Votre question

virus cafards RÉSOLU!!

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
18 Mai 2008 20:10:24

Bonjour! je suis nouveau et j'ai un gros problème, un virus mettant en vedettes pleins de petits cafards qui mangent l'écran! Bon et après avoir essayer un scan avec avast, rien n'a changer. Alors j'ai entendu dire qu'il fallait hijack?!? Donc, voilà le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:58:16, on 2008-05-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmona.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Creative\MediaSource5\MtdAcqu.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
c:\program files\mcafee\msc\mcuimgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.ca/ig/dell?hl=en&client=dell-row-rel&channel...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=en&client=dell-row-rel&channel...
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [RecoverFromReboot] C:\WINDOWS\Temp\RecoverFromReboot.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ctfmona] C:\WINDOWS\system32\ctfmona.exe
O4 - HKLM\..\Run: [advap32] C:\DOCUME~1\GUERET~1\LOCALS~1\Temp\stdcons.exe/r
O4 - HKLM\..\Run: [WinIFixer] C:\Program Files\WinIFixer\WinIFixer.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MtdAcqu] "C:\Program Files\Creative\MediaSource5\MtdAcqu.exe" /s
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKLM\..\Policies\Explorer\Run: [none] C:\Program Files\Key Generator\pmsngr.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WinCtrl32 - C:\WINDOWS\SYSTEM32\WinCtrl32.dll
O21 - SSODL: hirtellous - {fa19bd7e-50bc-4203-80ac-c4edc81ca9a3} - (no file)
O22 - SharedTaskScheduler: hirtellous - {fa19bd7e-50bc-4203-80ac-c4edc81ca9a3} - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 12897 bytes
Si quelqu'un peut m'aider svp!! merci!
ps; il est à noter que je suis vraiment nul en informatique hehe!

Autres pages sur : virus cafards resolu

18 Mai 2008 20:22:22

Bonsoir,

Télécharge ComboFix (de sUBs) sur ton Bureau.

  • Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
  • Double clique sur ComboFix.exe.
  • Accepte la licence en cliquant sur Oui.
  • Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

    Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

    Aide : Comment utiliser ComboFix.
    18 Mai 2008 20:43:01

    bon j'ai téléchargé combofix et il a scanné et redémarré mon ordinateur, mais pour le rapport....je ne trouve pas!? dsl!
    Contenus similaires
    18 Mai 2008 20:47:19

    ComboFix 08-05-15.3 - guerette robin 2008-05-18 14:29:15.1 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.486 [GMT -4:00]
    Running from: C:\Documents and Settings\guerette robin\Desktop\ComboFix.exe
    * Created a new restore point
    * Resident AV is active


    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\ Page d'accueil deDriveCleaner.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\DriveCleaner.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\Désinstaller de DriveCleaner.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\Mode d'emploi en ligne de DriveCleaner.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\Support en ligne de DriveCleaner.lnk
    C:\Documents and Settings\guerette robin\Application Data\DriveCleaner Free
    C:\Documents and Settings\guerette robin\Application Data\DriveCleaner Free\Logs\update.log
    C:\Documents and Settings\guerette robin\Application Data\macromedia\Flash Player\#SharedObjects\259QFVR4\www.broadcaster.com
    C:\Documents and Settings\guerette robin\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
    C:\Documents and Settings\guerette robin\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
    C:\Documents and Settings\guerette robin\Application Data\WinAntiSpyware 2006
    C:\Documents and Settings\guerette robin\Application Data\WinAntiSpyware 2006\Logs\update.log
    C:\Documents and Settings\guerette robin\Application Data\WinIFixer.com
    C:\Documents and Settings\guerette robin\Desktop\DriveCleaner Free.lnk
    C:\Documents and Settings\guerette robin\err.log
    C:\Documents and Settings\guerette robin\ResErrors.log
    C:\Program Files\AntiVirGear 3(2).8
    C:\Program Files\AntiVirGear 3(2).8\ignored.lst
    C:\Program Files\Common Files\drivecleaner free
    C:\Program Files\DriveCleaner Free
    C:\Program Files\DriveCleaner Free\Activate.dat
    C:\Program Files\DriveCleaner Free\Appbase\AE_CD_Cr.dat
    C:\Program Files\DriveCleaner Free\Appbase\AReadr4.dat
    C:\Program Files\DriveCleaner Free\Appbase\AReadr5.dat
    C:\Program Files\DriveCleaner Free\Appbase\ASDSEEpv.dat
    C:\Program Files\DriveCleaner Free\Appbase\ASPack.dat
    C:\Program Files\DriveCleaner Free\Appbase\Babylon.dat
    C:\Program Files\DriveCleaner Free\Appbase\BDelphi5.dat
    C:\Program Files\DriveCleaner Free\Appbase\CatchUp.dat
    C:\Program Files\DriveCleaner Free\Appbase\CBuildr5.dat
    C:\Program Files\DriveCleaner Free\Appbase\CCGA.dat
    C:\Program Files\DriveCleaner Free\Appbase\CManager.dat
    C:\Program Files\DriveCleaner Free\Appbase\CuteFTP4.dat
    C:\Program Files\DriveCleaner Free\Appbase\CuteHTML.dat
    C:\Program Files\DriveCleaner Free\Appbase\DAcceler.dat
    C:\Program Files\DriveCleaner Free\Appbase\DiscJug.dat
    C:\Program Files\DriveCleaner Free\Appbase\ECDCreat4.dat
    C:\Program Files\DriveCleaner Free\Appbase\Far.dat
    C:\Program Files\DriveCleaner Free\Appbase\FFTsks.dat
    C:\Program Files\DriveCleaner Free\Appbase\FlashFXP.dat
    C:\Program Files\DriveCleaner Free\Appbase\FrntPage.dat
    C:\Program Files\DriveCleaner Free\Appbase\FrontPEx.dat
    C:\Program Files\DriveCleaner Free\Appbase\FtpEXP.dat
    C:\Program Files\DriveCleaner Free\Appbase\FtpVoya.dat
    C:\Program Files\DriveCleaner Free\Appbase\GetRight.dat
    C:\Program Files\DriveCleaner Free\Appbase\GoZilla.dat
    C:\Program Files\DriveCleaner Free\Appbase\GravMRU.dat
    C:\Program Files\DriveCleaner Free\Appbase\H_TxtPad.dat
    C:\Program Files\DriveCleaner Free\Appbase\HomeSite.dat
    C:\Program Files\DriveCleaner Free\Appbase\HotDogPr.dat
    C:\Program Files\DriveCleaner Free\Appbase\IconExtr.dat
    C:\Program Files\DriveCleaner Free\Appbase\iMesh.dat
    C:\Program Files\DriveCleaner Free\Appbase\ImgReady3.dat
    C:\Program Files\DriveCleaner Free\Appbase\InsShExp.dat
    C:\Program Files\DriveCleaner Free\Appbase\JASC_P_P.dat
    C:\Program Files\DriveCleaner Free\Appbase\KaZaA.dat
    C:\Program Files\DriveCleaner Free\Appbase\LView.dat
    C:\Program Files\DriveCleaner Free\Appbase\MacDir.dat
    C:\Program Files\DriveCleaner Free\Appbase\MacDrWea.dat
    C:\Program Files\DriveCleaner Free\Appbase\MicAng.dat
    C:\Program Files\DriveCleaner Free\Appbase\MicDes.dat
    C:\Program Files\DriveCleaner Free\Appbase\MM_CON.dat
    C:\Program Files\DriveCleaner Free\Appbase\MMUnDisk.dat
    C:\Program Files\DriveCleaner Free\Appbase\Morpheus.dat
    C:\Program Files\DriveCleaner Free\Appbase\MPaint.dat
    C:\Program Files\DriveCleaner Free\Appbase\MPicPub.dat
    C:\Program Files\DriveCleaner Free\Appbase\MPImaGal.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSExplorer.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSoffice.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSRegEdit.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSWMP.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSWordPad.dat
    C:\Program Files\DriveCleaner Free\Appbase\Nero.dat
    C:\Program Files\DriveCleaner Free\Appbase\NetShow.dat
    C:\Program Files\DriveCleaner Free\Appbase\NTBackup.dat
    C:\Program Files\DriveCleaner Free\Appbase\pfilelst.xda
    C:\Program Files\DriveCleaner Free\Appbase\PhotShel.dat
    C:\Program Files\DriveCleaner Free\Appbase\PHPCoder.dat
    C:\Program Files\DriveCleaner Free\Appbase\PowerZIP.dat
    C:\Program Files\DriveCleaner Free\Appbase\RapidBr.dat
    C:\Program Files\DriveCleaner Free\Appbase\RealAuPl.dat
    C:\Program Files\DriveCleaner Free\Appbase\RealDown.dat
    C:\Program Files\DriveCleaner Free\Appbase\SecurCRT.dat
    C:\Program Files\DriveCleaner Free\Appbase\SL_BlWin.dat
    C:\Program Files\DriveCleaner Free\Appbase\SmartClr.dat
    C:\Program Files\DriveCleaner Free\Appbase\Sonique.dat
    C:\Program Files\DriveCleaner Free\Appbase\StuffIt.dat
    C:\Program Files\DriveCleaner Free\Appbase\TelepPro.dat
    C:\Program Files\DriveCleaner Free\Appbase\UGifAnim.dat
    C:\Program Files\DriveCleaner Free\Appbase\UltraEd.dat
    C:\Program Files\DriveCleaner Free\Appbase\UMedStud.dat
    C:\Program Files\DriveCleaner Free\Appbase\UPhImpV.dat
    C:\Program Files\DriveCleaner Free\Appbase\UPhotoEx.dat
    C:\Program Files\DriveCleaner Free\Appbase\UVidStud.dat
    C:\Program Files\DriveCleaner Free\Appbase\VNC.dat
    C:\Program Files\DriveCleaner Free\Appbase\WebFeret.dat
    C:\Program Files\DriveCleaner Free\Appbase\WebReap.dat
    C:\Program Files\DriveCleaner Free\Appbase\WinACE.dat
    C:\Program Files\DriveCleaner Free\Appbase\WinGate.dat
    C:\Program Files\DriveCleaner Free\Appbase\WinRAR.dat
    C:\Program Files\DriveCleaner Free\Appbase\WinZIP.dat
    C:\Program Files\DriveCleaner Free\Appbase\WiseInst.dat
    C:\Program Files\DriveCleaner Free\Appbase\wordslst.xda
    C:\Program Files\DriveCleaner Free\Appbase\YahooPl.dat
    C:\Program Files\DriveCleaner Free\Appbase\ZipMagic.dat
    C:\Program Files\DriveCleaner Free\atl71.dll
    C:\Program Files\DriveCleaner Free\AV.dat
    C:\Program Files\DriveCleaner Free\bnlink.dat
    C:\Program Files\DriveCleaner Free\diagnosis.dat
    C:\Program Files\DriveCleaner Free\err.log
    C:\Program Files\DriveCleaner Free\errors.log
    C:\Program Files\DriveCleaner Free\InstHelp.exe
    C:\Program Files\DriveCleaner Free\lapv.dat
    C:\Program Files\DriveCleaner Free\license.rtf
    C:\Program Files\DriveCleaner Free\manual.url
    C:\Program Files\DriveCleaner Free\mfc71.dll
    C:\Program Files\DriveCleaner Free\msvcp71.dll
    C:\Program Files\DriveCleaner Free\msvcr71.dll
    C:\Program Files\DriveCleaner Free\pv.dat
    C:\Program Files\DriveCleaner Free\readme.rtf
    C:\Program Files\DriveCleaner Free\remnag.dat
    C:\Program Files\DriveCleaner Free\ResErrors.log
    C:\Program Files\DriveCleaner Free\ScanReport.dat
    C:\Program Files\DriveCleaner Free\Schedule.dat
    C:\Program Files\DriveCleaner Free\sr.log
    C:\Program Files\DriveCleaner Free\support.url
    C:\Program Files\DriveCleaner Free\UDC.dmp
    C:\Program Files\DriveCleaner Free\UDC.xml
    C:\Program Files\DriveCleaner Free\UDC6V.url
    C:\Program Files\DriveCleaner Free\unins000.dat
    C:\Program Files\DriveCleaner Free\unins000.exe
    C:\Program Files\DriveCleaner Free\uninstall.ico
    C:\Program Files\DriveCleaner Free\up.dat
    C:\Program Files\DriveCleaner Free\UpdateData\upd2328042008.dat
    C:\Program Files\DriveCleaner Free\updater.dat
    C:\Program Files\DriveCleaner Free\vbpv.dat
    C:\Program Files\key generator
    C:\Program Files\key generator\Key Generator.url
    C:\Program Files\key generator\KeyGenerator.exe.manifest
    C:\Program Files\video activex object
    C:\WINDOWS\system32\ctfmona.exe
    C:\WINDOWS\system32\drivers\bjQ75.sys
    C:\WINDOWS\system32\UpMedia

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_bjQ75


    ((((((((((((((((((((((((( Files Created from 2008-04-18 to 2008-05-18 )))))))))))))))))))))))))))))))
    .

    2008-05-18 14:34 . 2008-05-18 14:34 29,056 --a------ C:\WINDOWS\system32\drivers\emT31.sys
    2008-05-18 14:34 . 2008-05-18 14:34 14,336 --a------ C:\WINDOWS\system32\WinCtrl32.dl_
    2008-05-18 13:57 . 2008-05-18 13:57 <DIR> d-------- C:\Program Files\Trend Micro
    2008-05-17 13:06 . 2008-05-17 13:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg8
    2008-05-17 12:50 . 2008-05-17 12:50 <DIR> d-------- C:\Documents and Settings\guerette robin\Application Data\AVGTOOLBAR
    2008-05-17 00:31 . 2008-05-17 00:31 <DIR> d-------- C:\Documents and Settings\guerette robin\Application Data\AXPDefender
    2008-05-17 00:23 . 2008-05-18 13:52 14,336 --a------ C:\WINDOWS\system32\WinCtrl32.dll
    2008-05-17 00:22 . 2008-05-18 13:51 269,334 --a------ C:\WINDOWS\system32\ctfmonb.bmp
    2008-05-17 00:22 . 2008-05-18 13:51 160,256 --a------ C:\WINDOWS\system32\blackster.scr
    2008-05-15 23:59 . 2008-05-15 23:59 118 --a------ C:\WINDOWS\system32\MRT.INI

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-05-17 18:24 --------- d-----w C:\Program Files\Common Files\DriveCleaner 2006 Free
    2008-05-11 01:16 --------- d-----w C:\Documents and Settings\guerette robin\Application Data\LimeWire
    2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
    2008-03-27 08:12 151,583 ------w C:\WINDOWS\system32\dllcache\msjint40.dll
    2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
    2008-03-19 09:47 1,845,248 ------w C:\WINDOWS\system32\dllcache\win32k.sys
    2008-03-01 22:36 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2008-02-29 08:55 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2008-02-29 08:55 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
    2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
    2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll
    2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
    2008-02-20 05:32 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
    2008-02-20 05:32 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
    2007-01-20 00:12 1,570 ----a-w C:\Program Files\INSTALL.LOG
    2007-01-21 05:25 88 --sh--r C:\WINDOWS\system32\96DFC4275B.sys
    2007-01-21 05:25 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ModemOnHold"="C:\Program Files\NetWaiting\netWaiting.exe" [2003-09-10 04:24 20480]
    "DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" [2006-08-28 23:57 395776]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00 15360]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
    "MtdAcqu"="C:\Program Files\Creative\MediaSource5\MtdAcqu.exe" [2006-03-08 09:56 278528]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-15 01:20 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-12-14 01:44 98304]
    "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-12-14 01:41 77824]
    "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-12-14 01:45 118784]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 15:03 36975]
    "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-05-01 11:28 667718]
    "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-05-01 11:28 602182]
    "SigmatelSysTrayApp"="stsystra.exe" [2006-03-25 01:30 282624 C:\WINDOWS\stsystra.exe]
    "Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2006-08-03 20:51 1032192]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 20:48 761947]
    "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-06 03:05 127035]
    "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 18:50 221184]
    "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 18:50 81920]
    "VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 20:18 151552]
    "OASClnt"="C:\Program Files\McAfee.com\VSO\oasclnt.exe" [2005-08-12 00:02 53248]
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-18 13:31 1836544]
    "PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2006-08-22 17:32 184320]
    "VirusScan Online"="C:\Program Files\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 14:49 163840]
    "P2P Networking"="C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" [ ]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 19:05 257088]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-05-01 03:10 185896]
    "ctfmona"="C:\WINDOWS\system32\ctfmona.exe" [ ]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00 15360]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 00:05:26 29696]
    Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-01-11 23:15:12 24576]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 17:05:56 65588]
    Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-05-04 00:07:32 81920]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WinCtrl32]
    WinCtrl32.dll 2008-05-18 13:52 14336 C:\WINDOWS\system32\WinCtrl32.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aiP42.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bjQ31.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cjQ42.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\emT31.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\emT42.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\saH07.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ucI64.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\weL42.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Dell\\MediaDirect\\PCMService.exe"=
    "C:\\Documents and Settings\\guerette robin\\Desktop\\LimeWire\\LimeWire.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Documents and Settings\\guerette robin\\My Documents\\LimeWire\\LimeWire.exe"=
    "C:\\StubInstaller.exe"=
    "C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
    "C:\\Program Files\\uTorrent\\utorrent.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Documents and Settings\\guerette robin\\Desktop\\eMule\\emule.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-15 19:20]
    R1 sdcplh;sdcplh;C:\WINDOWS\system32\drivers\sdcplh.sys [2005-08-26 11:32]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-15 19:16]
    S0 aiP42;aiP42;C:\WINDOWS\system32\Drivers\aiP42.sys []
    S0 bjQ31;bjQ31;C:\WINDOWS\system32\Drivers\bjQ31.sys []
    S0 emT42;emT42;C:\WINDOWS\system32\Drivers\emT42.sys []
    S0 saH07;saH07;C:\WINDOWS\system32\Drivers\saH07.sys []
    S3 cjQ42;cjQ42;C:\WINDOWS\System32\drivers\cjQ42.sys []
    S3 emT31;emT31;C:\WINDOWS\System32\drivers\emT31.sys [2008-05-18 14:34]
    S3 ucI64;ucI64;C:\WINDOWS\System32\drivers\ucI64.sys []
    S3 weL42;weL42;C:\WINDOWS\System32\drivers\weL42.sys []

    .
    Contents of the 'Scheduled Tasks' folder
    "2007-10-14 15:28:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-05-18 17:59:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    voilà je pense avoir trouvé!
    18 Mai 2008 21:41:19

    Re,

    J'aimerais vérifier autre chose ...

    Télécharge SmitfraudFix (de S!ri)

  • Enregistre le sur ton Bureau.
  • Lance-le en double cliquant sur SmitfraudFix.exe
  • Appuie sur une touche comme demandé.
  • Exécute l’option 1, un rapport va apparaître, poste le .

    Le rapport se trouve ici : C:\rapport.txt
    19 Mai 2008 05:28:30

    voila le rapport de smitfraudfix
    SmitFraudFix v2.320

    Rapport fait à 23:25:39.57, 2008-05-18
    Executé à partir de C:\Documents and Settings\guerette robin\Desktop\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    Le type du système de fichiers est NTFS
    Fix executé en mode normal

    »»»»»»»»»»»»»»»»»»»»»»»» Process

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Dell\MediaDirect\PCMService.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\NetWaiting\netWaiting.exe
    C:\Program Files\Dell Support\DSAgnt.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Creative\MediaSource5\MtdAcqu.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\WINDOWS\System32\svchost.exe
    c:\program files\mcafee\msc\mcuimgr.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\system32\cmd.exe

    »»»»»»»»»»»»»»»»»»»»»»»» hosts


    »»»»»»»»»»»»»»»»»»»»»»»» C:\


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\guerette robin


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\guerette robin\Application Data


    »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

    C:\DOCUME~1\GUERET~1\STARTM~1\Programs\Key Generator PRESENT !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\GUERET~1\FAVORI~1


    »»»»»»»»»»»»»»»»»»»»»»»» Bureau


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


    »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


    »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="My Current Home Page"


    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» VACFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» 404Fix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    404Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!



    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
    "System"=""


    »»»»»»»»»»»»»»»»»»»»»»»» Rustock



    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    Description: Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
    DNS Server Search Order: 142.217.192.8
    DNS Server Search Order: 142.217.192.9

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{D1282180-12E8-4481-B3EB-C64B0389E4B4}: DhcpNameServer=142.217.192.8 142.217.192.9
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{D1282180-12E8-4481-B3EB-C64B0389E4B4}: DhcpNameServer=142.217.192.8 142.217.192.9
    HKLM\SYSTEM\CS2\Services\Tcpip\..\{D1282180-12E8-4481-B3EB-C64B0389E4B4}: DhcpNameServer=142.217.192.8 142.217.192.9
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{D1282180-12E8-4481-B3EB-C64B0389E4B4}: DhcpNameServer=142.217.192.8 142.217.192.9
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=142.217.192.8 142.217.192.9
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=142.217.192.8 142.217.192.9
    HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=142.217.192.8 142.217.192.9
    HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=142.217.192.8 142.217.192.9


    »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


    »»»»»»»»»»»»»»»»»»»»»»»» Fin

    19 Mai 2008 21:20:27

    bonsoir

    XmichouX est absent quelques jours, on reprend ses sujets

    1

    ~Redémarre l'ordinateur en mode sans échec (F8 au démarrage de l'ordinateur)
    Aide

    ~Double clique sur SmitfraudFix.cmd
    ~Sélectionne 2 et presse Entrée dans le menu pour supprimer les fichiers responsables de l'infection.
    ~Réponds Oui (o) à toutes les questions.
    Un redémarrage sera peut être nécessaire pour terminer la procédure de nettoyage.
    ~Poste le nouveau rapport.

    2
    ajoute un nouveau log hijackthis stp
    20 Mai 2008 07:40:44

    le nouveau rapport de smitfraudfix...
    itFraudFix v2.320

    Scan done at 1:29:46.43, 2008-05-20
    Run from C:\Documents and Settings\guerette robin\Desktop\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    The filesystem type is NTFS
    Fix run in safe mode

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» Killing process


    »»»»»»»»»»»»»»»»»»»»»»»» hosts

    127.0.0.1 localhost

    »»»»»»»»»»»»»»»»»»»»»»»» VACFix

    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

    S!Ri's WS2Fix: LSP not Found.


    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix

    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» 404Fix

    404Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{D1282180-12E8-4481-B3EB-C64B0389E4B4}: DhcpNameServer=142.217.192.8 142.217.192.9
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{D1282180-12E8-4481-B3EB-C64B0389E4B4}: DhcpNameServer=142.217.192.8 142.217.192.9
    HKLM\SYSTEM\CS2\Services\Tcpip\..\{D1282180-12E8-4481-B3EB-C64B0389E4B4}: DhcpNameServer=142.217.192.8 142.217.192.9
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{D1282180-12E8-4481-B3EB-C64B0389E4B4}: DhcpNameServer=142.217.192.8 142.217.192.9
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=142.217.192.8 142.217.192.9
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=142.217.192.8 142.217.192.9
    HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=142.217.192.8 142.217.192.9
    HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=142.217.192.8 142.217.192.9


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
    !!!Attention, following keys are not inevitably infected!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "System"=""


    »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

    Registry Cleaning done.

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» End

    20 Mai 2008 07:43:44

    et le nouveau log hijackthis
    gfile of Trend Micro HijackThis v2.0.2
    Scan saved at 01:43, on 2008-05-20
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Dell\MediaDirect\PCMService.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\Program Files\QuickTime\qttask.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Dell Support\DSAgnt.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Creative\MediaSource5\MtdAcqu.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\WINDOWS\System32\svchost.exe
    c:\program files\mcafee\msc\mcuimgr.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=en&client=dell-row-rel&channel...
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MtdAcqu] "C:\Program Files\Creative\MediaSource5\MtdAcqu.exe" /s
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
    O20 - Winlogon Notify: WinCtrl32 - C:\WINDOWS\SYSTEM32\WinCtrl32.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

    --
    End of file - 11326 bytes
    Et merci pour votre aide!!!!!!!
    20 Mai 2008 17:07:21

    re

    tu as deux antivirus, Désinstalle correctement Avast!


    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM



    21 Mai 2008 05:53:10

    Malwarebytes' Anti-Malware 1.12
    Version de la base de données: 770

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 87765
    Temps écoulé: 1 hour(s), 54 minute(s), 11 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 1
    Clé(s) du Registre infectée(s): 19
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 14
    Fichier(s) infecté(s): 14

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\WinCtrl32.dll (Trojan.Agent) -> Unloaded module successfully.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bjq86 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bjq86 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\bjq86 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bjq86 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\emt31 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\emt31 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\emt31 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\emt31 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ksy75 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ksy75 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ksy75 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ksy75 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tci53 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tci53 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\tci53 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tci53 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\AXPDefender (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winctrl32 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\Control Panel\Desktop\OriginalWallpaper (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Control Panel\Desktop\ConvertedWallpaper (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\MalwareAlarm (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
    C:\Program Files\Common Files\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
    C:\Documents and Settings\guerette robin\Application Data\AXPDefender (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
    C:\Documents and Settings\guerette robin\Application Data\AXPDefender\AXPDefender (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
    C:\Documents and Settings\guerette robin\Application Data\AXPDefender\AXPDefender\Quarantine (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
    C:\Documents and Settings\guerette robin\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
    C:\Documents and Settings\guerette robin\Application Data\AXPDefender\AXPDefender\Quarantine\BrowserObjects (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
    C:\Documents and Settings\guerette robin\Application Data\AXPDefender\AXPDefender\Quarantine\Packages (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
    C:\Documents and Settings\guerette robin\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKCU (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
    C:\Documents and Settings\guerette robin\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKLM (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
    C:\Documents and Settings\guerette robin\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\StartMenuAllUsers (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
    C:\Documents and Settings\guerette robin\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\StartMenuCurrentUser (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
    C:\Documents and Settings\guerette robin\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKCU\RunOnce (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
    C:\Documents and Settings\guerette robin\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKLM\RunOnce (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\QooBox\Quarantine\C\WINDOWS\system32\ctfmona.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\bjQ75.sys.vir (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP219\A0077263.sys (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077275.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077277.sys (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\blackster.scr (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ctfmonb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\bjQ86.sys (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\emT31.sys (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\ksY75.sys (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\tcI53.sys (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\MalwareAlarm\MalwareAlarm0.ma (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
    C:\Program Files\MalwareAlarm\MalwareAlarm1.ma (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\WinCtrl32.dll (Trojan.Agent) -> Delete on reboot.
    21 Mai 2008 17:48:54

    bonjour

    repasse combofix maintenant et poste le nouveau rapport
    21 Mai 2008 18:31:07

    ComboFix 08-05-15.3 - guerette robin 2008-05-21 12:02:12.2 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.448 [GMT -4:00]
    Running from: C:\Documents and Settings\guerette robin\Desktop\ComboFix.exe
    * Resident AV is active


    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\drivers\dkR18.sys
    C:\WINDOWS\system32\drivers\emT20.sys
    C:\WINDOWS\system32\drivers\fmS42.sys
    C:\WINDOWS\system32\drivers\hpW18.sys
    C:\WINDOWS\system32\drivers\jrY18.sys
    C:\WINDOWS\system32\drivers\ksA64.sys
    .
    ---- Previous Run -------
    .
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\ Page d'accueil deDriveCleaner.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\DriveCleaner.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\Désinstaller de DriveCleaner.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\Mode d'emploi en ligne de DriveCleaner.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\Support en ligne de DriveCleaner.lnk
    C:\Documents and Settings\guerette robin\Application Data\DriveCleaner Free
    C:\Documents and Settings\guerette robin\Application Data\DriveCleaner Free\Logs\update.log
    C:\Documents and Settings\guerette robin\Application Data\macromedia\Flash Player\#SharedObjects\259QFVR4\www.broadcaster.com
    C:\Documents and Settings\guerette robin\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
    C:\Documents and Settings\guerette robin\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
    C:\Documents and Settings\guerette robin\Application Data\WinAntiSpyware 2006
    C:\Documents and Settings\guerette robin\Application Data\WinAntiSpyware 2006\Logs\update.log
    C:\Documents and Settings\guerette robin\Application Data\WinIFixer.com
    C:\Documents and Settings\guerette robin\Desktop\DriveCleaner Free.lnk
    C:\Documents and Settings\guerette robin\err.log
    C:\Documents and Settings\guerette robin\ResErrors.log
    C:\Program Files\AntiVirGear 3(2).8
    C:\Program Files\AntiVirGear 3(2).8\ignored.lst
    C:\Program Files\Common Files\drivecleaner free
    C:\Program Files\DriveCleaner Free
    C:\Program Files\DriveCleaner Free\Activate.dat
    C:\Program Files\DriveCleaner Free\Appbase\AE_CD_Cr.dat
    C:\Program Files\DriveCleaner Free\Appbase\AReadr4.dat
    C:\Program Files\DriveCleaner Free\Appbase\AReadr5.dat
    C:\Program Files\DriveCleaner Free\Appbase\ASDSEEpv.dat
    C:\Program Files\DriveCleaner Free\Appbase\ASPack.dat
    C:\Program Files\DriveCleaner Free\Appbase\Babylon.dat
    C:\Program Files\DriveCleaner Free\Appbase\BDelphi5.dat
    C:\Program Files\DriveCleaner Free\Appbase\CatchUp.dat
    C:\Program Files\DriveCleaner Free\Appbase\CBuildr5.dat
    C:\Program Files\DriveCleaner Free\Appbase\CCGA.dat
    C:\Program Files\DriveCleaner Free\Appbase\CManager.dat
    C:\Program Files\DriveCleaner Free\Appbase\CuteFTP4.dat
    C:\Program Files\DriveCleaner Free\Appbase\CuteHTML.dat
    C:\Program Files\DriveCleaner Free\Appbase\DAcceler.dat
    C:\Program Files\DriveCleaner Free\Appbase\DiscJug.dat
    C:\Program Files\DriveCleaner Free\Appbase\ECDCreat4.dat
    C:\Program Files\DriveCleaner Free\Appbase\Far.dat
    C:\Program Files\DriveCleaner Free\Appbase\FFTsks.dat
    C:\Program Files\DriveCleaner Free\Appbase\FlashFXP.dat
    C:\Program Files\DriveCleaner Free\Appbase\FrntPage.dat
    C:\Program Files\DriveCleaner Free\Appbase\FrontPEx.dat
    C:\Program Files\DriveCleaner Free\Appbase\FtpEXP.dat
    C:\Program Files\DriveCleaner Free\Appbase\FtpVoya.dat
    C:\Program Files\DriveCleaner Free\Appbase\GetRight.dat
    C:\Program Files\DriveCleaner Free\Appbase\GoZilla.dat
    C:\Program Files\DriveCleaner Free\Appbase\GravMRU.dat
    C:\Program Files\DriveCleaner Free\Appbase\H_TxtPad.dat
    C:\Program Files\DriveCleaner Free\Appbase\HomeSite.dat
    C:\Program Files\DriveCleaner Free\Appbase\HotDogPr.dat
    C:\Program Files\DriveCleaner Free\Appbase\IconExtr.dat
    C:\Program Files\DriveCleaner Free\Appbase\iMesh.dat
    C:\Program Files\DriveCleaner Free\Appbase\ImgReady3.dat
    C:\Program Files\DriveCleaner Free\Appbase\InsShExp.dat
    C:\Program Files\DriveCleaner Free\Appbase\JASC_P_P.dat
    C:\Program Files\DriveCleaner Free\Appbase\KaZaA.dat
    C:\Program Files\DriveCleaner Free\Appbase\LView.dat
    C:\Program Files\DriveCleaner Free\Appbase\MacDir.dat
    C:\Program Files\DriveCleaner Free\Appbase\MacDrWea.dat
    C:\Program Files\DriveCleaner Free\Appbase\MicAng.dat
    C:\Program Files\DriveCleaner Free\Appbase\MicDes.dat
    C:\Program Files\DriveCleaner Free\Appbase\MM_CON.dat
    C:\Program Files\DriveCleaner Free\Appbase\MMUnDisk.dat
    C:\Program Files\DriveCleaner Free\Appbase\Morpheus.dat
    C:\Program Files\DriveCleaner Free\Appbase\MPaint.dat
    C:\Program Files\DriveCleaner Free\Appbase\MPicPub.dat
    C:\Program Files\DriveCleaner Free\Appbase\MPImaGal.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSExplorer.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSoffice.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSRegEdit.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSWMP.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSWordPad.dat
    C:\Program Files\DriveCleaner Free\Appbase\Nero.dat
    C:\Program Files\DriveCleaner Free\Appbase\NetShow.dat
    C:\Program Files\DriveCleaner Free\Appbase\NTBackup.dat
    C:\Program Files\DriveCleaner Free\Appbase\pfilelst.xda
    C:\Program Files\DriveCleaner Free\Appbase\PhotShel.dat
    C:\Program Files\DriveCleaner Free\Appbase\PHPCoder.dat
    C:\Program Files\DriveCleaner Free\Appbase\PowerZIP.dat
    C:\Program Files\DriveCleaner Free\Appbase\RapidBr.dat
    C:\Program Files\DriveCleaner Free\Appbase\RealAuPl.dat
    C:\Program Files\DriveCleaner Free\Appbase\RealDown.dat
    C:\Program Files\DriveCleaner Free\Appbase\SecurCRT.dat
    C:\Program Files\DriveCleaner Free\Appbase\SL_BlWin.dat
    C:\Program Files\DriveCleaner Free\Appbase\SmartClr.dat
    C:\Program Files\DriveCleaner Free\Appbase\Sonique.dat
    C:\Program Files\DriveCleaner Free\Appbase\StuffIt.dat
    C:\Program Files\DriveCleaner Free\Appbase\TelepPro.dat
    C:\Program Files\DriveCleaner Free\Appbase\UGifAnim.dat
    C:\Program Files\DriveCleaner Free\Appbase\UltraEd.dat
    C:\Program Files\DriveCleaner Free\Appbase\UMedStud.dat
    C:\Program Files\DriveCleaner Free\Appbase\UPhImpV.dat
    C:\Program Files\DriveCleaner Free\Appbase\UPhotoEx.dat
    C:\Program Files\DriveCleaner Free\Appbase\UVidStud.dat
    C:\Program Files\DriveCleaner Free\Appbase\VNC.dat
    C:\Program Files\DriveCleaner Free\Appbase\WebFeret.dat
    C:\Program Files\DriveCleaner Free\Appbase\WebReap.dat
    C:\Program Files\DriveCleaner Free\Appbase\WinACE.dat
    C:\Program Files\DriveCleaner Free\Appbase\WinGate.dat
    C:\Program Files\DriveCleaner Free\Appbase\WinRAR.dat
    C:\Program Files\DriveCleaner Free\Appbase\WinZIP.dat
    C:\Program Files\DriveCleaner Free\Appbase\WiseInst.dat
    C:\Program Files\DriveCleaner Free\Appbase\wordslst.xda
    C:\Program Files\DriveCleaner Free\Appbase\YahooPl.dat
    C:\Program Files\DriveCleaner Free\Appbase\ZipMagic.dat
    C:\Program Files\DriveCleaner Free\atl71.dll
    C:\Program Files\DriveCleaner Free\AV.dat
    C:\Program Files\DriveCleaner Free\bnlink.dat
    C:\Program Files\DriveCleaner Free\diagnosis.dat
    C:\Program Files\DriveCleaner Free\err.log
    C:\Program Files\DriveCleaner Free\errors.log
    C:\Program Files\DriveCleaner Free\InstHelp.exe
    C:\Program Files\DriveCleaner Free\lapv.dat
    C:\Program Files\DriveCleaner Free\license.rtf
    C:\Program Files\DriveCleaner Free\manual.url
    C:\Program Files\DriveCleaner Free\mfc71.dll
    C:\Program Files\DriveCleaner Free\msvcp71.dll
    C:\Program Files\DriveCleaner Free\msvcr71.dll
    C:\Program Files\DriveCleaner Free\pv.dat
    C:\Program Files\DriveCleaner Free\readme.rtf
    C:\Program Files\DriveCleaner Free\remnag.dat
    C:\Program Files\DriveCleaner Free\ResErrors.log
    C:\Program Files\DriveCleaner Free\ScanReport.dat
    C:\Program Files\DriveCleaner Free\Schedule.dat
    C:\Program Files\DriveCleaner Free\sr.log
    C:\Program Files\DriveCleaner Free\support.url
    C:\Program Files\DriveCleaner Free\UDC.dmp
    C:\Program Files\DriveCleaner Free\UDC.xml
    C:\Program Files\DriveCleaner Free\UDC6V.url
    C:\Program Files\DriveCleaner Free\unins000.dat
    C:\Program Files\DriveCleaner Free\unins000.exe
    C:\Program Files\DriveCleaner Free\uninstall.ico
    C:\Program Files\DriveCleaner Free\up.dat
    C:\Program Files\DriveCleaner Free\UpdateData\upd2328042008.dat
    C:\Program Files\DriveCleaner Free\updater.dat
    C:\Program Files\DriveCleaner Free\vbpv.dat
    C:\Program Files\key generator
    C:\Program Files\key generator\Key Generator.url
    C:\Program Files\key generator\KeyGenerator.exe.manifest
    C:\Program Files\video activex object
    C:\WINDOWS\system32\ctfmona.exe
    C:\WINDOWS\system32\drivers\bjQ75.sys
    C:\WINDOWS\system32\UpMedia

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_bjQ75
    -------\Service_dkR18
    -------\Service_emT20
    -------\Service_fmS42
    -------\Service_hpW18
    -------\Service_jrY18
    -------\Service_ksA64


    ((((((((((((((((((((((((( Files Created from 2008-04-21 to 2008-05-21 )))))))))))))))))))))))))))))))
    .

    2008-05-20 12:08 . 2008-05-20 12:08 <DIR> d-------- C:\Documents and Settings\guerette robin\Application Data\Malwarebytes
    2008-05-20 12:07 . 2008-05-20 12:08 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-05-20 12:07 . 2008-05-20 12:07 <DIR> d-------- C:\Program Files\Common Files\Download Manager
    2008-05-20 12:07 . 2008-05-20 12:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-05-20 12:07 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-05-20 12:07 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-05-18 23:25 . 2008-05-20 01:29 4,242 --a------ C:\WINDOWS\system32\tmp.reg
    2008-05-18 13:57 . 2008-05-18 13:57 <DIR> d-------- C:\Program Files\Trend Micro
    2008-05-17 13:06 . 2008-05-17 13:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg8
    2008-05-17 12:50 . 2008-05-17 12:50 <DIR> d-------- C:\Documents and Settings\guerette robin\Application Data\AVGTOOLBAR
    2008-05-15 23:59 . 2008-05-15 23:59 118 --a------ C:\WINDOWS\system32\MRT.INI

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-05-21 04:34 --------- d-----w C:\Documents and Settings\guerette robin\Application Data\LimeWire
    2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
    2008-03-27 08:12 151,583 ------w C:\WINDOWS\system32\dllcache\msjint40.dll
    2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
    2008-03-19 09:47 1,845,248 ------w C:\WINDOWS\system32\dllcache\win32k.sys
    2008-03-01 22:36 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2008-02-29 08:55 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2008-02-29 08:55 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
    2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2007-01-20 00:12 1,570 ----a-w C:\Program Files\INSTALL.LOG
    2007-01-21 05:25 88 --sh--r C:\WINDOWS\system32\96DFC4275B.sys
    2007-01-21 05:25 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
    .

    ((((((((((((((((((((((((((((( snapshot@2008-05-18_14.39.09.46 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-05-18 18:33:08 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-05-21 16:05:46 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2004-08-04 11:00:00 708,096 ----a-w C:\WINDOWS\system32\dllcache\ntdll.dll
    + 2008-05-21 16:06:13 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_ab4.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ModemOnHold"="C:\Program Files\NetWaiting\netWaiting.exe" [2003-09-10 04:24 20480]
    "DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" [2006-08-28 23:57 395776]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00 15360]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
    "MtdAcqu"="C:\Program Files\Creative\MediaSource5\MtdAcqu.exe" [2006-03-08 09:56 278528]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-15 01:20 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-12-14 01:44 98304]
    "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-12-14 01:41 77824]
    "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-12-14 01:45 118784]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 15:03 36975]
    "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-05-01 11:28 667718]
    "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-05-01 11:28 602182]
    "SigmatelSysTrayApp"="stsystra.exe" [2006-03-25 01:30 282624 C:\WINDOWS\stsystra.exe]
    "Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2006-08-03 20:51 1032192]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 20:48 761947]
    "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-06 03:05 127035]
    "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 18:50 221184]
    "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 18:50 81920]
    "VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 20:18 151552]
    "OASClnt"="C:\Program Files\McAfee.com\VSO\oasclnt.exe" [2005-08-12 00:02 53248]
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-18 13:31 1836544]
    "PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2006-08-22 17:32 184320]
    "VirusScan Online"="C:\Program Files\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 14:49 163840]
    "P2P Networking"="C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" [ ]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 19:05 257088]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-05-01 03:10 185896]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00 15360]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 00:05:26 29696]
    Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-01-11 23:15:12 24576]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 17:05:56 65588]
    Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-05-04 00:07:32 81920]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aiP42.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bjQ31.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bjQ86.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cjQ42.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\emT31.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\emT42.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksY75.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\saH07.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tcI53.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ucI64.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\weL42.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Dell\\MediaDirect\\PCMService.exe"=
    "C:\\Documents and Settings\\guerette robin\\Desktop\\LimeWire\\LimeWire.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Documents and Settings\\guerette robin\\My Documents\\LimeWire\\LimeWire.exe"=
    "C:\\StubInstaller.exe"=
    "C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
    "C:\\Program Files\\uTorrent\\utorrent.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Documents and Settings\\guerette robin\\Desktop\\eMule\\emule.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

    R1 sdcplh;sdcplh;C:\WINDOWS\system32\drivers\sdcplh.sys [2005-08-26 11:32]
    S0 aiP42;aiP42;C:\WINDOWS\system32\Drivers\aiP42.sys []
    S0 bjQ31;bjQ31;C:\WINDOWS\system32\Drivers\bjQ31.sys []
    S0 emT42;emT42;C:\WINDOWS\system32\Drivers\emT42.sys []
    S0 saH07;saH07;C:\WINDOWS\system32\Drivers\saH07.sys []
    S3 cjQ42;cjQ42;C:\WINDOWS\System32\drivers\cjQ42.sys []
    S3 MBAMCatchMe;MBAMCatchMe;C:\WINDOWS\system32\drivers\mbamcatchme.sys [2008-05-05 20:46]
    S3 ucI64;ucI64;C:\WINDOWS\System32\drivers\ucI64.sys []
    S3 weL42;weL42;C:\WINDOWS\System32\drivers\weL42.sys []

    .
    Contents of the 'Scheduled Tasks' folder
    "2007-10-14 15:28:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-05-21 15:59:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    21 Mai 2008 22:25:05

    re

    Rends toi sur ce lien : Virus Total
  • Clique sur Parcourir
  • Rends toi jusque sur ce fichier si tu le trouves :

    C:\WINDOWS\system32\96DFC4275B.sys

  • Clique sur Envoyer le fichier et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
  • Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
  • Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
  • Une nouvelle fenêtre de ton navigateur va apparaître
  • Clique alors sur cette image :
  • Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
  • Enfin colle le résultat dans ta prochaine réponse.
    Note : Peu importe le résultat, il est important de me communiquer le résultat de toute l'analyse.
    Il est possible que tes outils de sécurité réagissent à l'envoi du fichier, en ce cas il te faudra ignorer les alertes.
    22 Mai 2008 05:45:14

    Humm ben voilà!
    Fichier 96DFC4275B.sys reçu le 2008.05.22 05:43:23 (CET)Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 2008.5.20.0 2008.05.21 -
    AntiVir 7.8.0.19 2008.05.21 -
    Authentium 5.1.0.4 2008.05.21 -
    Avast 4.8.1195.0 2008.05.21 -
    AVG 7.5.0.516 2008.05.21 -
    BitDefender 7.2 2008.05.22 -
    CAT-QuickHeal 9.50 2008.05.21 -
    ClamAV 0.92.1 2008.05.22 -
    DrWeb 4.44.0.09170 2008.05.21 -
    eSafe 7.0.15.0 2008.05.21 -
    eTrust-Vet 31.4.5808 2008.05.21 -
    Ewido 4.0 2008.05.21 -
    F-Prot 4.4.2.54 2008.05.16 -
    F-Secure 6.70.13260.0 2008.05.22 -
    Fortinet 3.14.0.0 2008.05.22 -
    GData 2.0.7306.1023 2008.05.22 -
    Ikarus T3.1.1.26.0 2008.05.22 -
    Kaspersky 7.0.0.125 2008.05.22 -
    McAfee 5300 2008.05.21 -
    Microsoft 1.3520 2008.05.22 -
    NOD32v2 3118 2008.05.21 -
    Norman 5.80.02 2008.05.21 -
    Panda 9.0.0.4 2008.05.22 -
    Prevx1 V2 2008.05.22 -
    Rising 20.45.30.00 2008.05.22 -
    Sophos 4.29.0 2008.05.22 -
    Sunbelt 3.0.1123.1 2008.05.17 -
    Symantec 10 2008.05.22 -
    TheHacker 6.2.92.315 2008.05.21 -
    VBA32 3.12.6.6 2008.05.21 -
    VirusBuster 4.3.26:9 2008.05.21 -
    Webwasher-Gateway 6.6.2 2008.05.21 -

    Information additionnelle
    File size: 88 bytes
    MD5...: 27227c1cc5bdde3e0f55c95c8ea56858
    SHA1..: 5d0fed5db2899a79c46549223ceb58a9354bd6d5
    SHA256: 5f10bd625f3ddddff6dbac148ba83caae751d0d4bef4c9418ff3f87830fdd677
    SHA512: 7bb831e3a3d362a07460e0fa82f89b420a1ed9c2691b346fb10ceaefbf55c337<BR>10c67cc73023c0e082c46026335bfc77601be1249651b92c0ac1de65a4f52545
    PEiD..: -
    PEInfo: -

    Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 2008.5.20.0 2008.05.21 -
    AntiVir 7.8.0.19 2008.05.21 -
    Authentium 5.1.0.4 2008.05.21 -
    Avast 4.8.1195.0 2008.05.21 -
    AVG 7.5.0.516 2008.05.21 -
    BitDefender 7.2 2008.05.22 -
    CAT-QuickHeal 9.50 2008.05.21 -
    ClamAV 0.92.1 2008.05.22 -
    DrWeb 4.44.0.09170 2008.05.21 -
    eSafe 7.0.15.0 2008.05.21 -
    eTrust-Vet 31.4.5808 2008.05.21 -
    Ewido 4.0 2008.05.21 -
    F-Prot 4.4.2.54 2008.05.16 -
    F-Secure 6.70.13260.0 2008.05.22 -
    Fortinet 3.14.0.0 2008.05.22 -
    GData 2.0.7306.1023 2008.05.22 -
    Ikarus T3.1.1.26.0 2008.05.22 -
    Kaspersky 7.0.0.125 2008.05.22 -
    McAfee 5300 2008.05.21 -
    Microsoft 1.3520 2008.05.22 -
    NOD32v2 3118 2008.05.21 -
    Norman 5.80.02 2008.05.21 -
    Panda 9.0.0.4 2008.05.22 -
    Prevx1 V2 2008.05.22 -
    Rising 20.45.30.00 2008.05.22 -
    Sophos 4.29.0 2008.05.22 -
    Sunbelt 3.0.1123.1 2008.05.17 -
    Symantec 10 2008.05.22 -
    TheHacker 6.2.92.315 2008.05.21 -
    VBA32 3.12.6.6 2008.05.21 -
    VirusBuster 4.3.26:9 2008.05.21 -
    Webwasher-Gateway 6.6.2 2008.05.21 -

    Information additionnelle
    File size: 88 bytes
    MD5...: 27227c1cc5bdde3e0f55c95c8ea56858
    SHA1..: 5d0fed5db2899a79c46549223ceb58a9354bd6d5
    SHA256: 5f10bd625f3ddddff6dbac148ba83caae751d0d4bef4c9418ff3f87830fdd677
    SHA512: 7bb831e3a3d362a07460e0fa82f89b420a1ed9c2691b346fb10ceaefbf55c337<BR>10c67cc73023c0e082c46026335bfc77601be1249651b92c0ac1de65a4f52545
    PEiD..: -
    PEInfo: -

    22 Mai 2008 12:25:00

    bonjour

    Copie (Ctrl+C) le texte ci-dessous :
    Driver::
    aiP42
    bjQ31
    emT42
    saH07
    cjQ42
    ucI64
    weL42

    Registry::
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aiP42.sys]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bjQ31.sys]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bjQ86.sys]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cjQ42.sys]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\emT31.sys]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\emT42.sys]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksY75.sys]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\saH07.sys]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tcI53.sys]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ucI64.sys]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\weL42.sys]



    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte que tu viens de copier.
    Sauvegarde ce fichier sous le nom de CFScript.txt

    Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture


  • Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
  • Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
    Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
  • Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

    23 Mai 2008 05:52:42

    Bon' j'ai essayé, mais ca ne fonctionne pas!?!
    23 Mai 2008 16:55:40

    bonjour

    tu as fait exactement la procédure?

    le document doit vraiment s'appeler CFScript.txt sinon, ça ne marche pas
    24 Mai 2008 05:44:55

    ben je sais pas si j'ai bien fait parce qu'on ne m'a pas donné le choix dont tu parles? en tk voici le rapport!
    ComboFix 08-05-15.3 - guerette robin 2008-05-23 23:33:47.5 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.484 [GMT -4:00]
    Running from: C:\Documents and Settings\guerette robin\Desktop\ComboFix.exe
    Command switches used :: C:\Documents and Settings\guerette robin\Desktop\CFScript.txt
    * Created a new restore point
    * Resident AV is active


    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ---- Previous Run -------
    .
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\ Page d'accueil deDriveCleaner.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\DriveCleaner.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\Désinstaller de DriveCleaner.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\Mode d'emploi en ligne de DriveCleaner.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Free\Support en ligne de DriveCleaner.lnk
    C:\Documents and Settings\guerette robin\Application Data\DriveCleaner Free
    C:\Documents and Settings\guerette robin\Application Data\DriveCleaner Free\Logs\update.log
    C:\Documents and Settings\guerette robin\Application Data\macromedia\Flash Player\#SharedObjects\259QFVR4\www.broadcaster.com
    C:\Documents and Settings\guerette robin\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
    C:\Documents and Settings\guerette robin\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
    C:\Documents and Settings\guerette robin\Application Data\WinAntiSpyware 2006
    C:\Documents and Settings\guerette robin\Application Data\WinAntiSpyware 2006\Logs\update.log
    C:\Documents and Settings\guerette robin\Application Data\WinIFixer.com
    C:\Documents and Settings\guerette robin\Desktop\DriveCleaner Free.lnk
    C:\Documents and Settings\guerette robin\err.log
    C:\Documents and Settings\guerette robin\ResErrors.log
    C:\Program Files\AntiVirGear 3(2).8
    C:\Program Files\AntiVirGear 3(2).8\ignored.lst
    C:\Program Files\Common Files\drivecleaner free
    C:\Program Files\DriveCleaner Free
    C:\Program Files\DriveCleaner Free\Activate.dat
    C:\Program Files\DriveCleaner Free\Appbase\AE_CD_Cr.dat
    C:\Program Files\DriveCleaner Free\Appbase\AReadr4.dat
    C:\Program Files\DriveCleaner Free\Appbase\AReadr5.dat
    C:\Program Files\DriveCleaner Free\Appbase\ASDSEEpv.dat
    C:\Program Files\DriveCleaner Free\Appbase\ASPack.dat
    C:\Program Files\DriveCleaner Free\Appbase\Babylon.dat
    C:\Program Files\DriveCleaner Free\Appbase\BDelphi5.dat
    C:\Program Files\DriveCleaner Free\Appbase\CatchUp.dat
    C:\Program Files\DriveCleaner Free\Appbase\CBuildr5.dat
    C:\Program Files\DriveCleaner Free\Appbase\CCGA.dat
    C:\Program Files\DriveCleaner Free\Appbase\CManager.dat
    C:\Program Files\DriveCleaner Free\Appbase\CuteFTP4.dat
    C:\Program Files\DriveCleaner Free\Appbase\CuteHTML.dat
    C:\Program Files\DriveCleaner Free\Appbase\DAcceler.dat
    C:\Program Files\DriveCleaner Free\Appbase\DiscJug.dat
    C:\Program Files\DriveCleaner Free\Appbase\ECDCreat4.dat
    C:\Program Files\DriveCleaner Free\Appbase\Far.dat
    C:\Program Files\DriveCleaner Free\Appbase\FFTsks.dat
    C:\Program Files\DriveCleaner Free\Appbase\FlashFXP.dat
    C:\Program Files\DriveCleaner Free\Appbase\FrntPage.dat
    C:\Program Files\DriveCleaner Free\Appbase\FrontPEx.dat
    C:\Program Files\DriveCleaner Free\Appbase\FtpEXP.dat
    C:\Program Files\DriveCleaner Free\Appbase\FtpVoya.dat
    C:\Program Files\DriveCleaner Free\Appbase\GetRight.dat
    C:\Program Files\DriveCleaner Free\Appbase\GoZilla.dat
    C:\Program Files\DriveCleaner Free\Appbase\GravMRU.dat
    C:\Program Files\DriveCleaner Free\Appbase\H_TxtPad.dat
    C:\Program Files\DriveCleaner Free\Appbase\HomeSite.dat
    C:\Program Files\DriveCleaner Free\Appbase\HotDogPr.dat
    C:\Program Files\DriveCleaner Free\Appbase\IconExtr.dat
    C:\Program Files\DriveCleaner Free\Appbase\iMesh.dat
    C:\Program Files\DriveCleaner Free\Appbase\ImgReady3.dat
    C:\Program Files\DriveCleaner Free\Appbase\InsShExp.dat
    C:\Program Files\DriveCleaner Free\Appbase\JASC_P_P.dat
    C:\Program Files\DriveCleaner Free\Appbase\KaZaA.dat
    C:\Program Files\DriveCleaner Free\Appbase\LView.dat
    C:\Program Files\DriveCleaner Free\Appbase\MacDir.dat
    C:\Program Files\DriveCleaner Free\Appbase\MacDrWea.dat
    C:\Program Files\DriveCleaner Free\Appbase\MicAng.dat
    C:\Program Files\DriveCleaner Free\Appbase\MicDes.dat
    C:\Program Files\DriveCleaner Free\Appbase\MM_CON.dat
    C:\Program Files\DriveCleaner Free\Appbase\MMUnDisk.dat
    C:\Program Files\DriveCleaner Free\Appbase\Morpheus.dat
    C:\Program Files\DriveCleaner Free\Appbase\MPaint.dat
    C:\Program Files\DriveCleaner Free\Appbase\MPicPub.dat
    C:\Program Files\DriveCleaner Free\Appbase\MPImaGal.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSExplorer.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSoffice.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSRegEdit.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSWMP.dat
    C:\Program Files\DriveCleaner Free\Appbase\MSWordPad.dat
    C:\Program Files\DriveCleaner Free\Appbase\Nero.dat
    C:\Program Files\DriveCleaner Free\Appbase\NetShow.dat
    C:\Program Files\DriveCleaner Free\Appbase\NTBackup.dat
    C:\Program Files\DriveCleaner Free\Appbase\pfilelst.xda
    C:\Program Files\DriveCleaner Free\Appbase\PhotShel.dat
    C:\Program Files\DriveCleaner Free\Appbase\PHPCoder.dat
    C:\Program Files\DriveCleaner Free\Appbase\PowerZIP.dat
    C:\Program Files\DriveCleaner Free\Appbase\RapidBr.dat
    C:\Program Files\DriveCleaner Free\Appbase\RealAuPl.dat
    C:\Program Files\DriveCleaner Free\Appbase\RealDown.dat
    C:\Program Files\DriveCleaner Free\Appbase\SecurCRT.dat
    C:\Program Files\DriveCleaner Free\Appbase\SL_BlWin.dat
    C:\Program Files\DriveCleaner Free\Appbase\SmartClr.dat
    C:\Program Files\DriveCleaner Free\Appbase\Sonique.dat
    C:\Program Files\DriveCleaner Free\Appbase\StuffIt.dat
    C:\Program Files\DriveCleaner Free\Appbase\TelepPro.dat
    C:\Program Files\DriveCleaner Free\Appbase\UGifAnim.dat
    C:\Program Files\DriveCleaner Free\Appbase\UltraEd.dat
    C:\Program Files\DriveCleaner Free\Appbase\UMedStud.dat
    C:\Program Files\DriveCleaner Free\Appbase\UPhImpV.dat
    C:\Program Files\DriveCleaner Free\Appbase\UPhotoEx.dat
    C:\Program Files\DriveCleaner Free\Appbase\UVidStud.dat
    C:\Program Files\DriveCleaner Free\Appbase\VNC.dat
    C:\Program Files\DriveCleaner Free\Appbase\WebFeret.dat
    C:\Program Files\DriveCleaner Free\Appbase\WebReap.dat
    C:\Program Files\DriveCleaner Free\Appbase\WinACE.dat
    C:\Program Files\DriveCleaner Free\Appbase\WinGate.dat
    C:\Program Files\DriveCleaner Free\Appbase\WinRAR.dat
    C:\Program Files\DriveCleaner Free\Appbase\WinZIP.dat
    C:\Program Files\DriveCleaner Free\Appbase\WiseInst.dat
    C:\Program Files\DriveCleaner Free\Appbase\wordslst.xda
    C:\Program Files\DriveCleaner Free\Appbase\YahooPl.dat
    C:\Program Files\DriveCleaner Free\Appbase\ZipMagic.dat
    C:\Program Files\DriveCleaner Free\atl71.dll
    C:\Program Files\DriveCleaner Free\AV.dat
    C:\Program Files\DriveCleaner Free\bnlink.dat
    C:\Program Files\DriveCleaner Free\diagnosis.dat
    C:\Program Files\DriveCleaner Free\err.log
    C:\Program Files\DriveCleaner Free\errors.log
    C:\Program Files\DriveCleaner Free\InstHelp.exe
    C:\Program Files\DriveCleaner Free\lapv.dat
    C:\Program Files\DriveCleaner Free\license.rtf
    C:\Program Files\DriveCleaner Free\manual.url
    C:\Program Files\DriveCleaner Free\mfc71.dll
    C:\Program Files\DriveCleaner Free\msvcp71.dll
    C:\Program Files\DriveCleaner Free\msvcr71.dll
    C:\Program Files\DriveCleaner Free\pv.dat
    C:\Program Files\DriveCleaner Free\readme.rtf
    C:\Program Files\DriveCleaner Free\remnag.dat
    C:\Program Files\DriveCleaner Free\ResErrors.log
    C:\Program Files\DriveCleaner Free\ScanReport.dat
    C:\Program Files\DriveCleaner Free\Schedule.dat
    C:\Program Files\DriveCleaner Free\sr.log
    C:\Program Files\DriveCleaner Free\support.url
    C:\Program Files\DriveCleaner Free\UDC.dmp
    C:\Program Files\DriveCleaner Free\UDC.xml
    C:\Program Files\DriveCleaner Free\UDC6V.url
    C:\Program Files\DriveCleaner Free\unins000.dat
    C:\Program Files\DriveCleaner Free\unins000.exe
    C:\Program Files\DriveCleaner Free\uninstall.ico
    C:\Program Files\DriveCleaner Free\up.dat
    C:\Program Files\DriveCleaner Free\UpdateData\upd2328042008.dat
    C:\Program Files\DriveCleaner Free\updater.dat
    C:\Program Files\DriveCleaner Free\vbpv.dat
    C:\Program Files\key generator
    C:\Program Files\key generator\Key Generator.url
    C:\Program Files\key generator\KeyGenerator.exe.manifest
    C:\Program Files\video activex object
    C:\WINDOWS\system32\ctfmona.exe
    C:\WINDOWS\system32\drivers\bjQ75.sys
    C:\WINDOWS\system32\drivers\dkR18.sys
    C:\WINDOWS\system32\drivers\emT20.sys
    C:\WINDOWS\system32\drivers\fmS42.sys
    C:\WINDOWS\system32\drivers\hpW18.sys
    C:\WINDOWS\system32\drivers\jrY18.sys
    C:\WINDOWS\system32\drivers\ksA64.sys
    C:\WINDOWS\system32\UpMedia

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_bjQ75
    -------\Service_dkR18
    -------\Service_emT20
    -------\Service_fmS42
    -------\Service_hpW18
    -------\Service_jrY18
    -------\Service_ksA64
    -------\Legacy_BJQ31
    -------\Legacy_EMT42
    -------\Service_aiP42
    -------\Service_bjQ31
    -------\Service_cjQ42
    -------\Service_emT42
    -------\Service_saH07
    -------\Service_ucI64
    -------\Service_weL42
    -------\Legacy_BJQ31
    -------\Legacy_EMT42


    ((((((((((((((((((((((((( Files Created from 2008-04-24 to 2008-05-24 )))))))))))))))))))))))))))))))
    .

    2008-05-20 12:08 . 2008-05-20 12:08 <DIR> d-------- C:\Documents and Settings\guerette robin\Application Data\Malwarebytes
    2008-05-20 12:07 . 2008-05-20 12:08 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-05-20 12:07 . 2008-05-20 12:07 <DIR> d-------- C:\Program Files\Common Files\Download Manager
    2008-05-20 12:07 . 2008-05-20 12:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-05-20 12:07 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-05-20 12:07 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-05-18 23:25 . 2008-05-20 01:29 4,242 --a------ C:\WINDOWS\system32\tmp.reg
    2008-05-18 13:57 . 2008-05-18 13:57 <DIR> d-------- C:\Program Files\Trend Micro
    2008-05-17 13:06 . 2008-05-17 13:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg8
    2008-05-17 12:50 . 2008-05-17 12:50 <DIR> d-------- C:\Documents and Settings\guerette robin\Application Data\AVGTOOLBAR
    2008-05-15 23:59 . 2008-05-15 23:59 118 --a------ C:\WINDOWS\system32\MRT.INI

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-05-21 04:34 --------- d-----w C:\Documents and Settings\guerette robin\Application Data\LimeWire
    2007-01-20 00:12 1,570 ----a-w C:\Program Files\INSTALL.LOG
    2007-01-21 05:25 88 --sh--r C:\WINDOWS\system32\96DFC4275B.sys
    2007-01-21 05:25 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
    .

    ((((((((((((((((((((((((((((( snapshot@2008-05-18_14.39.09.46 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-05-18 18:33:08 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-05-24 03:36:44 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2004-08-04 11:00:00 708,096 ----a-w C:\WINDOWS\system32\dllcache\ntdll.dll
    + 2008-05-24 03:37:07 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_9d4.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ModemOnHold"="C:\Program Files\NetWaiting\netWaiting.exe" [2003-09-10 04:24 20480]
    "DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" [2006-08-28 23:57 395776]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00 15360]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
    "MtdAcqu"="C:\Program Files\Creative\MediaSource5\MtdAcqu.exe" [2006-03-08 09:56 278528]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-15 01:20 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-12-14 01:44 98304]
    "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-12-14 01:41 77824]
    "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-12-14 01:45 118784]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 15:03 36975]
    "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-05-01 11:28 667718]
    "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-05-01 11:28 602182]
    "SigmatelSysTrayApp"="stsystra.exe" [2006-03-25 01:30 282624 C:\WINDOWS\stsystra.exe]
    "Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2006-08-03 20:51 1032192]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 20:48 761947]
    "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-06 03:05 127035]
    "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 18:50 221184]
    "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 18:50 81920]
    "VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 20:18 151552]
    "OASClnt"="C:\Program Files\McAfee.com\VSO\oasclnt.exe" [2005-08-12 00:02 53248]
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-18 13:31 1836544]
    "PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2006-08-22 17:32 184320]
    "VirusScan Online"="C:\Program Files\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 14:49 163840]
    "P2P Networking"="C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" [ ]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 19:05 257088]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-05-01 03:10 185896]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00 15360]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 00:05:26 29696]
    Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-01-11 23:15:12 24576]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 17:05:56 65588]
    Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-05-04 00:07:32 81920]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Dell\\MediaDirect\\PCMService.exe"=
    "C:\\Documents and Settings\\guerette robin\\Desktop\\LimeWire\\LimeWire.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Documents and Settings\\guerette robin\\My Documents\\LimeWire\\LimeWire.exe"=
    "C:\\StubInstaller.exe"=
    "C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
    "C:\\Program Files\\uTorrent\\utorrent.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Documents and Settings\\guerette robin\\Desktop\\eMule\\emule.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

    R1 sdcplh;sdcplh;C:\WINDOWS\system32\drivers\sdcplh.sys [2005-08-26 11:32]
    S3 MBAMCatchMe;MBAMCatchMe;C:\WINDOWS\system32\drivers\mbamcatchme.sys [2008-05-05 20:46]

    .
    Contents of the 'Scheduled Tasks' folder
    "2007-10-14 15:28:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-05-24 02:59:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    24 Mai 2008 17:23:31

    bonjour

    reposte un log hijackthis

    comment se comporte ton pc?
    25 Mai 2008 04:54:21

    Hey bien! Tout va très bien, en effet les cafards sont disparus ainsi que plusieurs autres petits problèmes! Merci!!!!!!!

    Voici le rapport hiLogfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:51, on 2008-05-24
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Dell Support\DSAgnt.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Creative\MediaSource5\MtdAcqu.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    c:\program files\mcafee\msc\mcuimgr.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
    C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe
    c:\program files\common files\installshield\updateservice\isuspm.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=en&client=dell-row-rel&channel...
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MtdAcqu] "C:\Program Files\Creative\MediaSource5\MtdAcqu.exe" /s
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

    --
    End of file - 11147 bytes
    jackthis demandé:
    25 Mai 2008 18:26:35

    bonjour

    scoobyrob

    ~Fais une analyse antivirus en ligne sur le site de Kaspersky
    http://webscanner.kaspersky.fr/

    ~ Clique sur Online Scanner.
    ~Accepte l'installation du contrôle ActiveX en cliquant sur le bouton Install.

    ~Sélectionne le poste de travail comme analyse.

    ~Enregistre le rapport en cliquant sur le bouton "Enregistrer rapport sous". Nomme-le, tu feras un copier/coller dans ta prochaine réponse.

    Tuto du scan en ligne


    +++++++++++++

    bayla
    j'efface tes messages, crée ton sujet: Rappels de cette section
    27 Mai 2008 18:00:40

    bon j'ai fait le scan mais pour le rapport je l'ai jamais vu!! une idée d'ou il peut etre?
    29 Mai 2008 07:24:29

    J'ai enfin réussi!!! hehe
    Thursday, May 29, 2008 1:20:46 AM
    Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky On-line Scanner version : 5.0.83.0
    Dernière mise à jour de la base antivirus Kaspersky : 29/05/2008
    Enregistrements dans la base antivirus Kaspersky : 721700


    Paramètres d'analyse
    Analyser avec la base antivirus suivante standard
    Analyser les archives vrai
    Analyser les bases de messagerie vrai

    Cible de l'analyse Poste de travail
    C:\
    D:\

    Statistiques de l'analyse
    Total d'objets analysés 57703
    Nombre de virus trouvés 6
    Nombre d'objets infectés 60 / 0
    Nombre d'objets suspects 0
    Durée de l'analyse 01:26:19

    Nom de l'objet infecté Nom du virus Dernière action
    C:\Documents and Settings\All Users\Application Data\McAfee\MNA\NAData L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\Events.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\McAfee.com\VSO\OASLogs\OAS.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt.log L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt_GTActions.log L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\gdql_d_DSAgnt.log L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\glog.log L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\java.class-26390b7d-538dfc59.class Infecté : Exploit.Java.Gimsh.a ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-1aa0919c-6c76cf7b.zip/BnnnnBaa.class Infecté : Trojan.Java.ClassLoader.as ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-1aa0919c-6c76cf7b.zip/VaannnaaBaa.class Infecté : Trojan.Java.ClassLoader.as ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-1aa0919c-6c76cf7b.zip/Bnnnnn.class Infecté : Trojan.Java.ClassLoader.as ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-1aa0919c-6c76cf7b.zip ZIP: infecté - 3 ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-47312985-5889dedc.zip/BnnnnBaa.class Infecté : Trojan.Java.ClassLoader.as ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-47312985-5889dedc.zip/VaannnaaBaa.class Infecté : Trojan.Java.ClassLoader.as ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-47312985-5889dedc.zip/Bnnnnn.class Infecté : Trojan.Java.ClassLoader.as ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-47312985-5889dedc.zip ZIP: infecté - 3 ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-5d1d74cd-5a8b6722.zip/BnnnnBaa.class Infecté : Trojan.Java.ClassLoader.as ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-5d1d74cd-5a8b6722.zip/VaannnaaBaa.class Infecté : Trojan.Java.ClassLoader.as ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-5d1d74cd-5a8b6722.zip/Bnnnnn.class Infecté : Trojan.Java.ClassLoader.as ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-5d1d74cd-5a8b6722.zip ZIP: infecté - 3 ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-2ee9ce09-3c63aab5.zip/BaaaaBaa.class Infecté : Exploit.Java.Gimsh.a ignoré

    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-2ee9ce09-3c63aab5.zip ZIP: infecté - 1 ignoré

    C:\Documents and Settings\guerette robin\Cookies\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Desktop\SmitfraudFix\Process.exe L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Application Data\Microsoft\Messenger\scooby-rob@hotmail.com\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Application Data\Microsoft\Messenger\scooby-rob@hotmail.com\SharingMetadata\pending.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Application Data\Microsoft\Messenger\scooby-rob@hotmail.com\SharingMetadata\Working\database_D694_A9C7_94A9_AA87\dfsr.db L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Application Data\Microsoft\Messenger\scooby-rob@hotmail.com\SharingMetadata\Working\database_D694_A9C7_94A9_AA87\fsr.log L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Application Data\Microsoft\Messenger\scooby-rob@hotmail.com\SharingMetadata\Working\database_D694_A9C7_94A9_AA87\fsrtmp.log L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Application Data\Microsoft\Messenger\scooby-rob@hotmail.com\SharingMetadata\Working\database_D694_A9C7_94A9_AA87\tmp.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Application Data\Microsoft\Windows Live Contacts\scooby-rob@hotmail.com\real\members.stg L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Application Data\Microsoft\Windows Live Contacts\scooby-rob@hotmail.com\shadow\members.stg L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\History\History.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Temp\~DF222F.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Temp\~DF3E67.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Temp\~DF3EB7.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Temp\~DFADC7.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Temp\~DFAF3F.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Temp\~DFF003.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Temp\~DFF01B.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\My Documents\Mes fichiers reçus\image_044.zip/_258.JPG_scooby-rob@hotmail.com Infecté : Trojan.Win32.Pakes.byj ignoré

    C:\Documents and Settings\guerette robin\My Documents\Mes fichiers reçus\image_044.zip ZIP: infecté - 1 ignoré

    C:\Documents and Settings\guerette robin\ntuser.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\guerette robin\Shared\cetait lhiver eric lapointe.mp3 Infecté : Trojan-Downloader.WMA.Wimad.n ignoré

    C:\Documents and Settings\guerette robin\Shared\cetait lhiver pornflake.mp3 Infecté : Trojan-Downloader.WMA.Wimad.n ignoré

    C:\Documents and Settings\guerette robin\Shared\come in to my dream foggy.mp3 Infecté : Trojan-Downloader.WMA.Wimad.n ignoré

    C:\Documents and Settings\guerette robin\Shared\hotaribi rythem.mp3 Infecté : Trojan-Downloader.WMA.Wimad.n ignoré

    C:\Documents and Settings\guerette robin\Shared\hotarubie rythem(1).mp3 Infecté : Trojan-Downloader.WMA.Wimad.n ignoré

    C:\Documents and Settings\guerette robin\Shared\hotarubie rythem.mp3 Infecté : Trojan-Downloader.WMA.Wimad.n ignoré

    C:\Documents and Settings\guerette robin\Shared\houki gumo pv rythem.mp3 Infecté : Trojan-Downloader.WMA.Wimad.n ignoré

    C:\Documents and Settings\guerette robin\Shared\in your eyes sasukesakura.mp3 Infecté : Trojan-Downloader.WMA.Wimad.n ignoré

    C:\Documents and Settings\guerette robin\Shared\je manque de nous.mp3 Infecté : Trojan-Downloader.WMA.Wimad.n ignoré

    C:\Documents and Settings\guerette robin\Shared\kain theatre des vampires.mp3 Infecté : Trojan-Downloader.WMA.Wimad.n ignoré

    C:\Documents and Settings\guerette robin\Shared\naruto opening r o c k.mp3 Infecté : Trojan-Downloader.WMA.Wimad.n ignoré

    C:\Documents and Settings\guerette robin\Shared\sonic battel 2.mp3 Infecté : Trojan-Downloader.WMA.Wimad.n ignoré

    C:\Documents and Settings\guerette robin\Shared\spider pig hommer simpsom.mp3 Infecté : Trojan-Downloader.WMA.Wimad.n ignoré

    C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\dbc2e.ht1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\dbdam L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\dbdao L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\dbeam L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\dbeao L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\dbm L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\dbu2d.ht1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\dbvm.cf1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\dbvmh.ht1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\fii.cf1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\fiih.ht1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\hp L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\hpt2i.ht1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\rpm.cf1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\rpm1m.cf1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\rpm1mh.ht1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\rpmh.ht1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\safeweb\goog-black-enchashm.cf1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\safeweb\goog-black-enchashmh.ht1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\safeweb\goog-black-urlm.cf1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\safeweb\goog-black-urlmh.ht1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\safeweb\goog-malware-domainm.cf1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\safeweb\goog-malware-domainmh.ht1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\safeweb\goog-white-domainm.cf1 L'objet est verrouillé ignoré

    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\3ef962068729\safeweb\goog-white-domainmh.ht1 L'objet est verrouillé ignoré

    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\master.mdf L'objet est verrouillé ignoré

    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\mastlog.ldf L'objet est verrouillé ignoré

    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\model.mdf L'objet est verrouillé ignoré

    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\modellog.ldf L'objet est verrouillé ignoré

    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\tempdb.mdf L'objet est verrouillé ignoré

    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\templog.ldf L'objet est verrouillé ignoré

    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\LOG\ERRORLOG L'objet est verrouillé ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\dkR18.sys.vir Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\emT20.sys.vir Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\fmS42.sys.vir Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\hpW18.sys.vir Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\jrY18.sys.vir Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\ksA64.sys.vir Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP219\snapshot\MFEX-1.DAT Infecté : Trojan-Downloader.Win32.Mutant.yf ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077287.dll Infecté : Trojan-Downloader.Win32.Mutant.yf ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077329.dll Infecté : Trojan-Downloader.Win32.Mutant.yf ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077348.dll Infecté : Trojan-Downloader.Win32.Mutant.yf ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077363.dll Infecté : Trojan-Downloader.Win32.Mutant.yf ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077379.dll Infecté : Trojan-Downloader.Win32.Mutant.yf ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077399.dll Infecté : Trojan-Downloader.Win32.Mutant.yf ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077425.dll Infecté : Trojan-Downloader.Win32.Mutant.yf ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077450.dll Infecté : Trojan-Downloader.Win32.Mutant.yf ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077466.dll Infecté : Trojan-Downloader.Win32.Mutant.yf ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077476.exe L'objet est verrouillé ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077509.dll Infecté : Trojan-Downloader.Win32.Mutant.yf ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077615.dll Infecté : Trojan-Downloader.Win32.Mutant.yf ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077647.sys Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077648.sys Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077649.sys Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077650.sys Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077652.dll Infecté : Trojan-Downloader.Win32.Mutant.yf ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077742.sys Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077743.sys Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077744.sys Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077745.sys Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077746.sys Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\A0077747.sys Infecté : Trojan-Dropper.Win32.Agent.ror ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP220\snapshot\MFEX-1.DAT Infecté : Trojan-Downloader.Win32.Mutant.yf ignoré

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP231\change.log L'objet est verrouillé ignoré

    C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

    C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré

    C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\Temp\mcmsc_0dppe2htfNMD0BW L'objet est verrouillé ignoré

    C:\WINDOWS\Temp\mcmsc_H3beusx7JzSQYrg L'objet est verrouillé ignoré

    C:\WINDOWS\Temp\Perflib_Perfdata_a3c.dat L'objet est verrouillé ignoré

    C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

    Analyse terminée.
    29 Mai 2008 21:04:54

    re
    les joies du p2p...

    supprime tous les fichiers/dossiers en gras:
    C:\QooBox
    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\java.class-26390b7d-538dfc59.class
    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-1aa0919c-6c76cf7b.zip
    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-47312985-5889dedc.zip
    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-5d1d74cd-5a8b6722.zip
    C:\Documents and Settings\guerette robin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-2ee9ce09-3c63aab5.zip
    C:\Documents and Settings\guerette robin\My Documents\Mes fichiers reçus\image_044.zip
    C:\Documents and Settings\guerette robin\Shared <<-- là dedans les mp3 que tu mets en partage et avec lesquels tu infectes d'autres gens, genre:C:\Documents and Settings\guerette robin\Shared\cetait lhiver pornflake.mp3 --> Trojan-Downloader.WMA.Wimad.n

    ~Désactive puis réactive la restauration en suivant ce tuto:
    http://service1.symantec.com/SUPPORT/INTER/tsgeninfoint...
    Il faudra désactiver la restauration, redémarrer l'ordinateur et réactiver aussitôt la restauration.



    reposte un log hijackthis et dis moi comment se comporte ton pc

    30 Mai 2008 06:30:16

    voici le rapport demandé...
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:28, on 2008-05-30
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Dell\MediaDirect\PCMService.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Dell Support\DSAgnt.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Creative\MediaSource5\MtdAcqu.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    c:\program files\mcafee\msc\mcuimgr.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=en&client=dell-row-rel&channel...
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MtdAcqu] "C:\Program Files\Creative\MediaSource5\MtdAcqu.exe" /s
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

    --
    End of file - 10918 bytes
    30 Mai 2008 06:31:09

    Bon pour ce qui est de mon pc, tout semble aller pour le mieux!!!!
    Merci!!
    30 Mai 2008 19:42:26

    re
    tu ferais bien de virer C:\WINDOWS\system32\P2P Networking

    adaware de kazza
    http://www.greatis.com/appdata/u/p/p2p%20networking.exe...

    Supprime tous les programmes installés pour la désinfection.


    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    ~Edite ton premier message (en cliquant sur la gomme) et marque [résolu] dans le titre.

    :hello: 
    1 Juin 2008 00:43:48

    Encore une fois merci!!! Je ne savais tellement pas quoi faire hehe!!
    1 Juin 2008 17:28:32

    de rien
    bon surf
    :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS