleurs que sur ton bureau ou dans un fichier temporaire .

++
a b 8 Sécurité
18 Février 2008 21:26:23

Bonjour,

Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

    &

    Télécharge puis installe Hijackthis ([#ff0000]Trend Micro
  • ).
    Poste ensuite un rapport dans ta prochaine réponse.
    AIDE : Comment utiliser Hijackthis v2.0.2
    Contenus similaires
    18 Février 2008 21:27:13

    Je t'en prie Angeldark, prend la suite. :) 
    a b 8 Sécurité
    18 Février 2008 21:29:54

    Merci.
    18 Février 2008 22:02:49

    voici le rapport combofix

    ComboFix 08-02-18.1 - cindy 2008-02-18 21:53:06.2 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.1.1252.1.1036.18.43 [GMT 1:00]
    Endroit: C:\Documents and Settings\cindy\Bureau\ComboFix.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ---- Previous Run -------
    .
    C:\Documents and Settings\cindy\Application Data\DOBE~1
    C:\Documents and Settings\cindy\Local Settings\Application Data\rnjfjfbd.dat
    C:\Documents and Settings\cindy\Local Settings\Application Data\rnjfjfbd.exe
    C:\Documents and Settings\cindy\Local Settings\Application Data\rnjfjfbd_nav.dat
    C:\Documents and Settings\cindy\Local Settings\Application Data\rnjfjfbd_navps.dat
    C:\Documents and Settings\cindy\ResErrors.log
    C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon
    C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon\domains.txt
    C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon\log.txt
    C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data\NetMon
    C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data\NetMon\domains.txt
    C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data\NetMon\log.txt
    C:\Program Files\network monitor
    C:\WINDOWS\a3Vyb3dpYWs\
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\Downloaded Program Files\UGESV_0001_N122M2811NetInstaller.exe
    C:\WINDOWS\system32\atmtd.dll._
    C:\WINDOWS\system32\awtsqnk.dll
    C:\WINDOWS\system32\caohhmyu.tmp
    C:\WINDOWS\system32\cbcdd.ini
    C:\WINDOWS\system32\cbcdd.ini2
    C:\WINDOWS\system32\cyrdclvm.dll
    C:\WINDOWS\system32\ddcbc.dll
    C:\WINDOWS\system32\efcbaxy.dll
    C:\WINDOWS\system32\eiruybbp.dll
    C:\WINDOWS\system32\exmianlc.ini
    C:\WINDOWS\system32\kquviprr.dll
    C:\WINDOWS\system32\mcrh.tmp
    C:\WINDOWS\system32\msssc.dll
    C:\WINDOWS\system32\nGpxx01
    C:\WINDOWS\system32\nGpxx01\nGpxx011065.exe
    C:\WINDOWS\system32\nvs2.inf
    C:\WINDOWS\system32\pac.txt
    C:\WINDOWS\system32\tpgsyfjx.ini
    C:\WINDOWS\system32\uymhhoac.dll
    C:\WINDOWS\system32\vgbxyowe.dllbox
    C:\WINDOWS\system32\windows
    C:\WINDOWS\uninstall_nmon.vbs

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .
    -------\LEGACY_CMDSERVICE
    -------\LEGACY_NETWORK_MONITOR
    -------\cmdService
    -------\Network Monitor




    ((((((((((((((((((((((((((((( Fichiers créés 2008-01-18 to 2008-02-18 ))))))))))))))))))))))))))))))))))))
    .

    2008-02-18 20:34 . 2002-12-06 17:37 503,808 --a------ C:\WINDOWS\system32\xreglib.dll.tmppnd
    2008-02-18 20:34 . 2008-02-18 20:34 81,984 --a------ C:\WINDOWS\system32\bdod.bin
    2008-02-18 15:01 . 2008-02-18 15:01 71,040 --a------ C:\WINDOWS\system32\drivers\bdfndisf.sys.avxpnd
    2008-02-18 14:41 . 2008-02-18 14:41 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Bitdefender
    2008-02-18 14:11 . 2008-02-18 15:01 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender
    2008-02-18 14:10 . 2008-02-18 14:10 <REP> d-------- C:\Program Files\Softwin
    2008-02-18 14:09 . 2008-02-18 14:10 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
    2008-02-18 14:05 . 2008-02-18 14:05 268 --ah----- C:\sqmdata19.sqm
    2008-02-18 14:05 . 2008-02-18 14:05 244 --ah----- C:\sqmnoopt19.sqm
    2008-02-18 13:58 . 2008-02-18 13:58 268 --ah----- C:\sqmdata18.sqm
    2008-02-18 13:58 . 2008-02-18 13:58 244 --ah----- C:\sqmnoopt18.sqm
    2008-02-18 13:42 . 2008-02-18 13:42 2,676 --a------ C:\WINDOWS\system32\tmp.reg
    2008-02-18 13:41 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
    2008-02-18 13:41 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
    2008-02-18 13:41 . 2008-02-16 19:46 85,504 --a------ C:\WINDOWS\system32\VACFix.exe
    2008-02-18 13:41 . 2008-02-08 10:37 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
    2008-02-18 13:41 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
    2008-02-18 13:41 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
    2008-02-18 13:39 . 2008-02-18 13:39 172 --ah----- C:\sqmnoopt17.sqm
    2008-02-18 13:39 . 2008-02-18 13:39 172 --ah----- C:\sqmdata17.sqm
    2008-02-18 13:35 . 2008-02-18 13:35 268 --ah----- C:\sqmdata16.sqm
    2008-02-18 13:35 . 2008-02-18 13:35 244 --ah----- C:\sqmnoopt16.sqm
    2008-02-18 13:29 . 2008-02-18 13:29 172 --ah----- C:\sqmnoopt15.sqm
    2008-02-18 13:29 . 2008-02-18 13:29 172 --ah----- C:\sqmdata15.sqm
    2008-02-18 13:28 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2008-02-18 12:26 . 2008-02-18 12:26 268 --ah----- C:\sqmdata14.sqm
    2008-02-18 12:26 . 2008-02-18 12:26 244 --ah----- C:\sqmnoopt14.sqm
    2008-02-18 12:06 . 2008-02-18 18:58 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
    2008-02-18 11:58 . 2008-02-18 11:58 268 --ah----- C:\sqmdata13.sqm
    2008-02-18 11:58 . 2008-02-18 11:58 244 --ah----- C:\sqmnoopt13.sqm
    2008-02-18 10:40 . 2008-02-18 10:40 268 --ah----- C:\sqmdata12.sqm
    2008-02-18 10:40 . 2008-02-18 10:40 244 --ah----- C:\sqmnoopt12.sqm
    2008-02-18 10:18 . 2008-02-18 10:18 268 --ah----- C:\sqmdata11.sqm
    2008-02-18 10:18 . 2008-02-18 10:18 244 --ah----- C:\sqmnoopt11.sqm
    2008-02-17 20:25 . 2008-02-17 20:25 268 --ah----- C:\sqmdata10.sqm
    2008-02-17 20:25 . 2008-02-17 20:25 244 --ah----- C:\sqmnoopt10.sqm
    2008-02-17 18:05 . 2008-02-17 18:05 268 --ah----- C:\sqmdata09.sqm
    2008-02-17 18:05 . 2008-02-17 18:05 244 --ah----- C:\sqmnoopt09.sqm
    2008-02-17 16:44 . 2008-02-17 16:44 <REP> d-------- C:\Program Files\Alwil Software
    2008-02-17 15:41 . 2008-02-17 15:39 691,545 --a------ C:\WINDOWS\unins000.exe
    2008-02-17 15:41 . 2008-02-17 15:41 3,465 --a------ C:\WINDOWS\unins000.dat
    2008-02-17 15:34 . 2008-02-17 17:56 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2008-02-17 15:16 . 2008-02-17 20:26 <REP> d-------- C:\Documents and Settings\cindy\Contacts
    2008-02-17 14:47 . 2008-02-17 14:47 <REP> d-------- C:\Documents and Settings\cindy\Application Data\AntivirusOrdi
    2008-02-17 14:47 . 2008-02-17 14:47 <REP> dr------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SalesMon
    2008-02-17 14:46 . 2008-02-17 14:46 191,512 --a------ C:\Documents and Settings\cindy\Application Data\install_fr[1].exe
    2008-02-17 14:46 . 2004-10-07 13:39 89,088 --a------ C:\WINDOWS\system32\atl71.dll
    2008-02-17 14:46 . 2001-03-08 18:30 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
    2008-02-17 13:20 . 2008-02-17 13:20 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconFR.ico
    2008-02-16 13:08 . 2008-02-17 17:24 <REP> d-------- C:\WINDOWS\system32\yw3
    2008-02-16 13:08 . 2008-02-17 17:23 <REP> d-------- C:\WINDOWS\system32\rp1
    2008-02-16 13:08 . 2008-02-16 13:08 <REP> d-------- C:\WINDOWS\system32\mq9
    2008-02-11 20:55 . 2008-02-11 20:55 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Apple Computer
    2008-02-11 20:54 . 2008-02-11 20:55 <REP> d-------- C:\Program Files\iTunes
    2008-02-11 20:54 . 2008-02-11 20:54 <REP> d-------- C:\Program Files\iPod
    2008-02-11 20:52 . 2008-02-11 20:53 <REP> d-------- C:\Program Files\QuickTime
    2008-02-11 20:52 . 2008-02-11 20:54 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
    2008-02-11 20:51 . 2008-02-11 20:51 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
    2008-02-10 17:17 . 2008-02-10 17:18 <REP> d-------- C:\Documents and Settings\cindy\Application Data\MSN6
    2008-02-10 17:17 . 2008-02-10 17:17 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
    2008-02-10 16:37 . 2008-02-10 16:37 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
    2008-02-10 15:11 . 2008-02-10 15:11 0 --a------ C:\WINDOWS\khooker.INI
    2008-02-10 13:21 . 2008-02-10 20:57 <REP> d-a------ C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
    2008-02-09 17:27 . 2008-02-11 18:46 <REP> d-------- C:\WINDOWS\ShellNew
    2008-02-09 13:15 . 2008-02-18 21:49 268 --ah----- C:\sqmdata05.sqm
    2008-02-09 13:15 . 2008-02-18 21:49 244 --ah----- C:\sqmnoopt05.sqm
    2008-02-09 13:15 . 2008-02-09 13:15 208 --ah----- C:\sqmdata07.sqm
    2008-02-09 13:15 . 2008-02-09 13:15 172 --ah----- C:\sqmnoopt08.sqm
    2008-02-09 13:15 . 2008-02-09 13:15 172 --ah----- C:\sqmnoopt07.sqm
    2008-02-09 13:15 . 2008-02-09 13:15 172 --ah----- C:\sqmdata08.sqm
    2008-02-09 13:15 . 2008-02-09 13:15 148 --ah----- C:\sqmdata06.sqm
    2008-02-09 13:15 . 2008-02-09 13:15 136 --ah----- C:\sqmnoopt06.sqm
    2008-02-08 19:05 . 2008-02-08 19:05 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Yahoo!
    2008-02-08 19:04 . 2008-02-08 19:04 <REP> d-------- C:\Program Files\DivX
    2008-02-08 09:17 . 2008-02-18 20:55 268 --ah----- C:\sqmdata04.sqm
    2008-02-08 09:17 . 2008-02-18 20:55 244 --ah----- C:\sqmnoopt04.sqm
    2008-02-07 11:11 . 2008-02-18 20:36 172 --ah----- C:\sqmnoopt03.sqm
    2008-02-07 11:11 . 2008-02-18 20:36 172 --ah----- C:\sqmdata03.sqm
    2008-02-06 12:37 . 2008-02-18 19:44 268 --ah----- C:\sqmdata02.sqm
    2008-02-06 12:37 . 2008-02-18 19:44 244 --ah----- C:\sqmnoopt02.sqm
    2008-02-04 22:15 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
    2008-02-04 22:15 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
    2008-02-04 22:15 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
    2008-02-04 14:53 . 2008-02-04 14:53 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Template
    2008-02-03 14:45 . 2008-02-03 14:45 <REP> d-------- C:\WINDOWS\Sun
    2008-02-03 14:43 . 2008-02-18 18:58 <REP> d-------- C:\Program Files\Google
    2008-02-03 14:42 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
    2008-02-03 14:41 . 2008-02-03 14:42 <REP> d-------- C:\Program Files\Java
    2008-02-03 14:40 . 2008-02-03 14:40 <REP> d-------- C:\Program Files\Fichiers communs\Java
    2008-02-03 13:52 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
    2008-02-03 13:52 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
    2008-02-03 13:52 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
    2008-02-03 13:52 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
    2008-02-03 13:52 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
    2008-02-03 13:52 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-02-18 14:01 913,408 ----a-w C:\WINDOWS\system32\xreglib.dll
    2008-02-17 14:33 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-02-15 14:00 --------- d-----w C:\Program Files\Norton Security Scan
    2008-02-11 19:51 --------- d-----w C:\Program Files\Apple Software Update
    2008-02-11 18:45 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2008-02-10 12:28 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-02-04 13:40 --------- d-----w C:\Program Files\Microsoft Works
    2008-02-02 14:22 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-02-02 13:59 --------- d-----w C:\Program Files\SiSVGA
    2008-02-01 17:36 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    2008-02-01 14:19 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2008-02-01 13:52 --------- d-----w C:\Program Files\uTorrent
    2008-01-10 19:32 --------- d-----w C:\Program Files\Macrogaming
    2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2003-07-22 16:44 1,388,544 --sh--r C:\WINDOWS\system32\msvbvm60.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{23C10E04-21BC-4E0E-C391-F71E77A9B5CD}]
    C:\Program Files\Windows Media Player\qujaxiji.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D81BA243-8839-496E-A3E0-C17266E0AFE5}]
    2008-02-08 02:07 217088 --a------ C:\Program Files\MSN\giquxaba89104.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Tok-Cirrhatus"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
    "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2003-07-22 17:32 13312]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-18 12:06 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57 143360]
    "SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 17:15 106496]
    "SiS Tray"="C:\WINDOWS\System32\sistray.EXE" [2003-06-26 11:35 303104]
    "SiS KHooker"="C:\WINDOWS\System32\khooker.exe" [2003-05-29 03:23 294912]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 10:00 267064]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]
    "BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2006-08-04 16:22 376832]
    "BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2006-06-20 14:35 49152]
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-18 19:00 1836544]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2003-07-22 17:32 13312]

    C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
    Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-02-18 12:06:49 125624]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vgbxyowe]
    vgbxyowe.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=sockspy.dll


    *Newly Created Service* - ALG
    *Newly Created Service* - IPNAT
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-02-18 18:48:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-02-15 14:00:27 C:\WINDOWS\Tasks\Norton Security Scan.job"
    - C:\Program Files\Norton Security Scan\Nss.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-02-18 21:56:26
    Windows 5.1.2600 Service Pack 1 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-02-18 21:59:19
    ComboFix-quarantined-files.txt 2008-02-18 20:59:10
    18 Février 2008 22:03:57

    et voici le rapport hijackthis

    Logfile of HijackThis v1.99.1
    Scan saved at 22:01:16, on 18/02/2008
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\WINDOWS\System32\sistray.EXE
    C:\WINDOWS\System32\khooker.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Softwin\BitDefender10\bdmcon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\cindy\Bureau\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: 0 - {23C10E04-21BC-4E0E-C391-F71E77A9B5CD} - C:\Program Files\Windows Media Player\qujaxiji.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O2 - BHO: (no name) - {D81BA243-8839-496E-A3E0-C17266E0AFE5} - C:\Program Files\MSN\giquxaba89104.dll
    O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
    O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKCU\..\Run: [Tok-Cirrhatus] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
    O15 - Trusted Zone: *.amaena.com
    O15 - Trusted Zone: *.avsystemcare.com
    O15 - Trusted Zone: *.gomyhit.com
    O15 - Trusted Zone: *.imageservr.com
    O15 - Trusted Zone: *.imagesrvr.com
    O15 - Trusted Zone: *.onerateld.com
    O15 - Trusted Zone: *.safetydownload.com
    O15 - Trusted Zone: *.storageguardsoft.com
    O15 - Trusted Zone: *.trustedantivirus.com
    O15 - Trusted Zone: *.virusschlacht.com
    O15 - Trusted Zone: *.amaena.com (HKLM)
    O15 - Trusted Zone: *.avsystemcare.com (HKLM)
    O15 - Trusted Zone: *.gomyhit.com (HKLM)
    O15 - Trusted Zone: *.imageservr.com (HKLM)
    O15 - Trusted Zone: *.imagesrvr.com (HKLM)
    O15 - Trusted Zone: *.onerateld.com (HKLM)
    O15 - Trusted Zone: *.safetydownload.com (HKLM)
    O15 - Trusted Zone: *.storageguardsoft.com (HKLM)
    O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
    O15 - Trusted Zone: *.virusschlacht.com (HKLM)
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {B164C1FC-1BEE-A33B-E3B6-67C8F421E94B} - http://performanceoptimizer.com/files/PerformanceOptimi...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flas...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: vgbxyowe - vgbxyowe.dll (file missing)
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

    Merci!!!!
    a b 8 Sécurité
    18 Février 2008 22:28:47

    Re,

    Télécharge [#FF0000]DelDomains.inf[/#F] (de Mike Burgess) sur ton Bureau.
    **Si tu utilises FireFox : fais un clic droit sur le lien et choisis "Enregistrer la cible du lien sous..."**
  • Fais un clique droit sur le fichier, puis choisis "Installer" du menu contextuel.
  • Le script s'installe rapidement et aucune confirmation ne sera affichée à l'écran, ceci est normal.

    18 Février 2008 22:32:13

    voila c'est fait il me donne ca :

    ; DelDomains.inf © 11-28-04 | Revised 01-15-06
    ; Created by: Mike Burgess Microsoft MVP
    ; http://mvps.org/winhelp2002/
    ;
    ; Warning: Deletes all entries in the Restricted & Trusted Zone list
    ; http://mvps.org/winhelp2002/restricted.htm
    ;
    ; Revised to include the EscDomains key
    ;
    ; To execute this file: in Explorer - right-click (this file)
    ; Select Install from the Menu.
    ; Note: you will not see any onscreen action.

    [version]
    signature="$CHICAGO$"

    [DefaultInstall]
    DelReg=DelTemps
    AddReg=AddTemps

    [DelTemps]
    HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
    HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
    HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges"
    HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges"
    HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains"

    ; Recreate the keys to avoid a restart

    [AddTemps]
    HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
    HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
    HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges"
    HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges"
    HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains"
    a b 8 Sécurité
    19 Février 2008 12:58:31

    **Si tu utilises FireFox : fais un clic droit sur le lien et choisis "Enregistrer la cible du lien sous..."**
    -> Tu as bien fait ça ?
    19 Février 2008 13:02:31

    J'utilise pas firefox, donc j'ai cliqué dessus je l'ai enregistré sous mon bureau...et quand je l'ai ouvert il m'a donné ca.
    a b 8 Sécurité
    19 Février 2008 13:05:13

    **Si tu utilises FireFox : fais un clic droit sur le lien et choisis "Enregistrer la cible du lien sous..."**
    -> fais-le, même avec Internet Explorer alors
    19 Février 2008 13:39:37

    Voila j'ai installer deldomains en suivant les étapes que tu m'as enoncé.

    a b 8 Sécurité
    19 Février 2008 16:49:27

    Reposte un rapport Hijackthis :) 
    20 Février 2008 10:59:58

    Bonjour, Voila le nouveau rapport ;) 

    Logfile of HijackThis v1.99.1
    Scan saved at 10:58:47, on 20/02/2008
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\WINDOWS\System32\sistray.EXE
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\System32\khooker.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Softwin\BitDefender10\bdmcon.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Documents and Settings\cindy\Bureau\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O2 - BHO: (no name) - {D81BA243-8839-496E-A3E0-C17266E0AFE5} - C:\Program Files\MSN\giquxaba89104.dll
    O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
    O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKCU\..\Run: [Tok-Cirrhatus] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {B164C1FC-1BEE-A33B-E3B6-67C8F421E94B} - http://performanceoptimizer.com/files/PerformanceOptimi...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flas...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: vgbxyowe - vgbxyowe.dll (file missing)
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)


    a b 8 Sécurité
    20 Février 2008 13:16:34

    Refais un scan Combofix :) 
    20 Février 2008 19:13:08

    voila, apres mon scan combofix :

    ComboFix 08-02-18.1 - cindy 2008-02-20 18:49:14.3 - NTFSx86
    Endroit: C:\Documents and Settings\cindy\Bureau\ComboFix.exe
    .
    The following files were disabled during the run:
    C:\WINDOWS\system32\sockspy.dll


    ((((((((((((((((((((((((((((( Fichiers créés 2008-01-20 to 2008-02-20 ))))))))))))))))))))))))))))))))))))
    .

    2008-02-19 10:28 . 2008-02-18 15:01 913,408 --a------ C:\WINDOWS\system32\xreglib.dll
    2008-02-18 22:31 . 2008-02-19 13:15 1,432 --a------ C:\DelDomains.inf
    2008-02-18 20:34 . 2008-02-20 18:54 81,984 --a------ C:\WINDOWS\system32\bdod.bin
    2008-02-18 14:41 . 2008-02-18 14:41 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Bitdefender
    2008-02-18 14:11 . 2008-02-18 15:01 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender
    2008-02-18 14:10 . 2008-02-18 14:10 <REP> d-------- C:\Program Files\Softwin
    2008-02-18 14:09 . 2008-02-18 14:10 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
    2008-02-18 14:05 . 2008-02-18 14:05 268 --ah----- C:\sqmdata19.sqm
    2008-02-18 14:05 . 2008-02-18 14:05 244 --ah----- C:\sqmnoopt19.sqm
    2008-02-18 13:58 . 2008-02-18 13:58 268 --ah----- C:\sqmdata18.sqm
    2008-02-18 13:58 . 2008-02-18 13:58 244 --ah----- C:\sqmnoopt18.sqm
    2008-02-18 13:42 . 2008-02-18 13:42 2,676 --a------ C:\WINDOWS\system32\tmp.reg
    2008-02-18 13:41 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
    2008-02-18 13:41 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
    2008-02-18 13:41 . 2008-02-16 19:46 85,504 --a------ C:\WINDOWS\system32\VACFix.exe
    2008-02-18 13:41 . 2008-02-08 10:37 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
    2008-02-18 13:41 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
    2008-02-18 13:41 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
    2008-02-18 13:39 . 2008-02-18 13:39 172 --ah----- C:\sqmnoopt17.sqm
    2008-02-18 13:39 . 2008-02-18 13:39 172 --ah----- C:\sqmdata17.sqm
    2008-02-18 13:35 . 2008-02-18 13:35 268 --ah----- C:\sqmdata16.sqm
    2008-02-18 13:35 . 2008-02-18 13:35 244 --ah----- C:\sqmnoopt16.sqm
    2008-02-18 13:29 . 2008-02-18 13:29 172 --ah----- C:\sqmnoopt15.sqm
    2008-02-18 13:29 . 2008-02-18 13:29 172 --ah----- C:\sqmdata15.sqm
    2008-02-18 13:28 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2008-02-18 12:26 . 2008-02-20 18:16 304 --ah----- C:\sqmdata14.sqm
    2008-02-18 12:26 . 2008-02-20 18:16 244 --ah----- C:\sqmnoopt14.sqm
    2008-02-18 12:06 . 2008-02-20 11:22 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
    2008-02-18 11:58 . 2008-02-20 16:38 268 --ah----- C:\sqmdata13.sqm
    2008-02-18 11:58 . 2008-02-20 16:38 244 --ah----- C:\sqmnoopt13.sqm
    2008-02-18 10:40 . 2008-02-20 16:09 172 --ah----- C:\sqmnoopt12.sqm
    2008-02-18 10:40 . 2008-02-20 16:10 172 --ah----- C:\sqmdata12.sqm
    2008-02-18 10:18 . 2008-02-20 15:56 268 --ah----- C:\sqmdata11.sqm
    2008-02-18 10:18 . 2008-02-20 15:56 244 --ah----- C:\sqmnoopt11.sqm
    2008-02-17 20:25 . 2008-02-20 10:40 268 --ah----- C:\sqmdata10.sqm
    2008-02-17 20:25 . 2008-02-20 10:40 244 --ah----- C:\sqmnoopt10.sqm
    2008-02-17 18:05 . 2008-02-19 19:08 268 --ah----- C:\sqmdata09.sqm
    2008-02-17 18:05 . 2008-02-19 19:08 244 --ah----- C:\sqmnoopt09.sqm
    2008-02-17 16:44 . 2008-02-17 16:44 <REP> d-------- C:\Program Files\Alwil Software
    2008-02-17 15:41 . 2008-02-17 15:39 691,545 --a------ C:\WINDOWS\unins000.exe
    2008-02-17 15:41 . 2008-02-17 15:41 3,465 --a------ C:\WINDOWS\unins000.dat
    2008-02-17 15:34 . 2008-02-17 17:56 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2008-02-17 15:16 . 2008-02-20 18:07 <REP> d-------- C:\Documents and Settings\cindy\Contacts
    2008-02-17 14:47 . 2008-02-17 14:47 <REP> d-------- C:\Documents and Settings\cindy\Application Data\AntivirusOrdi
    2008-02-17 14:47 . 2008-02-17 14:47 <REP> dr------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SalesMon
    2008-02-17 14:46 . 2008-02-17 14:46 191,512 --a------ C:\Documents and Settings\cindy\Application Data\install_fr[1].exe
    2008-02-17 14:46 . 2004-10-07 13:39 89,088 --a------ C:\WINDOWS\system32\atl71.dll
    2008-02-17 14:46 . 2001-03-08 18:30 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
    2008-02-17 13:20 . 2008-02-17 13:20 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconFR.ico
    2008-02-16 13:08 . 2008-02-17 17:24 <REP> d-------- C:\WINDOWS\system32\yw3
    2008-02-16 13:08 . 2008-02-17 17:23 <REP> d-------- C:\WINDOWS\system32\rp1
    2008-02-16 13:08 . 2008-02-16 13:08 <REP> d-------- C:\WINDOWS\system32\mq9
    2008-02-11 20:55 . 2008-02-11 20:55 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Apple Computer
    2008-02-11 20:54 . 2008-02-11 20:55 <REP> d-------- C:\Program Files\iTunes
    2008-02-11 20:54 . 2008-02-11 20:54 <REP> d-------- C:\Program Files\iPod
    2008-02-11 20:52 . 2008-02-11 20:53 <REP> d-------- C:\Program Files\QuickTime
    2008-02-11 20:52 . 2008-02-11 20:54 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
    2008-02-11 20:51 . 2008-02-11 20:51 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
    2008-02-10 17:17 . 2008-02-10 17:18 <REP> d-------- C:\Documents and Settings\cindy\Application Data\MSN6
    2008-02-10 17:17 . 2008-02-10 17:17 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
    2008-02-10 16:37 . 2008-02-10 16:37 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
    2008-02-10 15:11 . 2008-02-10 15:11 0 --a------ C:\WINDOWS\khooker.INI
    2008-02-10 13:21 . 2008-02-10 20:57 <REP> d-a------ C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
    2008-02-09 17:27 . 2008-02-11 18:46 <REP> d-------- C:\WINDOWS\ShellNew
    2008-02-09 13:15 . 2008-02-19 17:23 268 --ah----- C:\sqmdata08.sqm
    2008-02-09 13:15 . 2008-02-19 11:50 268 --ah----- C:\sqmdata07.sqm
    2008-02-09 13:15 . 2008-02-18 21:49 268 --ah----- C:\sqmdata05.sqm
    2008-02-09 13:15 . 2008-02-19 17:23 244 --ah----- C:\sqmnoopt08.sqm
    2008-02-09 13:15 . 2008-02-19 11:50 244 --ah----- C:\sqmnoopt07.sqm
    2008-02-09 13:15 . 2008-02-18 21:49 244 --ah----- C:\sqmnoopt05.sqm
    2008-02-09 13:15 . 2008-02-18 23:16 172 --ah----- C:\sqmnoopt06.sqm
    2008-02-09 13:15 . 2008-02-18 23:16 172 --ah----- C:\sqmdata06.sqm
    2008-02-08 19:05 . 2008-02-08 19:05 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Yahoo!
    2008-02-08 19:04 . 2008-02-08 19:04 <REP> d-------- C:\Program Files\DivX
    2008-02-08 09:17 . 2008-02-18 20:55 268 --ah----- C:\sqmdata04.sqm
    2008-02-08 09:17 . 2008-02-18 20:55 244 --ah----- C:\sqmnoopt04.sqm
    2008-02-07 11:11 . 2008-02-18 20:36 172 --ah----- C:\sqmnoopt03.sqm
    2008-02-07 11:11 . 2008-02-18 20:36 172 --ah----- C:\sqmdata03.sqm
    2008-02-06 12:37 . 2008-02-18 19:44 268 --ah----- C:\sqmdata02.sqm
    2008-02-06 12:37 . 2008-02-18 19:44 244 --ah----- C:\sqmnoopt02.sqm
    2008-02-04 22:15 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
    2008-02-04 22:15 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
    2008-02-04 22:15 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
    2008-02-04 14:53 . 2008-02-04 14:53 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Template
    2008-02-03 14:45 . 2008-02-03 14:45 <REP> d-------- C:\WINDOWS\Sun
    2008-02-03 14:43 . 2008-02-19 11:03 <REP> d-------- C:\Program Files\Google
    2008-02-03 14:42 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
    2008-02-03 14:41 . 2008-02-03 14:42 <REP> d-------- C:\Program Files\Java
    2008-02-03 14:40 . 2008-02-03 14:40 <REP> d-------- C:\Program Files\Fichiers communs\Java
    2008-02-03 13:52 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
    2008-02-03 13:52 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
    2008-02-03 13:52 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
    2008-02-03 13:52 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
    2008-02-03 13:52 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
    2008-02-03 13:52 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-02-18 14:01 71,040 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
    2008-02-17 14:33 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-02-15 14:00 --------- d-----w C:\Program Files\Norton Security Scan
    2008-02-11 19:51 --------- d-----w C:\Program Files\Apple Software Update
    2008-02-11 18:45 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2008-02-10 12:28 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-02-04 13:40 --------- d-----w C:\Program Files\Microsoft Works
    2008-02-02 14:22 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-02-02 13:59 --------- d-----w C:\Program Files\SiSVGA
    2008-02-01 17:36 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    2008-02-01 14:19 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2008-02-01 13:52 --------- d-----w C:\Program Files\uTorrent
    2008-01-10 19:32 --------- d-----w C:\Program Files\Macrogaming
    2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2003-07-22 16:44 1,388,544 --sh--r C:\WINDOWS\system32\msvbvm60.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D81BA243-8839-496E-A3E0-C17266E0AFE5}]
    2008-02-08 02:07 217088 --a------ C:\Program Files\MSN\giquxaba89104.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Tok-Cirrhatus"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
    "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2003-07-22 17:32 13312]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-18 12:06 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57 143360]
    "SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 17:15 106496]
    "SiS Tray"="C:\WINDOWS\System32\sistray.EXE" [2003-06-26 11:35 303104]
    "SiS KHooker"="C:\WINDOWS\System32\khooker.exe" [2003-05-29 03:23 294912]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 10:00 267064]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]
    "BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-02-18 15:00 290816]
    "BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2008-02-18 15:00 69632]
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-18 19:00 1836544]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2003-07-22 17:32 13312]

    C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
    Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-02-18 12:06:49 125624]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vgbxyowe]
    vgbxyowe.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=sockspy.dll

    R1 bdftdif;BitDefender Firewall TDI Filter;C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdftdif.sys [2008-02-18 14:59]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\System32\DRIVERS\bdfndisf.sys [2008-02-18 15:01]
    R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\System32\DRIVERS\sis163u.sys [2006-03-01 19:37]
    S3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51;C:\WINDOWS\System32\DRIVERS\sisnicxp.sys []
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\System32\DRIVERS\usbscan.sys [2002-08-29 01:48]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 01:32]

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-02-18 18:48:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-02-15 14:00:27 C:\WINDOWS\Tasks\Norton Security Scan.job"
    - C:\Program Files\Norton Security Scan\Nss.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-02-20 18:57:52
    Windows 5.1.2600 Service Pack 1 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-02-20 19:03:12
    ComboFix-quarantined-files.txt 2008-02-20 18:03:02
    ComboFix2.txt 2008-02-18 20:59:20

    Merci encore :) 
    a b 8 Sécurité
    20 Février 2008 19:31:36

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\Program Files\MSN\giquxaba89104.dll

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D81BA243-8839-496E-A3E0-C17266E0AFE5}]
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vgbxyowe]


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    20 Février 2008 21:50:48

    voila j'ai fait ce que tu m'a demandé

    rapport combofix :

    ComboFix 08-02-18.1 - cindy 2008-02-20 21:31:25.5 - NTFSx86
    Endroit: C:\Documents and Settings\cindy\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\cindy\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    FILE ::
    C:\Program Files\MSN\giquxaba89104.dll
    .
    The following files were disabled during the run:
    C:\WINDOWS\system32\sockspy.dll


    ((((((((((((((((((((((((((((( Fichiers créés 2008-01-20 to 2008-02-20 ))))))))))))))))))))))))))))))))))))
    .

    2008-02-19 10:28 . 2008-02-18 15:01 913,408 --a------ C:\WINDOWS\system32\xreglib.dll
    2008-02-18 22:31 . 2008-02-19 13:15 1,432 --a------ C:\DelDomains.inf
    2008-02-18 20:34 . 2008-02-20 21:38 81,984 --a------ C:\WINDOWS\system32\bdod.bin
    2008-02-18 14:41 . 2008-02-18 14:41 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Bitdefender
    2008-02-18 14:11 . 2008-02-18 15:01 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender
    2008-02-18 14:10 . 2008-02-18 14:10 <REP> d-------- C:\Program Files\Softwin
    2008-02-18 14:09 . 2008-02-18 14:10 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
    2008-02-18 14:05 . 2008-02-18 14:05 268 --ah----- C:\sqmdata19.sqm
    2008-02-18 14:05 . 2008-02-20 21:20 244 --ah----- C:\sqmnoopt19.sqm
    2008-02-18 13:58 . 2008-02-20 21:20 268 --ah----- C:\sqmdata18.sqm
    2008-02-18 13:58 . 2008-02-20 21:19 244 --ah----- C:\sqmnoopt18.sqm
    2008-02-18 13:42 . 2008-02-18 13:42 2,676 --a------ C:\WINDOWS\system32\tmp.reg
    2008-02-18 13:41 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
    2008-02-18 13:41 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
    2008-02-18 13:41 . 2008-02-16 19:46 85,504 --a------ C:\WINDOWS\system32\VACFix.exe
    2008-02-18 13:41 . 2008-02-08 10:37 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
    2008-02-18 13:41 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
    2008-02-18 13:41 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
    2008-02-18 13:39 . 2008-02-20 20:59 268 --ah----- C:\sqmdata17.sqm
    2008-02-18 13:39 . 2008-02-20 20:59 244 --ah----- C:\sqmnoopt17.sqm
    2008-02-18 13:35 . 2008-02-20 20:11 172 --ah----- C:\sqmnoopt16.sqm
    2008-02-18 13:35 . 2008-02-20 20:11 172 --ah----- C:\sqmdata16.sqm
    2008-02-18 13:29 . 2008-02-20 20:11 268 --ah----- C:\sqmdata15.sqm
    2008-02-18 13:29 . 2008-02-20 20:11 244 --ah----- C:\sqmnoopt15.sqm
    2008-02-18 13:28 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2008-02-18 12:26 . 2008-02-20 18:16 304 --ah----- C:\sqmdata14.sqm
    2008-02-18 12:26 . 2008-02-20 18:16 244 --ah----- C:\sqmnoopt14.sqm
    2008-02-18 12:06 . 2008-02-20 11:22 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
    2008-02-18 11:58 . 2008-02-20 16:38 268 --ah----- C:\sqmdata13.sqm
    2008-02-18 11:58 . 2008-02-20 16:38 244 --ah----- C:\sqmnoopt13.sqm
    2008-02-18 10:40 . 2008-02-20 16:09 172 --ah----- C:\sqmnoopt12.sqm
    2008-02-18 10:40 . 2008-02-20 16:10 172 --ah----- C:\sqmdata12.sqm
    2008-02-18 10:18 . 2008-02-20 15:56 268 --ah----- C:\sqmdata11.sqm
    2008-02-18 10:18 . 2008-02-20 15:56 244 --ah----- C:\sqmnoopt11.sqm
    2008-02-17 20:25 . 2008-02-20 10:40 268 --ah----- C:\sqmdata10.sqm
    2008-02-17 20:25 . 2008-02-20 10:40 244 --ah----- C:\sqmnoopt10.sqm
    2008-02-17 18:05 . 2008-02-19 19:08 268 --ah----- C:\sqmdata09.sqm
    2008-02-17 18:05 . 2008-02-19 19:08 244 --ah----- C:\sqmnoopt09.sqm
    2008-02-17 16:44 . 2008-02-17 16:44 <REP> d-------- C:\Program Files\Alwil Software
    2008-02-17 15:41 . 2008-02-17 15:39 691,545 --a------ C:\WINDOWS\unins000.exe
    2008-02-17 15:41 . 2008-02-17 15:41 3,465 --a------ C:\WINDOWS\unins000.dat
    2008-02-17 15:34 . 2008-02-17 17:56 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2008-02-17 15:16 . 2008-02-20 18:07 <REP> d-------- C:\Documents and Settings\cindy\Contacts
    2008-02-17 14:47 . 2008-02-17 14:47 <REP> d-------- C:\Documents and Settings\cindy\Application Data\AntivirusOrdi
    2008-02-17 14:47 . 2008-02-17 14:47 <REP> dr------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SalesMon
    2008-02-17 14:46 . 2008-02-17 14:46 191,512 --a------ C:\Documents and Settings\cindy\Application Data\install_fr[1].exe
    2008-02-17 14:46 . 2004-10-07 13:39 89,088 --a------ C:\WINDOWS\system32\atl71.dll
    2008-02-17 14:46 . 2001-03-08 18:30 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
    2008-02-17 13:20 . 2008-02-17 13:20 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconFR.ico
    2008-02-16 13:08 . 2008-02-17 17:24 <REP> d-------- C:\WINDOWS\system32\yw3
    2008-02-16 13:08 . 2008-02-17 17:23 <REP> d-------- C:\WINDOWS\system32\rp1
    2008-02-16 13:08 . 2008-02-16 13:08 <REP> d-------- C:\WINDOWS\system32\mq9
    2008-02-11 20:55 . 2008-02-11 20:55 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Apple Computer
    2008-02-11 20:54 . 2008-02-11 20:55 <REP> d-------- C:\Program Files\iTunes
    2008-02-11 20:54 . 2008-02-11 20:54 <REP> d-------- C:\Program Files\iPod
    2008-02-11 20:52 . 2008-02-11 20:53 <REP> d-------- C:\Program Files\QuickTime
    2008-02-11 20:52 . 2008-02-11 20:54 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
    2008-02-11 20:51 . 2008-02-11 20:51 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
    2008-02-10 17:17 . 2008-02-10 17:18 <REP> d-------- C:\Documents and Settings\cindy\Application Data\MSN6
    2008-02-10 17:17 . 2008-02-10 17:17 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
    2008-02-10 16:37 . 2008-02-10 16:37 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
    2008-02-10 15:11 . 2008-02-10 15:11 0 --a------ C:\WINDOWS\khooker.INI
    2008-02-10 13:21 . 2008-02-10 20:57 <REP> d-a------ C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
    2008-02-09 17:27 . 2008-02-11 18:46 <REP> d-------- C:\WINDOWS\ShellNew
    2008-02-09 13:15 . 2008-02-19 17:23 268 --ah----- C:\sqmdata08.sqm
    2008-02-09 13:15 . 2008-02-19 11:50 268 --ah----- C:\sqmdata07.sqm
    2008-02-09 13:15 . 2008-02-18 21:49 268 --ah----- C:\sqmdata05.sqm
    2008-02-09 13:15 . 2008-02-19 17:23 244 --ah----- C:\sqmnoopt08.sqm
    2008-02-09 13:15 . 2008-02-19 11:50 244 --ah----- C:\sqmnoopt07.sqm
    2008-02-09 13:15 . 2008-02-18 21:49 244 --ah----- C:\sqmnoopt05.sqm
    2008-02-09 13:15 . 2008-02-18 23:16 172 --ah----- C:\sqmnoopt06.sqm
    2008-02-09 13:15 . 2008-02-18 23:16 172 --ah----- C:\sqmdata06.sqm
    2008-02-08 19:05 . 2008-02-08 19:05 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Yahoo!
    2008-02-08 19:04 . 2008-02-08 19:04 <REP> d-------- C:\Program Files\DivX
    2008-02-08 09:17 . 2008-02-18 20:55 268 --ah----- C:\sqmdata04.sqm
    2008-02-08 09:17 . 2008-02-18 20:55 244 --ah----- C:\sqmnoopt04.sqm
    2008-02-07 11:11 . 2008-02-18 20:36 172 --ah----- C:\sqmnoopt03.sqm
    2008-02-07 11:11 . 2008-02-18 20:36 172 --ah----- C:\sqmdata03.sqm
    2008-02-06 12:37 . 2008-02-18 19:44 268 --ah----- C:\sqmdata02.sqm
    2008-02-06 12:37 . 2008-02-18 19:44 244 --ah----- C:\sqmnoopt02.sqm
    2008-02-04 22:15 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
    2008-02-04 22:15 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
    2008-02-04 22:15 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
    2008-02-04 22:15 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
    2008-02-04 14:53 . 2008-02-04 14:53 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Template
    2008-02-03 14:45 . 2008-02-03 14:45 <REP> d-------- C:\WINDOWS\Sun
    2008-02-03 14:43 . 2008-02-19 11:03 <REP> d-------- C:\Program Files\Google
    2008-02-03 14:42 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
    2008-02-03 14:41 . 2008-02-03 14:42 <REP> d-------- C:\Program Files\Java
    2008-02-03 14:40 . 2008-02-03 14:40 <REP> d-------- C:\Program Files\Fichiers communs\Java
    2008-02-03 13:52 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
    2008-02-03 13:52 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
    2008-02-03 13:52 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
    2008-02-03 13:52 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
    2008-02-03 13:52 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
    2008-02-03 13:52 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-02-18 14:01 71,040 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
    2008-02-17 14:33 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-02-15 14:00 --------- d-----w C:\Program Files\Norton Security Scan
    2008-02-11 19:51 --------- d-----w C:\Program Files\Apple Software Update
    2008-02-11 18:45 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2008-02-10 12:28 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-02-04 13:40 --------- d-----w C:\Program Files\Microsoft Works
    2008-02-02 14:22 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-02-02 13:59 --------- d-----w C:\Program Files\SiSVGA
    2008-02-01 17:36 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    2008-02-01 14:19 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2008-02-01 13:52 --------- d-----w C:\Program Files\uTorrent
    2008-01-10 19:32 --------- d-----w C:\Program Files\Macrogaming
    2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2003-07-22 16:44 1,388,544 --sh--r C:\WINDOWS\system32\msvbvm60.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Tok-Cirrhatus"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
    "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2003-07-22 17:32 13312]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-18 12:06 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57 143360]
    "SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 17:15 106496]
    "SiS Tray"="C:\WINDOWS\System32\sistray.EXE" [2003-06-26 11:35 303104]
    "SiS KHooker"="C:\WINDOWS\System32\khooker.exe" [2003-05-29 03:23 294912]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 10:00 267064]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]
    "BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-02-18 15:00 290816]
    "BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2008-02-18 15:00 69632]
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-18 19:00 1836544]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2003-07-22 17:32 13312]

    C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
    Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-02-18 12:06:49 125624]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=sockspy.dll


    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-02-18 18:48:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-02-15 14:00:27 C:\WINDOWS\Tasks\Norton Security Scan.job"
    - C:\Program Files\Norton Security Scan\Nss.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-02-20 21:39:28
    Windows 5.1.2600 Service Pack 1 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-02-20 21:44:14
    ComboFix-quarantined-files.txt 2008-02-20 20:44:05
    ComboFix2.txt 2008-02-20 19:27:26
    ComboFix3.txt 2008-02-20 18:03:14
    ComboFix4.txt 2008-02-18 20:59:20
    20 Février 2008 21:52:05

    et voila l'autre rapport :

    Logfile of HijackThis v1.99.1
    Scan saved at 21:47:44, on 20/02/2008
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\WINDOWS\System32\sistray.EXE
    C:\WINDOWS\System32\khooker.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Documents and Settings\cindy\Bureau\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
    O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKCU\..\Run: [Tok-Cirrhatus] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {B164C1FC-1BEE-A33B-E3B6-67C8F421E94B} - http://performanceoptimizer.com/files/PerformanceOptimi...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flas...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

    mon ordi n'a pas redemarré au fait...en tout cas merci encore :) 
    a b 8 Sécurité
    21 Février 2008 12:31:02

    C'est mieux ?
    21 Février 2008 15:02:23

    oui largement, j'ai plus le message au demarreg, j'ai plus les nombreuses pubs qui venaient et mon ordi va plus vite.

    C'est bon?!
    19 Février 2010 06:33:10

    josh_94 a dit :
    Je t'en prie Angeldark, prend la suite. :) 

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\Bandoo\Bandoo.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\lg_fwupdate\fwupdate.exe
    C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\documents and settings\sipmlice\local settings\application data\hxjba.exe
    C:\Program Files\Trust\Trust R-Series Mouse\KMConfig.exe
    C:\Program Files\Trust\Trust R-Series Mouse\KMProcess.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\Iexplore.exe
    C:\Program Files\Internet Explorer\Iexplore.exe
    C:\Documents and Settings\sipmlice\Bureau\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://breedband.telenet.be
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://quicknews.info/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\KesenjanganSosial.exe"
    F2 - REG:system.ini: UserInit=userinit.exe
    O1 - Hosts: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    O1 - Hosts: <html>
    O1 - Hosts: <head>
    O1 - Hosts: <title>Welcome to 20mbweb.com!</title>
    O1 - Hosts: <style type="text/css">
    O1 - Hosts: body,div,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,form,fieldset,input,textarea,p,blockquote,th,td,img,span {margin:0; padding:0;}
    O1 - Hosts: body
    O1 - Hosts: {
    O1 - Hosts: font-family:arial,helvetica,sans serif;
    O1 - Hosts: font-size:12px;
    O1 - Hosts: font-weight:normal;
    O1 - Hosts: }
    O1 - Hosts: .clear { clear:both;}
    O1 - Hosts: .buttonb {float: left;}
    O1 - Hosts: .footerlink1{font-size: 11px; color: #1637AA;}
    O1 - Hosts: .footerlink2{font-size: 11px; color: #000000;}
    O1 - Hosts: .blackbullet{margin-bottom: 3px; margin-left: 7px; margin-right: 7px;}
    O1 - Hosts: a.extralink{text-decoration: none; color: #000000;}
    O1 - Hosts: a.extralink:link{text-decoration: none; color: #000000;}
    O1 - Hosts: a.extralink:visited{text-decoration: none; color: #000000;}
    O1 - Hosts: a.extralink:hover{text-decoration: none; color: #000000;}
    O1 - Hosts: a.prodadvlink{text-decoration: none; color: #000000;font-size: 11px;font-weight: bold;}
    O1 - Hosts: a.prodadvlink:link{text-decoration: none; color: #000000;font-size: 11px;font-weight: bold;}
    O1 - Hosts: a.prodadvlink:visited{text-decoration: none; color: #000000;font-size: 11px;font-weight: bold;}
    O1 - Hosts: a.prodadvlink:hover{text-decoration: none; color: #000000;font-size: 11px;font-weight: bold;}
    O1 - Hosts: a.prodadvorlink{text-decoration: none; color: #EB4A06;font-size: 11px;font-weight: bold;}
    O1 - Hosts: a.prodadvorlink:link{text-decoration: none; color: #EB4A06;font-size: 11px;font-weight: bold;}
    O1 - Hosts: a.prodadvorlink:visited{text-decoration: none; color: #EB4A06;font-size: 11px;font-weight: bold;}
    O1 - Hosts: a.prodadvorlink:hover{text-decoration: none; color: #EB4A06;font-size: 11px;font-weight: bold;}
    O1 - Hosts: a.bluelink {color: #0000ff;}
    O1 - Hosts: a.bluelink:link {color: #0000ff;}
    O1 - Hosts: a.bluelink:visited {color: #0000ff;}
    O1 - Hosts: a.bluelink:hover {color: #0000ff;}
    O1 - Hosts: a.whitelink {color: #ffffff;}
    O1 - Hosts: a.whitelink:link {color: #ffffff;}
    O1 - Hosts: a.whitelink:visited {color: #ffffff;}
    O1 - Hosts: a.whitelink:hover {color: #ffffff;}
    O1 - Hosts: a.pricelink{text-decoration: none; color: #FF5500;}
    O1 - Hosts: a.pricelink:link{text-decoration: none; color: #FF5500;}
    O1 - Hosts: a.pricelink:visited{text-decoration: none; color: #FF5500;}
    O1 - Hosts: a.pricelink:hover{text-decoration: none; color: #FF5500;}
    O1 - Hosts: .celebbarimg {margin-right: 5px; border: 0px;}
    O1 - Hosts: .leftad { padding-top: 4px; text-align: center;overflow: hidden;}
    O1 - Hosts: .leftad1 { padding-top: 10px; text-align: center;overflow: hidden;}
    O1 - Hosts: </style>
    O1 - Hosts: <script language="javascript" type="text/javascript">
    O1 - Hosts: var agt=navigator.userAgent.toLowerCase();
    O1 - Hosts: var is_opera = (agt.indexOf("opera") != -1);
    O1 - Hosts: function ShowHelp(obj,field,hide)
    O1 - Hosts: {
    O1 - Hosts: //Get help object
    O1 - Hosts: var helpObj;
    O1 - Hosts: if (document.all){
    O1 - Hosts: helpObj = document.all[field+"_help"];}
    O1 - Hosts: else if (document.getElementById){
    O1 - Hosts: helpObj = document.getElementById(field+"_help");}
    O1 - Hosts: if (helpObj) {
    O1 - Hosts: //if help object is shown, hide it ; if object hidden, show it
    O1 - Hosts: if (hide){
    O1 - Hosts: helpObj.style.display = "none";}
    O1 - Hosts: else{
    O1 - Hosts: helpObj.style.display = "";} }
    O1 - Hosts: }
    O1 - Hosts: </script>
    O1 - Hosts: <script language="javascript" src="http://as.casalemedia.com/sd?s=95331&f=1"></script>
    O1 - Hosts: </head>
    O1 - Hosts: <body>
    O1 - Hosts: <div style="display:none;visibility:hidden;">
    O1 - Hosts: <a href="/st.aspx"><img src="http://images-pw.secureserver.net/images/061703/spc_tra..." style="border:none" height="1" width="1" alt="" /></a>
    O1 - Hosts: </div>
    O1 - Hosts: <div id="header">
    O1 - Hosts: <div><img src="http://images-pw.secureserver.net/images/gd/header.gif" border="0" usemap="#headerMap"/>
    O1 - Hosts: <map id="headerMap" name="headerMap">
    O1 - Hosts: <area shape="rect" coords="39,1,192,73" alt="GoDaddy.com" href="https://www.godaddy.com?isc=GPPGT03&ci=13109&domain=20m..."/>
    O1 - Hosts: <area shape="rect" coords="243,1, 421, 42" href="https://www.godaddy.com?isc=GPPGT03&ci=13110&domain=20m..." alt="This Web page is parked FREE, courtesy of GoDaddy.com"/>
    O1 - Hosts: <area shape="rect" coords="439,8,506,38" href="https://www.godaddy.com/gdshop/hotdeals/landing.asp?isc..." alt="SALE!"/>
    O1 - Hosts: </map>
    O1 - Hosts: </div>
    O1 - Hosts: <div id="todaysoffer">
    O1 - Hosts: <img style="position: relative; top: 1px;" src="http://images-pw.secureserver.net/images/gd/img_arrows_..." border="0" alt="GoDaddy.com"/>
    O1 - Hosts: <span style="font-weight: bold;position: relative; top: 1px;"><a class="bluelink" href="https://www.godaddy.com/gdshop/hotdeals/landing.asp?isc...">Today's offers at GoDaddy.com</a></span>
    O1 - Hosts: </div>
    O1 - Hosts: <div id="domainname">
    O1 - Hosts: <span style="font-size: 12px; color: #fff;">20mbweb.com</span>
    O1 - Hosts: </div>
    O1 - Hosts: <div id="topDomainSearch">
    O1 - Hosts: <form id="LookupForm" name="LookupForm" method="post" action="https://www.godaddy.com/gdshop/registrar/search.asp?isc...">
    O1 - Hosts: <input type="text" name="domaintocheck" maxlength="63" style="width:170px;" />
    O1 - Hosts: <select name="tld" style="height: 21px;">
    O1 - Hosts: <option value=".com">.com</option>
    O1 - Hosts: <option value=".net">.net</option>
    O1 - Hosts: <option value=".info">.info</option>
    O1 - Hosts: <option value=".org">.org</option>
    O1 - Hosts: <option value=".me">.me</option>
    O1 - Hosts: <option value=".mobi">.mobi</option>
    O1 - Hosts: <option value=".biz">.biz</option>
    O1 - Hosts: <option value=".us">.us</option>
    O1 - Hosts: <option value=".ca">.ca</option>
    O1 - Hosts: <option value=".asia">.asia</option>
    O1 - Hosts: <option value=".ws">.ws</option>
    O1 - Hosts: <option value=".tv">.tv</option>
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
    O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe KMConfig.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Bron-Spizaetus] "C:\WINDOWS\ShellNew\RakyatKelaparan.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [cdoosoft] C:\DOCUME~1\sipmlice\LOCALS~1\Temp\herss.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [QUAD Windows service] C:\Program Files\QUAD Utilities\QUAD RegistryCleaner\QUAD RegistryCleaner.exe -h
    O4 - HKCU\..\Run: [settdebugx.exe] C:\DOCUME~1\sipmlice\LOCALS~1\Temp\settdebugx.exe
    O4 - HKCU\..\Run: [Malware Defense] "C:\Program Files\Malware Defense\mdefense.exe" -noscan
    O4 - HKCU\..\Run: [hxjba] "c:\documents and settings\sipmlice\local settings\application data\hxjba.exe" hxjba
    O4 - HKCU\..\Run: [Tok-Cirrhatus-2520] "C:\Documents and Settings\sipmlice\Local Settings\Application Data\br6063on.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O24 - Desktop Component 0: (no name) - http://images.hi5.com/images/1x1_trans.gif
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS