Se connecter / S'enregistrer
Votre question

SVP aide trojan!!!!

Tags :
  • Trojan
  • Sécurité
Dernière réponse : dans Sécurité et virus
24 Avril 2008 01:00:06

Voila bonjour à tous cela fait déja deux jours que j'essai d'éliminer mon trojan.agent mais je n'y arrive toujours pas. Je suis déja alleé sur différents forums pour voir la manip à suivre mais impossible de le supprimer (rrrrrrrrrrrrrrrrr). SVP y a-t-il quelqu'un qui pourrait m'aider pour l'enlever. J'ai déja essayer de l'enlever en sans échec, cela fonctionne mais dès que je reviens en normal le trojan revient. Je vous laisse mon hijackthis. Merci de pouvoir m'aider!!!!!!!!!!!!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:41:30, on 24/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Explorer.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Users\Sylvain\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://format.packardbell.com/cgi-bin/redirect/?country...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Sylvain\AppData\Local\Temp\tuvTnLca.dll,#1
O4 - HKCU\..\Run: [MS Juan] rundll32 "C:\Users\Sylvain\AppData\Local\Temp\icphcjcy.dll",run
O4 - HKCU\..\Run: [BMcb620d07] Rundll32.exe "C:\Users\Sylvain\AppData\Local\Temp\naipfaby.dll",s
O4 - HKCU\..\Run: [c8513e9b] rundll32.exe "C:\Users\Sylvain\AppData\Local\Temp\antbduvs.dll",b
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Sylvain\AppData\Local\Temp\hggedaBQ.dll,c
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 8234 bytes

Autres pages sur : svp aide trojan

a b 8 Sécurité
24 Avril 2008 12:03:09

Un bonjour ?

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    24 Avril 2008 13:08:26

    Merci de répondre et de m'aider. Voici le rapport de combofix:

    ComboFix 08-04-22.5 - Sylvain 2008-04-24 13:03:00.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1166 [GMT 2:00]
    Endroit: C:\Users\Sylvain\Desktop\ComboFix.exe
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-03-24 to 2008-04-24 ))))))))))))))))))))))))))))))))))))
    .

    Pas de nouveau fichier créé dans cet espace de temps

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-24 10:52 --------- d---a-w C:\PROGRA~2\TEMP
    2008-04-23 22:40 --------- d-----w C:\Program Files\BitComet
    2008-04-23 22:09 --------- d-----w C:\PROGRA~2\Microsoft Help
    2008-04-23 21:08 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-04-23 21:08 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
    2008-04-23 21:07 --------- d-----w C:\Program Files\Enigma Software Group
    2008-04-23 17:48 --------- d-----w C:\PROGRA~2\ESET
    2008-04-23 17:09 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-04-23 17:07 --------- d-----w C:\Program Files\Symantec
    2008-04-23 17:07 --------- d-----w C:\PROGRA~2\Symantec
    2008-04-23 15:19 --------- d-----w C:\Users\Sylvain\AppData\Roaming\NeroDigital™
    2008-04-22 22:07 --------- d-----w C:\PROGRA~2\TmForever
    2008-04-22 22:05 13,119 ----a-w C:\Users\Sylvain\AppData\Roaming\nvModes.dat
    2008-04-22 00:32 --------- d-----w C:\Program Files\MSBuild
    2008-04-21 23:33 --------- d-----w C:\Program Files\MagicISO
    2008-04-21 23:19 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys
    2008-04-21 23:18 --------- d-----w C:\Users\Sylvain\AppData\Roaming\DAEMON Tools
    2008-04-21 10:45 --------- d-----w C:\Program Files\Spyware Doctor
    2008-04-20 20:34 --------- d-----w C:\Program Files\Common Files\Nero
    2008-04-20 20:31 --------- d-----w C:\Program Files\Nero
    2008-04-20 20:31 --------- d-----w C:\PROGRA~2\Nero
    2008-04-20 18:45 --------- d-----w C:\Program Files\NeroInstall.bak
    2008-04-20 18:42 --------- d-----w C:\Users\Sylvain\AppData\Roaming\Nero
    2008-04-20 13:43 --------- d-----w C:\Users\Sylvain\AppData\Roaming\BitTorrent
    2008-04-20 12:38 --------- d-----w C:\Users\Sylvain\AppData\Roaming\PC Tools
    2008-04-19 16:28 --------- d-----w C:\PROGRA~2\Roxio
    2008-04-18 19:01 --------- d-----w C:\Program Files\DivX
    2008-04-18 18:45 --------- d-----w C:\Program Files\Google
    2008-04-18 16:28 --------- d-----w C:\Program Files\Alwil Software
    2008-04-09 19:52 --------- d-----w C:\Program Files\Windows Mail
    2008-04-09 07:40 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-04-09 07:40 --------- d-----w C:\Program Files\OFFICE One v7
    2008-04-08 13:03 --------- d-----w C:\Program Files\Sony
    2008-04-08 12:57 --------- d-----w C:\Users\Sylvain\AppData\Roaming\Publish Providers
    2008-04-08 12:53 --------- d-----w C:\Users\Sylvain\AppData\Roaming\Sony
    2008-04-07 22:36 --------- d-----w C:\Program Files\IVCsoft
    2008-04-07 22:31 --------- d-----w C:\Program Files\Common Files\SWF Studio
    2008-04-06 18:32 --------- d-----w C:\Program Files\Common Files\Steam
    2008-04-05 19:05 --------- d-----w C:\Program Files\Common Files\Adobe
    2008-04-05 15:41 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
    2008-04-01 18:40 --------- d-----w C:\PROGRA~2\Motive
    2008-03-31 21:25 831,488 ----a-w C:\Windows\System32\divx_xx0a.dll
    2008-03-31 21:25 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
    2008-03-31 21:25 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
    2008-03-31 21:25 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
    2008-03-31 21:25 682,496 ----a-w C:\Windows\System32\DivX.dll
    2008-03-31 21:25 161,096 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
    2008-03-29 17:32 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
    2008-03-21 20:30 524,288 ----a-w C:\Windows\System32\DivXsm.exe
    2008-03-21 20:30 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
    2008-03-21 20:30 200,704 ----a-w C:\Windows\System32\ssldivx.dll
    2008-03-21 20:30 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
    2008-03-21 20:28 81,920 ----a-w C:\Windows\System32\dpl100.dll
    2008-03-21 20:28 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
    2008-03-21 20:28 57,344 ----a-w C:\Windows\System32\dpv11.dll
    2008-03-21 20:28 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
    2008-03-21 20:28 344,064 ----a-w C:\Windows\System32\dpus11.dll
    2008-03-21 20:28 294,912 ----a-w C:\Windows\System32\dpu11.dll
    2008-03-21 20:28 294,912 ----a-w C:\Windows\System32\dpu10.dll
    2008-03-21 20:28 196,608 ----a-w C:\Windows\System32\dtu100.dll
    2008-03-21 20:28 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
    2008-02-29 06:51 19,000 ----a-w C:\Windows\System32\kd1394.dll
    2008-02-29 06:39 40,960 ----a-w C:\Windows\System32\srclient.dll
    2008-02-29 06:39 371,712 ----a-w C:\Windows\System32\srcore.dll
    2008-02-29 06:38 313,856 ----a-w C:\Windows\System32\rstrui.exe
    2008-02-29 06:38 16,384 ----a-w C:\Windows\System32\srdelayed.exe
    2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll
    2008-02-29 06:34 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll
    2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys
    2008-02-28 15:38 972,072 ----a-w C:\Windows\UNNeroMediaHome.exe
    2008-02-28 11:26 1,414,440 ----a-w C:\Windows\System32\ShellManager310E2D762.dll
    2008-02-26 14:14 972,072 ----a-w C:\Windows\UNRecode.exe
    2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
    2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-21 04:43 296,448 ----a-w C:\Windows\System32\gdi32.dll
    2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2008-02-19 05:10 620,088 ----a-w C:\Windows\System32\ci.dll
    2008-02-18 14:04 95,600 ----a-w C:\Windows\System32\NeroCo.dll
    2008-02-16 13:03 194,560 ----a-w C:\Windows\System32\WebClnt.dll
    2008-02-16 12:58 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
    2008-02-16 12:58 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
    2008-02-16 12:58 24,064 ----a-w C:\Windows\System32\netcfg.exe
    2008-02-16 12:58 22,016 ----a-w C:\Windows\System32\netiougc.exe
    2008-02-16 12:58 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
    2008-02-16 12:57 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-16 12:57 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-16 12:57 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-02-16 12:57 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
    2008-02-16 12:57 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-16 12:57 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-16 12:57 1,686,528 ----a-w C:\Windows\System32\gameux.dll
    2008-02-16 12:54 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2008-02-14 23:19 944,184 ----a-w C:\Windows\System32\winload.exe
    2008-01-13 21:42 174 --sha-w C:\Program Files\desktop.ini
    2007-07-05 14:26 65,536 --sha-w C:\Windows\oem\mp\boot\bootstat.dat
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SmpcSys"="C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe" [ ]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 17:07 1828136]
    "cmds"="C:\Users\Sylvain\AppData\Local\Temp\hggedaBQ.dll" [2008-04-22 21:23 272384]
    "BMcb620d07"="C:\Users\Sylvain\AppData\Local\Temp\mbjvaohm.dll" [2008-04-24 00:42 95808]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-07-05 16:33 1006264]
    "JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" [2007-03-20 23:36 36864]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-24 19:02 174616]
    "IaNvSrv"="C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe" [2007-07-24 19:02 33304]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-24 00:40 857648]
    "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 11:40 232184]
    "toolbar_eula_launcher"="C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 18:20 28672]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-04-04 20:41 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-04-04 20:41 8429568]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-04-04 20:41 81920]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-09 14:32 185784]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 16:29 2221352]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{C7E4031F-F56A-4ED4-9D70-83146DBE0CFE}"= UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
    "{6A08423E-895D-4F45-94FF-AC1F63BFAAF8}"= TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
    "{1DD4720B-974A-4E35-814B-F24337281A3E}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{F6EDC7FE-523D-475F-89E4-C145D34065FA}"= UDP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
    "{68D43E5B-8D79-4AD8-8F4B-F83E3462541D}"= TCP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
    "{F10CBE99-7895-4F3F-9858-CE3E5332B37E}"= UDP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
    "{ED0ED371-52A1-442A-B023-4CD9EA45E99F}"= TCP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
    "TCP Query User{CF53D7B4-0D78-4F28-937F-E7D5F054736B}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
    "UDP Query User{BC6F40E9-F6D2-44FE-8C5D-AD9906C4EF24}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
    "{A669F0AC-9A48-40D5-99E5-67BA37BD41BE}"= UDP:C:\Program Files\DNA\btdna.exe:D NA
    "{3DEDCE70-9819-4FBC-8D52-EB0A8797447E}"= TCP:C:\Program Files\DNA\btdna.exe:D NA
    "TCP Query User{0662AC40-8A3B-473B-8865-8548F552E5A8}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
    "UDP Query User{857B5874-5625-4243-9FBD-11CCC180733C}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
    "TCP Query User{7E64EB95-CBB9-44FC-8A2E-759210CE0482}C:\\program files\\valve\\steam\\steamapps\\sylvain041\\counter-strike source\\hl2.exe"= UDP:C:\program files\valve\steam\steamapps\sylvain041\counter-strike source\hl2.exe:hl2
    "UDP Query User{47E18EE0-5C49-4E16-9C47-296C45890BA0}C:\\program files\\valve\\steam\\steamapps\\sylvain041\\counter-strike source\\hl2.exe"= TCP:C:\program files\valve\steam\steamapps\sylvain041\counter-strike source\hl2.exe:hl2
    "TCP Query User{88281983-3534-47D2-BA75-D912F7627003}C:\\program files\\valve\\steam\\steamapps\\common\\trackmania nations forever\\tmforever.exe"= UDP:C:\program files\valve\steam\steamapps\common\trackmania nations forever\tmforever.exe:TmForever
    "UDP Query User{AEAA518C-A239-4AE5-A999-98B84135FF23}C:\\program files\\valve\\steam\\steamapps\\common\\trackmania nations forever\\tmforever.exe"= TCP:C:\program files\valve\steam\steamapps\common\trackmania nations forever\tmforever.exe:TmForever

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

    R0 iaNvStor;Intel(R) Turbo Memory Controller;C:\Windows\system32\DRIVERS\iaNvStor.sys [2007-07-09 14:28]
    R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-03-29 19:32]
    R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys [2007-01-08 13:38]
    R3 X10Hid;X10 Hid Device;C:\Windows\system32\Drivers\x10hid.sys [2006-11-17 10:31]
    R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 09:51]
    S3 Boonty Games;Boonty Games;"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe" [2007-12-30 16:01]
    S3 Start BT in service;Start BT in service;C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-04-26 09:22]
    S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-04-06 19:36]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7adbf0e4-d962-11dc-a110-00030d000001}]
    \shell\AutoRun\command - G:\LaunchU3.exe -a

    *Newly Created Service* - CATCHME
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-04-24 10:59:59 C:\Windows\Tasks\Extension de garantie.job"
    - C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe
    "2008-04-24 10:59:59 C:\Windows\Tasks\Recovery DVD Creator.job"
    - C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe
    "2008-04-23 20:21:08 C:\Windows\Tasks\User_Feed_Synchronization-{E84B188D-AACB-4345-9424-A05BA2820EE9}.job"
    - C:\Windows\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-24 13:05:03
    Windows 6.0.6000 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 64

    **************************************************************************
    .
    --------------------- DLLs a chargé sous des processus courants ---------------------

    PROCESS: C:\Windows\Explorer.exe
    -> C:\Users\Sylvain\AppData\Local\Temp\mgnclsmb.dll
    -> C:\Users\Sylvain\AppData\Local\Temp\mbjvaohm.dll
    -> C:\Users\Sylvain\AppData\Local\Temp\hggedaBQ.dll
    .
    Temps d'accomplissement: 2008-04-24 13:05:55
    ComboFix-quarantined-files.txt 2008-04-24 11:05:51

    Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
    Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.

    205 --- E O F --- 2008-04-23 20:11:12
    Contenus similaires
    a b 8 Sécurité
    24 Avril 2008 13:28:29

    Mbam devrait nettoyer tout ça :) 

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    24 Avril 2008 18:37:47

    Voila dons j'ai bien exécuté MalwareByte's Anti-Malware et il avait détecter plusieurs virus. J'ai suivi la marche à suivre et voici le rapport:

    Malwarebytes' Anti-Malware 1.11
    Version de la base de données: 676

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 120429
    Temps écoulé: 1 hour(s), 0 minute(s), 0 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 4
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 3

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmds (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BMcb620d07 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\c8513e9b (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Users\Sylvain\AppData\Local\Temp\hggedaBQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Sylvain\AppData\Local\Temp\mbjvaohm.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Sylvain\AppData\Local\Temp\mgnclsmb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    [#ff9b00][/#ffc600]

    Après avoir redémaré j'ai fait un nouveau scan avec spybot doctor et ils semblent avoir disparus. Merci de bien vouloir me dire ce qu'il en est.
    a b 8 Sécurité
    24 Avril 2008 21:04:37

    Reposte un rapport Hijackthis.
    24 Avril 2008 23:59:36

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:47:38, on 24/04/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Spyware Doctor\pctsTray.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\Program Files\BitComet\BitComet.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Users\Sylvain\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://format.packardbell.com/cgi-bin/redirect/?country...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
    O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
    O13 - Gopher Prefix:
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 8752 bytes
    26 Avril 2008 12:20:30

    Bonjour, désolé pour le retard j'ai eu quelques difficultés à désinstaller avast et à faire la mise à jour de antivir. Voila le rapport:


    Avira AntiVir Personal
    Report file date: samedi 26 avril 2008 11:27

    Scanning for 1237787 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows Vista
    Windows version: (plain) [6.0.6000]
    Boot mode: Normally booted
    Username: SYSTEM
    Computer name: PC-DE-SYLVAIN

    Version information:
    BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 25/04/2008 21:07:30
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 25/04/2008 21:07:30
    LUKE.DLL : 8.1.2.9 151809 Bytes 25/04/2008 21:07:31
    LUKERES.DLL : 8.1.2.1 12033 Bytes 25/04/2008 21:07:31
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 21:07:33
    ANTIVIR2.VDF : 7.0.3.197 1260032 Bytes 22/04/2008 21:07:33
    ANTIVIR3.VDF : 7.0.3.216 137216 Bytes 25/04/2008 21:07:33
    Engineversion : 8.1.0.35
    AEVDF.DLL : 8.1.0.5 102772 Bytes 25/04/2008 21:07:34
    AESCRIPT.DLL : 8.1.0.27 233851 Bytes 25/04/2008 21:07:33
    AESCN.DLL : 8.1.0.14 119156 Bytes 25/04/2008 21:07:33
    AERDL.DLL : 8.1.0.20 418165 Bytes 25/04/2008 21:07:33
    AEPACK.DLL : 8.1.1.2 364917 Bytes 25/04/2008 21:07:33
    AEOFFICE.DLL : 8.1.0.18 192890 Bytes 25/04/2008 21:07:33
    AEHEUR.DLL : 8.1.0.20 1196406 Bytes 25/04/2008 21:07:33
    AEHELP.DLL : 8.1.0.14 115063 Bytes 25/04/2008 21:07:33
    AEGEN.DLL : 8.1.0.18 299381 Bytes 25/04/2008 21:07:33
    AEEMU.DLL : 8.1.0.5 430450 Bytes 25/04/2008 21:07:33
    AECORE.DLL : 8.1.0.27 168310 Bytes 25/04/2008 21:07:33
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 25/04/2008 21:07:30
    AVPREF.DLL : 8.0.0.1 25857 Bytes 25/04/2008 21:07:30
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
    AVREG.DLL : 8.0.0.0 30977 Bytes 25/04/2008 21:07:30
    AVARKT.DLL : 1.0.0.23 307457 Bytes 25/04/2008 21:07:30
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 25/04/2008 21:07:30
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 25/04/2008 21:07:32
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 25/04/2008 21:07:32
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/04/2008 21:07:32
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 25/04/2008 21:07:25
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 25/04/2008 21:07:25

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: samedi 26 avril 2008 11:27

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'ieuser.exe' - '1' Module(s) have been scanned
    Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
    Scan process 'CPSHelpRunner.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
    Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
    Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
    Scan process 'ehtray.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'realsched.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'RoxWatchTray9.exe' - '1' Module(s) have been scanned
    Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'RoxMediaDB9.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'X10nets.exe' - '1' Module(s) have been scanned
    Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'pctsTray.exe' - '1' Module(s) have been scanned
    Scan process 'pctsSvc.exe' - '1' Module(s) have been scanned
    Scan process 'pctsAuxs.exe' - '1' Module(s) have been scanned
    Scan process 'RoxWatch9.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'AluSchedulerSvc.exe' - '1' Module(s) have been scanned
    Scan process 'IAANTmon.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
    Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'dwm.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
    Scan process 'audiodg.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsm.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'wininit.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    56 processes with 56 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '13' files ).


    Starting the file scan:

    Begin scan in 'C:\' <HDD>
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Windows\System32\drivers\sptd.sys
    [WARNING] The file could not be opened!


    End of the scan: samedi 26 avril 2008 12:13
    Used time: 45:48 min

    The scan has been done completely.

    64811 Scanning directories
    566701 Files were scanned
    0 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    3 Files cannot be scanned
    566701 Files not concerned
    7485 Archives were scanned
    3 Warnings
    0 Notes

    Par contre depuis toutes ces opérations je n'ai plus d'éxécution automatique pour mes cd et clé usb, j'ai beau configurer mon ordi mais rien ne se passe. Savez vous de quoi cela vient? Merci
    a b 8 Sécurité
    26 Avril 2008 12:28:37

    Bizarre. Dans le Gestionnaire des périphériques, tes ports UBS sont ok ?
    26 Avril 2008 12:59:28

    oui ils sont ok et même les cd ne s'éxécutent plus automatiquement!!!
    a b 8 Sécurité
    26 Avril 2008 14:45:23

    Tu devrais voir dans la section Hardware pour ça. Aucun des outils utilisés ne touchent aux composants.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS