Se connecter / S'enregistrer
Votre question

Plusieurs problèmes ( Virus, Téléchargement )

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
23 Octobre 2008 20:24:10

Bonsoir, bonsoir,
On m'a conseillé ce site pour les problèmes d'ordi.
Depuis quelques temps mon ordi lag et internet surtout .
Avast! me détecte deux virus, qu'il ne peut réparer ou mettre en quarantaine .

Nom du premier virus :sub=adw\unp200642543

Le deuxième ;
C:\WINDOWS\SYSTEM32\ZFVHMM.DLL

De plus des pubs s'affichent toutes les 2 minutes. :( 

Voila,
Merci d'avance

Autres pages sur : plusieurs problemes virus telechargement

a b 8 Sécurité
23 Octobre 2008 20:32:40

Bonjour,

Pas de lien infecté merci.

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
23 Octobre 2008 20:41:49

Désolé pour le lien infecté, involontaire :S
Voici le rapport, Merci au faite
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:37:08, on 23/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\PERRON\Local Settings\Temporary Internet Files\Content.IE5\FSHLKXFS\HiJackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {67C5CBB2-6E04-495B-838D-EF85E50B04E8} - C:\WINDOWS\system32\xxyxVPgH.dll
O2 - BHO: (no name) - {73C8A76A-56E7-466C-899B-F8DA095FC368} - C:\WINDOWS\system32\urqRJBQG.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {97DAD7C3-ECA2-4703-896F-ADB951DB5EE1} - C:\WINDOWS\system32\jkkIBRlj.dll (file missing)
O2 - BHO: {38217637-c22f-993a-05d4-d02b060e0ea9} - {9ae0e060-b20d-4d50-a399-f22c73671283} - C:\WINDOWS\system32\jsllsl.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [bait deaf idle setup] C:\Documents and Settings\All Users\Application Data\Htm Support Bait Deaf\Poll cake.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BM4b134963] Rundll32.exe "C:\WINDOWS\system32\uhgcuvrp.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [partwait] C:\DOCUME~1\PERRON\APPLIC~1\4FLAG~1\data vga curb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WiFi Station.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: jsllsl.dll
O20 - Winlogon Notify: xxyxVPgH - C:\WINDOWS\SYSTEM32\xxyxVPgH.dll
O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SecurityConsole - Unknown owner - C:\WINDOWS\AppPatch\Patches32\svchost.exe (file missing)

--
End of file - 7956 bytes
Contenus similaires
a b 8 Sécurité
23 Octobre 2008 20:53:15

Re,

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    24 Octobre 2008 17:34:46

    Re, Voila le rapport =)

    ComboFix 08-10-23.08 - PERRON 2008-10-24 17:07:01.2 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.203 [GMT 2:00]
    Lancé depuis: C:\Documents and Settings\PERRON\Bureau\ComboFix.exe

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .
    Error: Cfiles.dat

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\BM4b134963.txt
    C:\WINDOWS\BM4b134963.xml
    C:\WINDOWS\system32\ablvejgk.dll
    C:\WINDOWS\system32\ajybkkbl.dll
    C:\WINDOWS\system32\akglqh.dll
    C:\WINDOWS\system32\akxiqp.dll
    C:\WINDOWS\system32\amxnagrd.ini
    C:\WINDOWS\system32\apvnaphb.ini
    C:\WINDOWS\system32\bhpanvpa.dll
    C:\WINDOWS\system32\bhrhplos.dll
    C:\WINDOWS\system32\boastz.dll
    C:\WINDOWS\system32\buoxic.dll
    C:\WINDOWS\system32\cjwmyfoe.exe
    C:\WINDOWS\system32\cndixhdx.dll
    C:\WINDOWS\system32\cvoqtk.dll
    C:\WINDOWS\system32\dfubguhq.ini
    C:\WINDOWS\system32\dhjvjsoi.ini
    C:\WINDOWS\system32\dnofte.dll
    C:\WINDOWS\system32\enygivsw.ini
    C:\WINDOWS\system32\fpdlluml.dll
    C:\WINDOWS\system32\gdmlfxbp.ini
    C:\WINDOWS\system32\GQBJRqru.ini
    C:\WINDOWS\system32\GQBJRqru.ini2
    C:\WINDOWS\system32\hqgkjurf.ini
    C:\WINDOWS\system32\iffzxw.dll
    C:\WINDOWS\system32\iixudvks.ini
    C:\WINDOWS\system32\iosjvjhd.dll
    C:\WINDOWS\system32\jdjdskwq.exe
    C:\WINDOWS\system32\jlbcpfno.dll
    C:\WINDOWS\system32\jldhsfbh.dll
    C:\WINDOWS\system32\jlRBIkkj.ini
    C:\WINDOWS\system32\jlRBIkkj.ini2
    C:\WINDOWS\system32\jsllsl.dll
    C:\WINDOWS\system32\kgjevlba.ini
    C:\WINDOWS\system32\lczcst.dll
    C:\WINDOWS\system32\lpljtvud.exe
    C:\WINDOWS\system32\mpsmibvp.dll
    C:\WINDOWS\system32\myarrmar.ini
    C:\WINDOWS\system32\nnkomk.dll
    C:\WINDOWS\system32\nozcdn.dll
    C:\WINDOWS\system32\nwjdqglj.ini
    C:\WINDOWS\system32\odwoernp.dll
    C:\WINDOWS\system32\oeadkotq.dll
    C:\WINDOWS\system32\orwcnyga.exe
    C:\WINDOWS\system32\pjsvcwdm.dll
    C:\WINDOWS\system32\poobetjk.ini
    C:\WINDOWS\system32\puednwdv.dll
    C:\WINDOWS\system32\pvhqmjmk.exe
    C:\WINDOWS\system32\qeykylqs.exe
    C:\WINDOWS\system32\qfvbjj.dll
    C:\WINDOWS\system32\qpfxotgu.dll
    C:\WINDOWS\system32\qrjvmser.dll
    C:\WINDOWS\system32\rliepliq.ini
    C:\WINDOWS\system32\rpghgeox.dll
    C:\WINDOWS\system32\rwejri.dll
    C:\WINDOWS\system32\sbknwrqm.dll
    C:\WINDOWS\system32\skvduxii.dll
    C:\WINDOWS\system32\spehdjol.exe
    C:\WINDOWS\system32\supghbca.ini
    C:\WINDOWS\system32\tscwkhbx.exe
    C:\WINDOWS\system32\tuvTnNEW.dll
    C:\WINDOWS\system32\ubhgyrho.dll
    C:\WINDOWS\system32\ufafthfs.dll
    C:\WINDOWS\system32\ugrref.dll
    C:\WINDOWS\system32\ugtoxfpq.ini
    C:\WINDOWS\system32\uhqdkcgj.ini
    C:\WINDOWS\system32\urqRJBQG.dll
    C:\WINDOWS\system32\usawadvv.ini
    C:\WINDOWS\system32\uvkhlgol.dll
    C:\WINDOWS\system32\vmcnvaoh.ini
    C:\WINDOWS\system32\vvdawasu.dll
    C:\WINDOWS\system32\woaajj.dll
    C:\WINDOWS\system32\wwalaodm.dll
    C:\WINDOWS\system32\ybtsyx.dll
    C:\WINDOWS\system32\ywxymfpo.dll
    C:\WINDOWS\system32\zfvhmm.dll
    C:\WINDOWS\system32\zpqijt.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-24 au 2008-10-24 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-22 11:41 . 2008-10-22 11:41 <REP> d-------- C:\Program Files\4 flag
    2008-10-19 10:56 . 2008-10-24 16:25 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-10-19 10:56 . 2008-10-19 10:56 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-10-11 17:09 . 2008-10-11 17:09 <REP> d-------- C:\Program Files\DK
    2008-10-11 12:29 . 2008-10-19 19:39 0 --a------ C:\WINDOWS\system32\mcrh.tmp
    2008-10-05 12:24 . 2008-10-05 12:24 <REP> d-------- C:\Language
    2008-10-05 12:24 . 2001-03-19 15:25 722,192 --a------ C:\WINDOWS\system32\VB40032.DLL
    2008-10-05 12:24 . 2001-03-19 15:25 203,576 --a------ C:\WINDOWS\system32\RICHTX32.OCX
    2008-10-05 12:24 . 2001-03-19 15:25 200,704 --a------ C:\WINDOWS\system32\THREED32.OCX
    2008-10-05 12:24 . 2003-01-27 20:48 174,592 --a------ C:\WINDOWS\setup132.exe
    2008-10-05 12:24 . 2001-03-19 15:25 61,952 --a------ C:\WINDOWS\ST4UNST.EXE
    2008-10-05 12:24 . 2001-03-19 15:25 35,136 --a------ C:\WINDOWS\system32\VB4FR32.DLL
    2008-10-05 12:24 . 2008-10-05 12:24 8,192 --a------ C:\WINDOWS\system32\dmfafr52.ocy
    2008-10-05 12:23 . 2008-10-05 13:03 4,096 --a------ C:\WINDOWS\system32\dmfafr52.dly
    2008-10-04 11:22 . 2008-10-04 11:24 <REP> d-------- C:\Program Files\QuickTime
    2008-10-02 21:17 . 2008-10-22 20:04 22 --a------ C:\WINDOWS\pskt.ini

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-22 09:46 --------- d-----w C:\Documents and Settings\PERRON\Application Data\4 flag
    2008-10-22 09:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Htm Support Bait Deaf
    2008-10-11 15:07 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2008-10-10 16:55 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-10-05 15:53 --------- d-----w C:\Program Files\Java
    2008-10-05 15:52 --------- d-----w C:\Program Files\Steam
    2008-10-05 14:53 --------- d-----w C:\Program Files\eMule
    2008-10-05 14:52 --------- d-----w C:\Program Files\Dofus
    2008-09-20 08:02 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-09-20 08:02 --------- d-----w C:\Program Files\Circle Developement
    2008-09-01 17:10 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll
    2008-09-01 17:10 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll
    2008-09-01 17:10 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll
    2008-09-01 17:08 --------- d-----w C:\Program Files\Infogrames
    2008-08-31 17:27 --------- d-----w C:\Program Files\Wanadoo
    2008-08-31 17:15 --------- d-----w C:\Program Files\SAGEM
    2008-08-27 10:28 --------- d-----w C:\Program Files\BWorks
    2008-08-27 09:41 --------- d-----w C:\Program Files\CyberLink
    2008-08-27 09:39 --------- d-----w C:\Program Files\Fichiers communs\Real
    2008-08-27 09:34 --------- d-----w C:\Documents and Settings\PERRON\Application Data\mIRC
    2008-08-27 09:33 --------- d-----w C:\Program Files\DivX
    2008-08-27 09:32 --------- d-----w C:\Program Files\Lavasoft
    2005-05-13 16:12 217,073 --sha-r C:\WINDOWS\meta4.exe
    2005-10-24 10:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe
    2005-10-13 20:27 422,400 --sha-r C:\WINDOWS\x2.64.exe
    2005-10-07 18:14 308,224 --sha-r C:\WINDOWS\system32\avisynth.dll
    2005-07-14 11:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
    2005-06-26 14:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
    2005-06-21 21:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
    2004-01-24 23:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
    2006-04-27 09:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
    2005-02-28 12:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2005-11-15 1204224]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
    "partwait"="C:\DOCUME~1\PERRON\APPLIC~1\4FLAG~1\data vga curb.exe" [2008-10-22 561152]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"="Alaunch" [X]
    "ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
    "eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 397312]
    "MessagerStarter Wanadoo"="C:\PROGRA~1\MESSAG~1\StartMessager.exe" [2003-04-11 32768]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-10-04 282624]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 83608]
    "bait deaf idle setup"="C:\Documents and Settings\All Users\Application Data\Htm Support Bait Deaf\Poll cake.exe" [2008-10-24 6323200]
    "VTTimer"="VTTimer.exe" [2005-05-13 C:\WINDOWS\system32\VTTimer.exe]
    "VTTrayp"="VTtrayp.exe" [2005-05-13 C:\WINDOWS\system32\VTTrayp.exe]
    "SoundMan"="SOUNDMAN.EXE" [2004-02-26 C:\WINDOWS\SOUNDMAN.EXE]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]
    "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
    WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe [2007-07-09 650240]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=jsllsl.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.MJPG"= pvmjpg21.dll

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Program Files\\Steam\\SteamApps\\asmfcl\\counter-strike source\\hl2.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\COKTEL\\ADI5\\TTS\\SpeechCube.exe"=

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
    R2 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 69632]
    S2 SecurityConsole;SecurityConsole;C:\WINDOWS\AppPatch\Patches32\svchost.exe [ ]
    S3 Camdrv30;Philips ToUcam XS;C:\WINDOWS\system32\Drivers\camdrv30.sys [2001-08-17 171264]

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
    rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserRemove
    .
    Contenu du dossier 'Tâches planifiées'

    2008-10-24 C:\WINDOWS\Tasks\AE1DA1CC918E52A0.job
    - c:\docume~1\perron\applic~1\4flag~1\eggsblahbias.exe [2008-10-22 11:46]

    2008-10-24 C:\WINDOWS\Tasks\MP Scheduled Scan.job
    - C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    BHO-{67C5CBB2-6E04-495B-838D-EF85E50B04E8} - C:\WINDOWS\system32\xxyxVPgH.dll
    BHO-{97DAD7C3-ECA2-4703-896F-ADB951DB5EE1} - C:\WINDOWS\system32\jkkIBRlj.dll
    BHO-{9ae0e060-b20d-4d50-a399-f22c73671283} - C:\WINDOWS\system32\jsllsl.dll
    BHO-{D6A32044-229E-4B79-8D73-6B0787E63952} - C:\WINDOWS\system32\urqRJBQG.dll
    HKCU-Run-OM_Monitor - C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
    HKCU-Run-WOOKIT - C:\PROGRA~1\Wanadoo\Shell.exe
    HKLM-Run-BM4b134963 - C:\WINDOWS\system32\uhgcuvrp.dll
    HKLM-Run-Cmaudio - cmicnfg.cpl
    ShellExecuteHooks-{67C5CBB2-6E04-495B-838D-EF85E50B04E8} - C:\WINDOWS\system32\xxyxVPgH.dll
    Notify-xxyxVPgH - xxyxVPgH.dll


    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - C:\Documents and Settings\PERRON\Application Data\Mozilla\Firefox\Profiles\zyfer3e8.default\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://de.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:D e:o fficial
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-24 17:13:26
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...


    **************************************************************************
    .
    ------------------------ Autres processus actifs ------------------------
    .
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\MICROS~4\rapimgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    .
    **************************************************************************
    .
    Heure de fin: 2008-10-24 17:21:10 - La machine a redémarré [PERRON]
    ComboFix-quarantined-files.txt 2008-10-24 15:20:00
    ComboFix2.txt 2008-01-17 19:42:25

    Avant-CF: 57,641,119,744 octets libres
    Après-CF: 57,963,253,760 octets libres

    243 --- E O F --- 2008-09-26 17:13:43
    a b 8 Sécurité
    24 Octobre 2008 17:45:12

    Re,

    Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de LopS&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré (C:\lopR.txt*)
    24 Octobre 2008 17:51:18

    RE,
    --------------------\\ Lop S&D 4.2.4-7 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3100+ )
    BIOS : Award Modular BIOS v6.00PG
    USER : PERRON ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1227 [VPS 081024-0] 4.8.1227 (Activated)
    C:\ (Local Disk) - NTFS - Total : 72 Go Free : 53 Go
    D:\ (Local Disk) - FAT32 - Total : 72 Go Free : 72 Go
    E:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    "C:\Lop SD" ( MAJ : 23-10-2008|23:15 )
    Option : [1] ( 24/10/2008|17:47 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [30/12/2005|10:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [30/12/2005|10:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [07/12/2005|07:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

    [30/12/2005|10:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [14/05/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [17/01/2008|22:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [28/07/2006|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [29/07/2006|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eConsole
    [11/04/2008|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [18/07/2007|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [22/10/2008|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf
    [21/07/2008|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [18/03/2007|14:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [21/07/2008|09:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [06/07/2007|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [18/01/2008|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy
    [04/10/2006|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
    [09/02/2007|10:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SkillJam
    [17/01/2008|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [29/07/2006|12:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [11/06/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [29/07/2006|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [28/02/2008|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [08/06/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [30/12/2005|10:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [30/12/2005|10:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [07/12/2005|07:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [25/08/2008|11:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
    [31/07/2006|10:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [30/05/2007|15:29] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [22/10/2008|11:46] C:\DOCUME~1\PERRON\APPLIC~1\4 flag
    [22/07/2008|13:46] C:\DOCUME~1\PERRON\APPLIC~1\Adobe
    [30/07/2006|13:02] C:\DOCUME~1\PERRON\APPLIC~1\AdobeUM
    [22/01/2007|19:24] C:\DOCUME~1\PERRON\APPLIC~1\Apple Computer
    [27/12/2006|00:15] C:\DOCUME~1\PERRON\APPLIC~1\AVSMedia
    [30/07/2006|13:03] C:\DOCUME~1\PERRON\APPLIC~1\CyberLink
    [20/11/2007|20:09] C:\DOCUME~1\PERRON\APPLIC~1\dvdcss
    [01/08/2006|10:52] C:\DOCUME~1\PERRON\APPLIC~1\Google
    [04/03/2007|17:18] C:\DOCUME~1\PERRON\APPLIC~1\Help
    [08/06/2008|15:42] C:\DOCUME~1\PERRON\APPLIC~1\Identities
    [09/07/2007|15:50] C:\DOCUME~1\PERRON\APPLIC~1\InstallShield
    [07/08/2006|22:47] C:\DOCUME~1\PERRON\APPLIC~1\Kazaa Lite
    [21/07/2008|09:40] C:\DOCUME~1\PERRON\APPLIC~1\Lavasoft
    [28/07/2006|19:50] C:\DOCUME~1\PERRON\APPLIC~1\Macromedia
    [05/10/2008|17:52] C:\DOCUME~1\PERRON\APPLIC~1\Microsoft
    [04/10/2006|18:56] C:\DOCUME~1\PERRON\APPLIC~1\Microsoft Web Folders
    [27/08/2008|11:34] C:\DOCUME~1\PERRON\APPLIC~1\mIRC
    [04/10/2006|20:05] C:\DOCUME~1\PERRON\APPLIC~1\Mozilla
    [06/07/2007|10:36] C:\DOCUME~1\PERRON\APPLIC~1\MSN6
    [28/07/2006|19:37] C:\DOCUME~1\PERRON\APPLIC~1\MSNInstaller
    [22/01/2007|20:16] C:\DOCUME~1\PERRON\APPLIC~1\OLYMPUS
    [27/08/2008|11:39] C:\DOCUME~1\PERRON\APPLIC~1\Real
    [09/05/2007|17:07] C:\DOCUME~1\PERRON\APPLIC~1\Screenshot Sender
    [28/07/2006|19:56] C:\DOCUME~1\PERRON\APPLIC~1\Sun
    [28/07/2006|18:34] C:\DOCUME~1\PERRON\APPLIC~1\Symantec
    [25/11/2007|17:38] C:\DOCUME~1\PERRON\APPLIC~1\teamspeak2
    [01/08/2006|19:33] C:\DOCUME~1\PERRON\APPLIC~1\vlc
    [03/02/2008|20:06] C:\DOCUME~1\PERRON\APPLIC~1\WinRAR
    [28/07/2006|19:57] C:\DOCUME~1\PERRON\APPLIC~1\yoclient
    [08/06/2008|15:42] C:\DOCUME~1\PERRON\APPLIC~1\Zylom

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [24/10/2008 17:00][--ah-----] C:\WINDOWS\tasks\AE1DA1CC918E52A0.job
    [24/10/2008 17:15][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
    [24/10/2008 17:12][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 07:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ( AE1DA1CC918E52A0.job )=( c:\docume~1\perron\applic~1\4flag~1\eggsblahbias.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [22/10/2008|11:41] C:\Program Files\4 flag
    [29/07/2006|11:40] C:\Program Files\Acer
    [30/12/2005|10:53] C:\Program Files\Adobe
    [01/08/2006|19:06] C:\Program Files\Alwil Software
    [24/07/2008|11:42] C:\Program Files\Antipub
    [27/12/2006|01:00] C:\Program Files\AviSynth 2.5
    [27/08/2008|12:28] C:\Program Files\BWorks
    [20/09/2008|10:02] C:\Program Files\Circle Developement
    [17/09/2006|19:24] C:\Program Files\ComPlus Applications
    [04/10/2006|19:10] C:\Program Files\Cryo
    [07/08/2007|19:06] C:\Program Files\Cyanide
    [27/08/2008|11:41] C:\Program Files\CyberLink
    [04/10/2006|19:55] C:\Program Files\directx
    [27/08/2008|11:33] C:\Program Files\DivX
    [11/10/2008|17:09] C:\Program Files\DK
    [05/10/2008|16:52] C:\Program Files\Dofus
    [26/09/2007|13:31] C:\Program Files\Dupuis
    [24/01/2007|13:02] C:\Program Files\EA Games
    [05/10/2008|16:53] C:\Program Files\eMule
    [24/10/2008|17:08] C:\Program Files\Fichiers communs
    [12/06/2007|19:51] C:\Program Files\Gamenext
    [11/04/2008|21:15] C:\Program Files\Google
    [18/07/2007|12:39] C:\Program Files\Grisoft
    [29/04/2007|20:31] C:\Program Files\Heart Of Darkness Mini-Jeu
    [09/07/2007|14:51] C:\Program Files\Hercules
    [01/09/2008|19:08] C:\Program Files\Infogrames
    [10/10/2008|18:55] C:\Program Files\InstallShield Installation Information
    [15/08/2008|01:01] C:\Program Files\Internet Explorer
    [22/04/2007|12:49] C:\Program Files\IZArc
    [05/10/2008|17:53] C:\Program Files\Java
    [27/08/2008|11:32] C:\Program Files\Lavasoft
    [19/07/2007|15:09] C:\Program Files\Messager Wanadoo
    [20/09/2008|10:02] C:\Program Files\Messenger Plus! Live
    [16/03/2007|19:33] C:\Program Files\MessengerPlus! 3
    [01/10/2007|10:51] C:\Program Files\Microsoft ActiveSync
    [30/09/2007|14:25] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [04/10/2006|18:59] C:\Program Files\microsoft frontpage
    [30/04/2007|13:27] C:\Program Files\Microsoft FrontPage Express
    [16/08/2006|20:33] C:\Program Files\Microsoft Games
    [25/12/2006|11:37] C:\Program Files\Microsoft Office
    [19/08/2008|18:59] C:\Program Files\Microsoft Silverlight
    [30/12/2005|10:54] C:\Program Files\Movie Maker
    [30/12/2005|10:54] C:\Program Files\MSN Gaming Zone
    [15/08/2007|22:29] C:\Program Files\MSXML 4.0
    [24/01/2007|22:17] C:\Program Files\NeoDivx Suite
    [30/12/2005|10:54] C:\Program Files\NetMeeting
    [28/07/2006|18:25] C:\Program Files\NewTech Infosystems
    [13/06/2007|21:10] C:\Program Files\Outlook Express
    [15/12/2006|23:37] C:\Program Files\Oxilog
    [16/07/2007|15:36] C:\Program Files\Project64 1.6
    [04/10/2008|11:24] C:\Program Files\QuickTime
    [29/07/2006|15:34] C:\Program Files\Real
    [25/01/2007|00:17] C:\Program Files\Ripp-it_AM
    [31/08/2008|19:15] C:\Program Files\SAGEM
    [15/01/2008|20:29] C:\Program Files\Samsung
    [09/07/2007|12:40] C:\Program Files\Securitoo
    [12/04/2007|16:59] C:\Program Files\Sega
    [29/02/2008|18:57] C:\Program Files\Services en ligne
    [15/08/2006|18:12] C:\Program Files\SigmaTel
    [04/10/2006|19:00] C:\Program Files\Snapshot Viewer
    [17/01/2008|22:40] C:\Program Files\Spybot - Search & Destroy
    [05/10/2008|17:52] C:\Program Files\Steam
    [12/06/2008|17:31] C:\Program Files\Teamspeak2_RC2
    [04/10/2006|19:31] C:\Program Files\The Adventure Company
    [04/10/2006|19:53] C:\Program Files\Ubi Soft
    [24/02/2008|16:17] C:\Program Files\Ubisoft
    [11/08/2007|11:48] C:\Program Files\Ultimate Stunts
    [07/12/2005|06:53] C:\Program Files\Uninstall Information
    [01/08/2006|19:23] C:\Program Files\VideoLAN
    [31/08/2008|19:27] C:\Program Files\Wanadoo
    [24/01/2007|22:17] C:\Program Files\WinASPI
    [19/07/2007|15:13] C:\Program Files\Windows Defender
    [02/04/2007|22:16] C:\Program Files\Windows Journal Viewer
    [28/02/2008|18:00] C:\Program Files\Windows Live
    [29/02/2008|16:16] C:\Program Files\Windows Media Components
    [08/12/2006|20:02] C:\Program Files\Windows Media Connect 2
    [19/07/2007|15:13] C:\Program Files\Windows Media Player
    [20/09/2006|21:33] C:\Program Files\Windows NT
    [26/03/2007|17:14] C:\Program Files\WindowsUpdate
    [04/02/2008|16:31] C:\Program Files\WinRAR
    [30/12/2005|10:54] C:\Program Files\xerox
    [15/01/2008|21:38] C:\Program Files\Yahoo!
    [03/07/2008|09:05] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [30/12/2005|10:53] C:\Program Files\Fichiers communs\Adobe
    [04/10/2006|20:05] C:\Program Files\Fichiers communs\AOL
    [28/07/2006|18:25] C:\Program Files\Fichiers communs\ArcSoft
    [11/04/2008|20:23] C:\Program Files\Fichiers communs\AVSMedia
    [04/10/2006|18:57] C:\Program Files\Fichiers communs\Designer
    [11/10/2008|17:07] C:\Program Files\Fichiers communs\InstallShield
    [07/12/2005|07:12] C:\Program Files\Fichiers communs\Java
    [28/02/2008|18:01] C:\Program Files\Fichiers communs\Microsoft Shared
    [30/12/2005|10:53] C:\Program Files\Fichiers communs\MSSoap
    [07/12/2005|07:06] C:\Program Files\Fichiers communs\muvee Technologies
    [07/12/2005|07:06] C:\Program Files\Fichiers communs\NewTech Infosystems
    [17/09/2006|19:24] C:\Program Files\Fichiers communs\ODBC
    [27/08/2008|11:39] C:\Program Files\Fichiers communs\Real
    [30/12/2005|10:54] C:\Program Files\Fichiers communs\Services
    [30/12/2005|10:54] C:\Program Files\Fichiers communs\SpeechEngines
    [22/08/2008|18:01] C:\Program Files\Fichiers communs\Symantec Shared
    [13/06/2007|21:10] C:\Program Files\Fichiers communs\System
    [28/02/2008|18:01] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 41 Processes )

    IEXPLORE.EXE ~ [PID:2240]
    IEXPLORE.EXE ~ [PID:2604]
    IEXPLORE.EXE ~ [PID:3300]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf\Poll cake.exe
    C:\DOCUME~1\PERRON\APPLIC~1\4flag~1
    C:\DOCUME~1\PERRON\APPLIC~1\4flag~1\data vga curb.exe
    C:\DOCUME~1\PERRON\APPLIC~1\4flag~1\ebdktioi.exe
    C:\DOCUME~1\PERRON\APPLIC~1\4flag~1\eggsblahbias.exe
    C:\DOCUME~1\PERRON\APPLIC~1\4flag~1\LIES ONLINE MOVE STYLE.exe
    C:\DOCUME~1\PERRON\APPLIC~1\4flag~1\srcfbxdh.exe
    C:\DOCUME~1\PERRON\APPLIC~1\4flag~1\vencxvyd.exe
    C:\DOCUME~1\PERRON\APPLIC~1\4flag~1\vewxnhnu.exe
    C:\Program Files\4flag~1
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\DOCUME~1\PERRON\Cookies\perron@advertising[1].txt
    C:\DOCUME~1\PERRON\Cookies\perron@adin.bigpoint[1].txt
    C:\DOCUME~1\PERRON\Cookies\perron@bigpoint[1].txt
    C:\DOCUME~1\PERRON\Cookies\perron@fr.seafight.bigpoint[2].txt
    C:\DOCUME~1\PERRON\Cookies\perron@banner.casinoking[2].txt
    C:\DOCUME~1\PERRON\Cookies\perron@casinoking[1].txt
    C:\DOCUME~1\PERRON\Cookies\perron@adopt.euroclick[2].txt
    C:\DOCUME~1\PERRON\Cookies\perron@fr.seafight.bigpoint[2].txt
    C:\WINDOWS\Tasks\AE1DA1CC918E52A0.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "partwait"="C:\\DOCUME~1\\PERRON\\APPLIC~1\\4FLAG~1\\data vga curb.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "bait deaf idle setup"="C:\\Documents and Settings\\All Users\\Application Data\\Htm Support Bait Deaf\\Poll cake.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-24 17:48:08
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 252

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\PERRON\Mes documents\Autres\Crack
    C:\DOCUME~1\PERRON\Mes documents\Autres\Key Avs Video Converter v4.3.1.371 Incl Crack 100 % Info.txt
    C:\DOCUME~1\PERRON\Mes documents\Autres\Crack\AVS.Video.Converter.v4.3.1.371-RES-crk
    C:\DOCUME~1\PERRON\Mes documents\Autres\Crack\AVS.Video.Converter.v4.3.1.371-RES-crk.rar
    C:\DOCUME~1\PERRON\Mes documents\Autres\Crack\AVS.Video.Converter.v4.3.1.371-RES-crk\AVSVideoConverter4.exe
    C:\DOCUME~1\PERRON\Mes documents\Autres\Crack\AVS.Video.Converter.v4.3.1.371-RES-crk\CaptureWizard.exe
    C:\DOCUME~1\PERRON\Mes documents\Autres\Crack\AVS.Video.Converter.v4.3.1.371-RES-crk\licence.reg
    C:\DOCUME~1\PERRON\Mes documents\Autres\Crack\AVS.Video.Converter.v4.3.1.371-RES-crk\RESURRECTiON.nfo


    [F:3][D:0]-> C:\DOCUME~1\PERRON\LOCALS~1\Temp
    [F:53][D:0]-> C:\DOCUME~1\PERRON\Cookies
    [F:325][D:4]-> C:\DOCUME~1\PERRON\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 24/10/2008|17:50 - Option : [1]

    --------------------\\ Fin du rapport a 17:50:23
    a b 8 Sécurité
    24 Octobre 2008 17:53:04

    Re,

    Supprime tes cracks.

    Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
    Un rapport sera généré, poste son contenu ici.
    24 Octobre 2008 18:01:44

    Re,

    --------------------\\ Lop S&D 4.2.4-7 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3100+ )
    BIOS : Award Modular BIOS v6.00PG
    USER : PERRON ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1227 [VPS 081024-0] 4.8.1227 (Activated)
    C:\ (Local Disk) - NTFS - Total : 72 Go Free : 53 Go
    D:\ (Local Disk) - FAT32 - Total : 72 Go Free : 72 Go
    E:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    "C:\Lop SD" ( MAJ : 23-10-2008|23:15 )
    Option : [2] ( 24/10/2008|17:58 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf\Poll cake.exe
    Supprime! - C:\DOCUME~1\PERRON\APPLIC~1\4flag~1\data vga curb.exe
    Supprime! - C:\DOCUME~1\PERRON\APPLIC~1\4flag~1\ebdktioi.exe
    Supprime! - C:\DOCUME~1\PERRON\APPLIC~1\4flag~1\eggsblahbias.exe
    Supprime! - C:\DOCUME~1\PERRON\APPLIC~1\4flag~1\LIES ONLINE MOVE STYLE.exe
    Supprime! - C:\DOCUME~1\PERRON\APPLIC~1\4flag~1\srcfbxdh.exe
    Supprime! - C:\DOCUME~1\PERRON\APPLIC~1\4flag~1\vencxvyd.exe
    Supprime! - C:\DOCUME~1\PERRON\APPLIC~1\4flag~1\vewxnhnu.exe
    Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprime! - C:\DOCUME~1\PERRON\Cookies\perron@advertising[1].txt
    Supprime! - C:\DOCUME~1\PERRON\Cookies\perron@adin.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\PERRON\Cookies\perron@bigpoint[1].txt
    Supprime! - C:\DOCUME~1\PERRON\Cookies\perron@fr.seafight.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\PERRON\Cookies\perron@banner.casinoking[2].txt
    Supprime! - C:\DOCUME~1\PERRON\Cookies\perron@casinoking[1].txt
    Supprime! - C:\DOCUME~1\PERRON\Cookies\perron@adopt.euroclick[2].txt
    Supprime! - C:\WINDOWS\Tasks\AE1DA1CC918E52A0.job
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf
    Supprime! - C:\DOCUME~1\PERRON\APPLIC~1\4flag~1
    Supprime! - C:\Program Files\4flag~1
    Supprime! - C:\Program Files\Circle Developement

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [30/12/2005|10:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [30/12/2005|10:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [07/12/2005|07:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

    [30/12/2005|10:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [14/05/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [17/01/2008|22:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [28/07/2006|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [29/07/2006|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eConsole
    [11/04/2008|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [18/07/2007|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [21/07/2008|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [18/03/2007|14:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [21/07/2008|09:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [06/07/2007|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [18/01/2008|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy
    [04/10/2006|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
    [09/02/2007|10:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SkillJam
    [17/01/2008|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [29/07/2006|12:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [11/06/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [29/07/2006|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [28/02/2008|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [08/06/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [30/12/2005|10:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [30/12/2005|10:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [07/12/2005|07:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [25/08/2008|11:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
    [31/07/2006|10:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [30/05/2007|15:29] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [22/07/2008|13:46] C:\DOCUME~1\PERRON\APPLIC~1\Adobe
    [30/07/2006|13:02] C:\DOCUME~1\PERRON\APPLIC~1\AdobeUM
    [22/01/2007|19:24] C:\DOCUME~1\PERRON\APPLIC~1\Apple Computer
    [27/12/2006|00:15] C:\DOCUME~1\PERRON\APPLIC~1\AVSMedia
    [30/07/2006|13:03] C:\DOCUME~1\PERRON\APPLIC~1\CyberLink
    [20/11/2007|20:09] C:\DOCUME~1\PERRON\APPLIC~1\dvdcss
    [01/08/2006|10:52] C:\DOCUME~1\PERRON\APPLIC~1\Google
    [04/03/2007|17:18] C:\DOCUME~1\PERRON\APPLIC~1\Help
    [08/06/2008|15:42] C:\DOCUME~1\PERRON\APPLIC~1\Identities
    [09/07/2007|15:50] C:\DOCUME~1\PERRON\APPLIC~1\InstallShield
    [07/08/2006|22:47] C:\DOCUME~1\PERRON\APPLIC~1\Kazaa Lite
    [21/07/2008|09:40] C:\DOCUME~1\PERRON\APPLIC~1\Lavasoft
    [28/07/2006|19:50] C:\DOCUME~1\PERRON\APPLIC~1\Macromedia
    [05/10/2008|17:52] C:\DOCUME~1\PERRON\APPLIC~1\Microsoft
    [04/10/2006|18:56] C:\DOCUME~1\PERRON\APPLIC~1\Microsoft Web Folders
    [27/08/2008|11:34] C:\DOCUME~1\PERRON\APPLIC~1\mIRC
    [04/10/2006|20:05] C:\DOCUME~1\PERRON\APPLIC~1\Mozilla
    [06/07/2007|10:36] C:\DOCUME~1\PERRON\APPLIC~1\MSN6
    [28/07/2006|19:37] C:\DOCUME~1\PERRON\APPLIC~1\MSNInstaller
    [22/01/2007|20:16] C:\DOCUME~1\PERRON\APPLIC~1\OLYMPUS
    [27/08/2008|11:39] C:\DOCUME~1\PERRON\APPLIC~1\Real
    [09/05/2007|17:07] C:\DOCUME~1\PERRON\APPLIC~1\Screenshot Sender
    [28/07/2006|19:56] C:\DOCUME~1\PERRON\APPLIC~1\Sun
    [28/07/2006|18:34] C:\DOCUME~1\PERRON\APPLIC~1\Symantec
    [25/11/2007|17:38] C:\DOCUME~1\PERRON\APPLIC~1\teamspeak2
    [01/08/2006|19:33] C:\DOCUME~1\PERRON\APPLIC~1\vlc
    [03/02/2008|20:06] C:\DOCUME~1\PERRON\APPLIC~1\WinRAR
    [28/07/2006|19:57] C:\DOCUME~1\PERRON\APPLIC~1\yoclient
    [08/06/2008|15:42] C:\DOCUME~1\PERRON\APPLIC~1\Zylom

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [24/10/2008 17:15][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
    [24/10/2008 17:12][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 07:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [29/07/2006|11:40] C:\Program Files\Acer
    [30/12/2005|10:53] C:\Program Files\Adobe
    [01/08/2006|19:06] C:\Program Files\Alwil Software
    [24/07/2008|11:42] C:\Program Files\Antipub
    [27/12/2006|01:00] C:\Program Files\AviSynth 2.5
    [27/08/2008|12:28] C:\Program Files\BWorks
    [17/09/2006|19:24] C:\Program Files\ComPlus Applications
    [04/10/2006|19:10] C:\Program Files\Cryo
    [07/08/2007|19:06] C:\Program Files\Cyanide
    [27/08/2008|11:41] C:\Program Files\CyberLink
    [04/10/2006|19:55] C:\Program Files\directx
    [27/08/2008|11:33] C:\Program Files\DivX
    [11/10/2008|17:09] C:\Program Files\DK
    [05/10/2008|16:52] C:\Program Files\Dofus
    [26/09/2007|13:31] C:\Program Files\Dupuis
    [24/01/2007|13:02] C:\Program Files\EA Games
    [05/10/2008|16:53] C:\Program Files\eMule
    [24/10/2008|17:08] C:\Program Files\Fichiers communs
    [12/06/2007|19:51] C:\Program Files\Gamenext
    [11/04/2008|21:15] C:\Program Files\Google
    [18/07/2007|12:39] C:\Program Files\Grisoft
    [29/04/2007|20:31] C:\Program Files\Heart Of Darkness Mini-Jeu
    [09/07/2007|14:51] C:\Program Files\Hercules
    [01/09/2008|19:08] C:\Program Files\Infogrames
    [10/10/2008|18:55] C:\Program Files\InstallShield Installation Information
    [15/08/2008|01:01] C:\Program Files\Internet Explorer
    [22/04/2007|12:49] C:\Program Files\IZArc
    [05/10/2008|17:53] C:\Program Files\Java
    [27/08/2008|11:32] C:\Program Files\Lavasoft
    [19/07/2007|15:09] C:\Program Files\Messager Wanadoo
    [20/09/2008|10:02] C:\Program Files\Messenger Plus! Live
    [16/03/2007|19:33] C:\Program Files\MessengerPlus! 3
    [01/10/2007|10:51] C:\Program Files\Microsoft ActiveSync
    [30/09/2007|14:25] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [04/10/2006|18:59] C:\Program Files\microsoft frontpage
    [30/04/2007|13:27] C:\Program Files\Microsoft FrontPage Express
    [16/08/2006|20:33] C:\Program Files\Microsoft Games
    [25/12/2006|11:37] C:\Program Files\Microsoft Office
    [19/08/2008|18:59] C:\Program Files\Microsoft Silverlight
    [30/12/2005|10:54] C:\Program Files\Movie Maker
    [30/12/2005|10:54] C:\Program Files\MSN Gaming Zone
    [15/08/2007|22:29] C:\Program Files\MSXML 4.0
    [24/01/2007|22:17] C:\Program Files\NeoDivx Suite
    [30/12/2005|10:54] C:\Program Files\NetMeeting
    [28/07/2006|18:25] C:\Program Files\NewTech Infosystems
    [13/06/2007|21:10] C:\Program Files\Outlook Express
    [15/12/2006|23:37] C:\Program Files\Oxilog
    [16/07/2007|15:36] C:\Program Files\Project64 1.6
    [04/10/2008|11:24] C:\Program Files\QuickTime
    [29/07/2006|15:34] C:\Program Files\Real
    [25/01/2007|00:17] C:\Program Files\Ripp-it_AM
    [31/08/2008|19:15] C:\Program Files\SAGEM
    [15/01/2008|20:29] C:\Program Files\Samsung
    [09/07/2007|12:40] C:\Program Files\Securitoo
    [12/04/2007|16:59] C:\Program Files\Sega
    [29/02/2008|18:57] C:\Program Files\Services en ligne
    [15/08/2006|18:12] C:\Program Files\SigmaTel
    [04/10/2006|19:00] C:\Program Files\Snapshot Viewer
    [17/01/2008|22:40] C:\Program Files\Spybot - Search & Destroy
    [05/10/2008|17:52] C:\Program Files\Steam
    [12/06/2008|17:31] C:\Program Files\Teamspeak2_RC2
    [04/10/2006|19:31] C:\Program Files\The Adventure Company
    [04/10/2006|19:53] C:\Program Files\Ubi Soft
    [24/02/2008|16:17] C:\Program Files\Ubisoft
    [11/08/2007|11:48] C:\Program Files\Ultimate Stunts
    [07/12/2005|06:53] C:\Program Files\Uninstall Information
    [01/08/2006|19:23] C:\Program Files\VideoLAN
    [31/08/2008|19:27] C:\Program Files\Wanadoo
    [24/01/2007|22:17] C:\Program Files\WinASPI
    [19/07/2007|15:13] C:\Program Files\Windows Defender
    [02/04/2007|22:16] C:\Program Files\Windows Journal Viewer
    [28/02/2008|18:00] C:\Program Files\Windows Live
    [29/02/2008|16:16] C:\Program Files\Windows Media Components
    [08/12/2006|20:02] C:\Program Files\Windows Media Connect 2
    [19/07/2007|15:13] C:\Program Files\Windows Media Player
    [20/09/2006|21:33] C:\Program Files\Windows NT
    [26/03/2007|17:14] C:\Program Files\WindowsUpdate
    [04/02/2008|16:31] C:\Program Files\WinRAR
    [30/12/2005|10:54] C:\Program Files\xerox
    [15/01/2008|21:38] C:\Program Files\Yahoo!
    [03/07/2008|09:05] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [30/12/2005|10:53] C:\Program Files\Fichiers communs\Adobe
    [04/10/2006|20:05] C:\Program Files\Fichiers communs\AOL
    [28/07/2006|18:25] C:\Program Files\Fichiers communs\ArcSoft
    [11/04/2008|20:23] C:\Program Files\Fichiers communs\AVSMedia
    [04/10/2006|18:57] C:\Program Files\Fichiers communs\Designer
    [11/10/2008|17:07] C:\Program Files\Fichiers communs\InstallShield
    [07/12/2005|07:12] C:\Program Files\Fichiers communs\Java
    [28/02/2008|18:01] C:\Program Files\Fichiers communs\Microsoft Shared
    [30/12/2005|10:53] C:\Program Files\Fichiers communs\MSSoap
    [07/12/2005|07:06] C:\Program Files\Fichiers communs\muvee Technologies
    [07/12/2005|07:06] C:\Program Files\Fichiers communs\NewTech Infosystems
    [17/09/2006|19:24] C:\Program Files\Fichiers communs\ODBC
    [27/08/2008|11:39] C:\Program Files\Fichiers communs\Real
    [30/12/2005|10:54] C:\Program Files\Fichiers communs\Services
    [30/12/2005|10:54] C:\Program Files\Fichiers communs\SpeechEngines
    [22/08/2008|18:01] C:\Program Files\Fichiers communs\Symantec Shared
    [13/06/2007|21:10] C:\Program Files\Fichiers communs\System
    [28/02/2008|18:01] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 38 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-24 17:59:33
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 252

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\PERRON\Mes documents\Autres\Crack
    C:\DOCUME~1\PERRON\Mes documents\Autres\Key Avs Video Converter v4.3.1.371 Incl Crack 100 % Info.txt
    C:\DOCUME~1\PERRON\Mes documents\Autres\Crack\AVS.Video.Converter.v4.3.1.371-RES-crk
    C:\DOCUME~1\PERRON\Mes documents\Autres\Crack\AVS.Video.Converter.v4.3.1.371-RES-crk.rar
    C:\DOCUME~1\PERRON\Mes documents\Autres\Crack\AVS.Video.Converter.v4.3.1.371-RES-crk\AVSVideoConverter4.exe
    C:\DOCUME~1\PERRON\Mes documents\Autres\Crack\AVS.Video.Converter.v4.3.1.371-RES-crk\CaptureWizard.exe
    C:\DOCUME~1\PERRON\Mes documents\Autres\Crack\AVS.Video.Converter.v4.3.1.371-RES-crk\licence.reg
    C:\DOCUME~1\PERRON\Mes documents\Autres\Crack\AVS.Video.Converter.v4.3.1.371-RES-crk\RESURRECTiON.nfo


    [F:3][D:0]-> C:\DOCUME~1\PERRON\LOCALS~1\Temp
    [F:47][D:0]-> C:\DOCUME~1\PERRON\Cookies
    [F:424][D:4]-> C:\DOCUME~1\PERRON\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 24/10/2008|17:50 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 24/10/2008|18:01 - Option : [2]

    --------------------\\ Fin du rapport a 18:01:29
    24 Octobre 2008 18:05:36

    Je serais absent jusqu'à 21H , Déja un grand merci pour le temps que tu m'as consacré ;D
    A ce soir j'espère.
    a b 8 Sécurité
    24 Octobre 2008 18:07:36

    Ça tombe bien, pas là ce soir aussi :D 
    Reposte un rapport Hijackthis.
    24 Octobre 2008 21:13:08

    Re :) 
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:12:48, on 24/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\PROGRA~1\MESSAG~1\StartMessager.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\MICROS~4\rapimgr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: WiFi Station.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O20 - AppInit_DLLs: jsllsl.dll
    O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: SecurityConsole - Unknown owner - C:\WINDOWS\AppPatch\Patches32\svchost.exe (file missing)

    --
    End of file - 6381 bytes
    25 Octobre 2008 18:32:52

    Re,
    Avira AntiVir Personal
    Report file date: samedi 25 octobre 2008 17:04

    Scanning for 1707161 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Normally booted
    Username: PERRON
    Computer name: ACER-0912CA301A

    Version information:
    BUILD.DAT : 8.2.0.334 16933 Bytes 16/10/2008 14:55:00
    AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
    AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
    LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
    LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
    ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
    ANTIVIR2.VDF : 7.0.7.59 4366336 Bytes 19/10/2008 10:54:39
    ANTIVIR3.VDF : 7.0.7.89 186880 Bytes 24/10/2008 10:54:42
    Engineversion : 8.2.0.9
    AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 10:05:56
    AESCRIPT.DLL : 8.1.1.9 319867 Bytes 25/10/2008 10:54:57
    AESCN.DLL : 8.1.1.3 123252 Bytes 14/10/2008 10:05:56
    AERDL.DLL : 8.1.1.2 438644 Bytes 12/09/2008 06:06:02
    AEPACK.DLL : 8.1.2.4 369014 Bytes 14/10/2008 10:05:56
    AEOFFICE.DLL : 8.1.0.29 196988 Bytes 25/10/2008 10:54:55
    AEHEUR.DLL : 8.1.0.63 1479032 Bytes 25/10/2008 10:54:53
    AEHELP.DLL : 8.1.1.2 115062 Bytes 14/10/2008 10:05:56
    AEGEN.DLL : 8.1.0.42 319861 Bytes 25/10/2008 10:54:46
    AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
    AECORE.DLL : 8.1.2.8 172406 Bytes 25/10/2008 10:54:44
    AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
    AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
    AVREP.DLL : 8.0.0.2 98344 Bytes 25/10/2008 10:54:42
    AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
    RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

    Configuration settings for the scan:
    Jobname..........................: Local Hard Disks
    Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:, D:,
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: samedi 25 octobre 2008 17:04

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'WiFiStation.exe' - '1' Module(s) have been scanned
    Scan process 'rapimgr.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
    Scan process 'wcescomm.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'qttask.exe' - '1' Module(s) have been scanned
    Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'StartMessager.exe' - '1' Module(s) have been scanned
    Scan process 'Monitor.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'VTTrayp.exe' - '1' Module(s) have been scanned
    Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'ashServ.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    37 processes with 37 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!
    Master boot sector HD1
    [INFO] No virus was found!
    [WARNING] System error [21]: Le périphérique n'est pas prêt.
    Master boot sector HD2
    [INFO] No virus was found!
    [WARNING] System error [21]: Le périphérique n'est pas prêt.
    Master boot sector HD3
    [INFO] No virus was found!
    [WARNING] System error [21]: Le périphérique n'est pas prêt.
    Master boot sector HD4
    [INFO] No virus was found!
    [WARNING] System error [21]: Le périphérique n'est pas prêt.

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!
    Boot sector 'D:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '66' files ).


    Starting the file scan:

    Begin scan in 'C:\' <ACER>
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Lop SD\Backup-Lop\DOCUME~1\PERRON\APPLIC~1\4FLAG~1\vewxnhnu.exe
    [DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
    [NOTE] The file was moved to '497a3a0b.qua'!
    Begin scan in 'D:\' <ACERDATA>


    End of the scan: samedi 25 octobre 2008 17:37
    Used time: 33:08 Minute(s)
    a b 8 Sécurité
    25 Octobre 2008 18:36:06

    Reposte un rapport Hijackthis.
    25 Octobre 2008 18:38:24

    Re,
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:38:09, on 25/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\PROGRA~1\MESSAG~1\StartMessager.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\PROGRA~1\MICROS~4\rapimgr.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    c:\program files\avira\antivir personaledition classic\avcenter.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: WiFi Station.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O20 - AppInit_DLLs: jsllsl.dll
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: SecurityConsole - Unknown owner - C:\WINDOWS\AppPatch\Patches32\svchost.exe (file missing)

    --
    End of file - 6486 bytes

    a b 8 Sécurité
    25 Octobre 2008 19:08:01

    Re,

    Fix la ligne dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

    O20 - AppInit_DLLs: jsllsl.dll
    26 Octobre 2008 10:07:37

    Voila qui est fait,
    Je suppose qu'il faut un rapport HiJackThis donc le voila :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:07:27, on 26/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\PROGRA~1\MESSAG~1\StartMessager.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\PROGRA~1\MICROS~4\rapimgr.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: WiFi Station.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: SecurityConsole - Unknown owner - C:\WINDOWS\AppPatch\Patches32\svchost.exe (file missing)

    --
    End of file - 6320 bytes
    a b 8 Sécurité
    27 Octobre 2008 12:33:22

    Encore des soucis ?
    27 Octobre 2008 12:40:29

    Angeldark a dit :
    Encore des soucis ?


    Antivir me détecte encore un virus :S , mais mon surf sur internet est largement amélioré, donc un grand merci à toi Angeldark !
    Sinon pour le virus je sais pas si t'as une solution sinon pour l'instant il à pas l'air de beaucoup pertuber mon Pc.
    Mercii :love: 
    a b 8 Sécurité
    27 Octobre 2008 12:43:00

    Tu as le rapport d'AntiVir ?
    27 Octobre 2008 12:48:39

    J'en refais un vite fait et je le post .
    Question : Quand je scan sur antivir je met que Local Hard Disks ?

    Le scan n'est pas fini mais dans le dernier il me mettai
    " Last virus or unwanted program found : "
    TR/Obfuscated.520192.25

    Number of detections : 1


    Voilà en gros :s, là j'attends la fin du scan et je te met le rapport.
    a b 8 Sécurité
    27 Octobre 2008 13:25:08

    Citation :
    Question : Quand je scan sur antivir je met que Local Hard Disks ?

    Oui.

    Citation :
    Voilà en gros :s, là j'attends la fin du scan et je te met le rapport.

    Ouaip.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS