Votre question

virus "www.adtrgt.com"

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
31 Mars 2008 16:13:13

bonjour,
j ai un virus depuis quelque temps et je n arrive pas a m' en debarrasser.
Quand j'ouvre la fenetre d'internet explorer, il m'ouvre automatiquement,à côté, une fenetre avec l adresse suivante:www.adtrgt.com"

J'ai fait un rapport hijack, le voila:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:03:40, on 31/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: InternetProgram - {88C9B3C7-06B6-5C05-CFEC-C09DBC10CC30} - C:\Program Files\InternetProgram\InternetProgram-2.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background
O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: Open Picture in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1033\phdintl.dll/phdContext.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD39/JSCDL/jdk/6u5b/jinstall-6...
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 9270 bytes



Je vous remercie pour votre aide

Autres pages sur : virus www adtrgt com

31 Mars 2008 18:54:33

aidez moi s'il vous plait!!!!
a b 8 Sécurité
31 Mars 2008 18:58:14

Bonjour,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    Contenus similaires
    31 Mars 2008 22:13:48

    je te remercie, je viens de terminer le scan et voici le rapport:


    Malwarebytes' Anti-Malware 1.09
    Database version: 574

    Scan type: Full Scan (C:\|E:\|F:\|G:\|J:\|)
    Objects scanned: 156202
    Time elapsed: 2 hour(s), 19 minute(s), 12 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 21
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 8
    Files Infected: 39

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CLASSES_ROOT\dbreg.dbar (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9b7d013b-b2b2-4b95-91ff-b17ab22290bb} (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{cc11617c-259e-429c-9063-7d70b8355ebd} (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e2554085-b0bd-4f11-b252-32145d0a9257} (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\dbreg.dbar.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\dbreg.dbarbho (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\dbreg.dbarbho.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\dbreg.dbarenabler (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\dbreg.dbarenabler.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{80985322-3f89-4873-9bce-9297d217ccad} (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\elfwgps.bxdl (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\elfwgps.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DBReg.DBar (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DBReg.DBar.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DBReg.dbarBHO (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DBReg.dbarBHO.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DBReg.DbarEnabler (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DBReg.DbarEnabler.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Deskbar.exe (Adware.SoftMate) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dbar (Adware.SoftMate) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    C:\Program Files\Fichiers communs\Carlson (Dialer) -> Quarantined and deleted successfully.
    C:\Program Files\dbar (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\Cache (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\dsktp (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\icons (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\temp (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.

    Files Infected:
    C:\Program Files\dbar\deskbar.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\wupda.exe (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED2D4D7D-980E-4E94-8D26-59D92294CA34}\RP207\A0026545.exe (Rogue.PerformanceOptimizer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED2D4D7D-980E-4E94-8D26-59D92294CA34}\RP207\A0026568.exe (Rogue.PerformanceOptimizer) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED2D4D7D-980E-4E94-8D26-59D92294CA34}\RP276\A0040189.dll (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED2D4D7D-980E-4E94-8D26-59D92294CA34}\RP276\A0040204.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED2D4D7D-980E-4E94-8D26-59D92294CA34}\RP277\A0040266.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED2D4D7D-980E-4E94-8D26-59D92294CA34}\RP290\A0040916.exe (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED2D4D7D-980E-4E94-8D26-59D92294CA34}\RP292\A0041279.exe (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\basis.xml (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\channel.tmpl (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\content.tmpl (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\date.tmpl (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\dbaruninst.exe (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\deskbar.crc (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\deskbar.inf (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\edit_rss.tmpl (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\local.xml (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\nav1.bmp (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\nav2.bmp (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\new_alert.tmpl (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\version.ini (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\dbar\version.txt (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\version.ini (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\dsktp\AC_RunActiveContent.js (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\dsktp\desktop.html (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\dsktp\internetDetection.swf (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\dsktp\settings.sol (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\icons\bufferthis.ico (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\icons\flashfunpages.ico (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\icons\funnies.ico (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\icons\funnyfunpages.ico (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\icons\goodcleanvideos.ico (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\icons\newfunpages.ico (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\icons\positivethoughts.ico (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\icons\removespyware.ico (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\icons\thissiterocks.ico (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\Program Files\winvi\temp\version.ini (Adware.SoftMate) -> Quarantined and deleted successfully.
    C:\WINDOWS\fvqkfsp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    1 Avril 2008 11:24:03

    Y a t'il quelqu'un qui pourrait m'aider???
    a b 8 Sécurité
    1 Avril 2008 15:46:17

    Reposte un rapport Hijackthis.
    1 Avril 2008 23:12:30

    et voila le rapport hijack:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:19:16, on 01/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\3M\PSNLite\PsnLite.exe
    C:\PROGRA~1\3M\PSNLite\PSNGive.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\RealVNC\VNC4\WinVNC4.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL
    O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: InternetProgram - {88C9B3C7-06B6-5C05-CFEC-C09DBC10CC30} - C:\Program Files\InternetProgram\InternetProgram-2.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background
    O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
    O8 - Extra context menu item: Open Picture in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1033\phdintl.dll/phdContext.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.canalplay.com (HKLM)
    O15 - Trusted Zone: *.canalplusactive.com (HKLM)
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD39/JSCDL/jdk/6u5b/jinstall-6...
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

    --
    End of file - 9440 bytes
    2 Avril 2008 11:03:20

    quelqu'un pourrait regarder mon rapport hijack??
    a b 8 Sécurité
    2 Avril 2008 13:24:05

    Un peu de patience ?

    [#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    2 Avril 2008 13:44:53

    voila le rapport combofix

    ComboFix 08-04-01.2 - Propriétaire 2008-04-02 13:41:31.3 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.603 [GMT 2:00]
    Endroit: C:\Documents and Settings\Propriétaire.AMELBENT\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-03-02 to 2008-04-02 ))))))))))))))))))))))))))))))))))))
    .

    2008-04-02 13:08 . 2008-04-02 13:08 <REP> d-------- C:\Program Files\CFWebAdvancedU
    2008-04-02 13:08 . 2008-04-02 13:08 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\CamfrogWEB
    2008-04-02 13:08 . 2008-04-02 13:08 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\CamfrogWEB
    2008-04-02 13:08 . 2008-04-02 13:08 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\CamfrogWEB
    2008-03-31 22:32 . 2008-04-02 11:52 <REP> d-------- C:\Program Files\Windows Live
    2008-03-31 19:45 . 2008-03-31 19:45 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2008-03-31 19:41 . 2008-03-31 19:41 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Malwarebytes
    2008-03-31 19:41 . 2008-03-31 19:41 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Malwarebytes
    2008-03-31 19:41 . 2008-03-31 19:41 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Malwarebytes
    2008-03-31 19:41 . 2008-03-31 19:41 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
    2008-03-31 16:51 . 2008-03-31 16:51 <REP> d-------- C:\Program Files\RealVNC
    2008-03-31 16:03 . 2008-03-31 16:03 <REP> d-------- C:\Program Files\Trend Micro
    2008-03-31 13:23 . 2003-02-02 19:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
    2008-03-31 13:23 . 2002-03-06 00:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
    2008-03-31 13:22 . 2008-04-02 11:50 1,355 --a------ C:\WINDOWS\imsins.BAK
    2008-03-29 16:24 . 2008-03-29 16:24 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Snapfish
    2008-03-29 16:24 . 2008-03-29 16:24 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Snapfish
    2008-03-29 16:24 . 2008-03-29 16:24 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Snapfish
    2008-03-28 17:46 . 2008-03-28 17:46 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Deskbar_{CCF3B2DF-BC59-400d-B892-C02A87013B27}
    2008-03-28 17:46 . 2008-03-28 17:46 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Deskbar_{CCF3B2DF-BC59-400d-B892-C02A87013B27}
    2008-03-28 17:46 . 2008-03-28 17:46 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Deskbar_{CCF3B2DF-BC59-400d-B892-C02A87013B27}
    2008-03-28 13:01 . 2008-03-28 13:01 <REP> d-------- C:\Program Files\CCleaner
    2008-03-28 00:30 . 2008-03-28 00:30 244 --ah----- C:\sqmnoopt00.sqm
    2008-03-28 00:30 . 2008-03-28 00:30 232 --ah----- C:\sqmdata00.sqm
    2008-03-23 16:22 . 2008-03-23 16:22 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\dvdcss
    2008-03-23 16:22 . 2008-03-23 16:22 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\dvdcss
    2008-03-23 16:22 . 2008-03-23 16:22 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\dvdcss
    2008-03-22 23:49 . 2008-03-29 16:32 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Phone Browser
    2008-03-22 23:49 . 2008-03-29 16:32 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Phone Browser
    2008-03-22 14:06 . 2008-02-22 03:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
    2008-03-20 01:41 . 2008-03-11 18:07 245,760 --a------ C:\Program Files\Uninstall Ask Toolbar.dll
    2008-03-17 17:51 . 2004-03-02 18:37 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
    2008-03-17 17:51 . 2004-03-02 18:37 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
    2008-03-17 15:27 . 2008-04-02 13:00 <REP> d-------- C:\Program Files\InternetProgram
    2008-03-12 16:18 . 2000-06-26 12:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
    2008-03-11 18:32 . 2008-04-02 13:35 116 --a------ C:\WINDOWS\NeroDigital.ini
    2008-03-11 18:27 . 2008-03-11 18:27 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Nero
    2008-03-11 18:27 . 2008-03-11 18:27 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Nero
    2008-03-11 18:27 . 2008-03-11 18:27 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Nero
    2008-03-11 18:19 . 2008-03-12 19:22 <REP> d-------- C:\Program Files\Fichiers communs\Nero
    2008-03-11 18:19 . 2008-03-12 19:22 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
    2008-03-11 18:07 . 2008-03-12 00:25 <REP> d-------- C:\Program Files\AskTBar
    2008-03-10 13:17 . 2007-12-07 04:08 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
    2008-03-10 13:17 . 2007-07-01 05:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
    2008-03-10 13:17 . 2007-07-01 05:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
    2008-03-10 13:17 . 2007-12-07 04:08 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
    2008-03-10 13:17 . 2007-12-07 04:08 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
    2008-03-10 13:17 . 2007-12-07 04:08 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
    2008-03-10 13:17 . 2007-12-07 04:08 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
    2008-03-10 13:17 . 2007-12-07 04:08 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2008-03-10 13:17 . 2007-12-06 13:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
    2008-03-02 02:01 . 2008-03-02 02:01 2,359,350 --a------ C:\WINDOWS\ACD Wallpaper.bmp

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-02 09:54 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-04-02 09:51 --------- d-----w C:\Program Files\Project64 1.6
    2008-04-02 09:51 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2008-04-02 09:42 --------- d-----w C:\Program Files\LimeWire
    2008-04-02 09:40 --------- d-----w C:\Program Files\Google
    2008-04-02 09:39 --------- d-----w C:\Program Files\eMule
    2008-04-02 09:39 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Desperate Housewives
    2008-04-02 09:39 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Desperate Housewives
    2008-04-02 09:39 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Desperate Housewives
    2008-04-02 09:35 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\ACD Systems
    2008-04-02 09:33 --------- d-----w C:\Program Files\Lavasoft
    2008-04-02 09:33 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-04-02 09:33 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
    2008-04-01 12:24 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
    2008-03-31 20:33 --------- d-----w C:\Program Files\MSN Messenger
    2008-03-31 20:26 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
    2008-03-31 11:26 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
    2008-03-28 22:03 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-03-27 21:08 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\LimeWire
    2008-03-27 21:08 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\LimeWire
    2008-03-27 21:08 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\LimeWire
    2008-03-22 12:06 --------- d-----w C:\Program Files\Java
    2008-03-20 19:12 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Apple Computer
    2008-03-20 19:12 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Apple Computer
    2008-03-20 19:12 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Apple Computer
    2008-03-20 00:23 166 ----a-w C:\Program Files\results.txt
    2008-03-19 11:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-19 11:54 --------- d-----w C:\Program Files\CyberLink
    2008-03-17 15:51 --------- d-----w C:\Program Files\Ahead
    2008-03-14 15:46 --------- d-----w C:\Program Files\Azureus
    2008-03-14 15:44 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Azureus
    2008-03-14 15:44 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Azureus
    2008-03-14 15:44 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Azureus
    2008-03-08 12:17 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\TransRender
    2008-03-08 12:17 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\TransRender
    2008-03-08 12:17 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\TransRender
    2008-03-08 12:00 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Temporary
    2008-03-08 12:00 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Temporary
    2008-03-08 12:00 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Temporary
    2008-02-28 19:42 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Simple Star
    2008-02-28 19:42 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Simple Star
    2008-02-28 19:42 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Simple Star
    2008-02-28 17:25 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ACD Systems
    2008-02-28 17:25 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ACD Systems
    2008-02-28 17:25 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ACD Systems
    2008-02-28 17:21 9,856 ----a-w C:\WINDOWS\system32\drivers\pfc.sys
    2008-02-26 12:36 --------- d-----w C:\Program Files\iTunes
    2008-02-26 12:36 --------- d-----w C:\Program Files\iPod
    2008-02-21 03:55 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ConvertTemp
    2008-02-21 03:55 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ConvertTemp
    2008-02-21 03:55 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ConvertTemp
    2008-02-20 12:46 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MSN6
    2008-02-20 12:46 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MSN6
    2008-02-20 12:46 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MSN6
    2008-02-20 12:46 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
    2008-02-14 18:57 --------- d-----w C:\Program Files\QuickTime
    2008-02-09 10:08 --------- d-----w C:\Program Files\microsoft frontpage
    2008-02-08 12:31 --------- d-----w C:\Program Files\Avira
    2008-02-08 12:31 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
    2008-02-08 11:26 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\3M
    2008-02-08 11:26 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\3M
    2008-02-08 11:26 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\3M
    2008-02-08 11:25 --------- d-----w C:\Program Files\3M
    2008-02-04 11:17 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2008-02-04 11:17 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender
    2008-02-01 23:55 83,456 ----a-w C:\WINDOWS\system32\VACFix.exe
    2008-01-27 13:37 81,920 ----a-w C:\WINDOWS\system32\IEDFix.exe
    2006-05-25 08:11 144 ----a-w C:\Program Files\vssver.scc
    2006-05-17 13:25 10,419 ----a-w C:\Program Files\NAMES_SP.TXT
    2006-05-15 12:13 10,773 ----a-w C:\Program Files\NAMES_DU.TXT
    2006-05-15 10:26 10,804 ----a-w C:\Program Files\NAMES_IT.TXT
    2006-05-12 16:57 9,991 ----a-w C:\Program Files\NAMES_EN.TXT
    2006-05-12 16:57 11,352 ----a-w C:\Program Files\NAMES_GE.TXT
    2006-05-12 16:57 10,959 ----a-w C:\Program Files\NAMES_FR.TXT
    2006-05-12 16:57 10,959 ----a-w C:\Program Files\Names.txt
    2005-11-18 09:59 264,118 ----a-w C:\Program Files\oui_id.txt
    2005-11-14 11:17 1,421,403 ----a-w C:\Program Files\AegisE5.dll
    2004-11-10 08:17 86,016 ----a-w C:\Program Files\Installrt2500qa.dll
    2004-11-10 08:17 122 ----a-w C:\Program Files\filespecrt2500qa
    2004-07-22 16:45 116 ----a-w C:\Program Files\filespecrtrt2500USB
    2004-06-03 15:00 73,728 ----a-w C:\Program Files\Install2500USB.dll
    2004-02-27 09:04 45,056 ----a-w C:\Program Files\DEDriverDLL.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88C9B3C7-06B6-5C05-CFEC-C09DBC10CC30}]
    2007-12-30 22:48 1019904 --a------ C:\Program Files\InternetProgram\InternetProgram-2.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15:00 15360]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
    "PhotoShow Deluxe Media Manager"="C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe" [ ]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [ ]
    "WinUpdater"="C:\Program Files\winvi\update.exe" [ ]
    "WebSUpdater"="C:\Program Files\winvi\wupda.exe" [ ]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
    "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
    "EoFlip"="" []
    "EoEngine"="" []
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-08 14:33 249896]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 00:13 385024]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [ ]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
    "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15:00 15360]
    "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]

    C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-18 00:05:56 65588]
    Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-01-08 21:17:01 124912]
    Post-it© Software Notes Lite.lnk - C:\Program Files\3M\PSNLite\PsnLite.exe [2004-10-15 15:26:54 2080768]

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "5900:TCP"= 5900:TCP:p ort vnc

    R0 tffsport;M-Systems DiskOnChip 2000;C:\WINDOWS\system32\DRIVERS\tffsport.sys [2004-08-03 23:00]
    S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys []
    S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-03-27 17:15:12 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-02 13:43:16
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-04-02 13:43:49
    ComboFix-quarantined-files.txt 2008-04-02 11:43:47
    ComboFix2.txt 2008-02-06 16:32:57
    Pre-Run: 40,987,131,904 octets libres
    Post-Run: 40,979,083,264 octets libres
    .
    2008-03-12 23:36:33 --- E O F ---
    2 Avril 2008 14:17:02

    ça mer sert a quoi??
    a b 8 Sécurité
    2 Avril 2008 14:55:56

    Tu as installé ce programme oui ou non ?
    2 Avril 2008 22:47:34

    ça y est il est installé
    3 Avril 2008 12:39:18

    ça y est je l'ai installé
    a b 8 Sécurité
    3 Avril 2008 17:13:00

    Nan mais je t'ai pas demandé d'installer le programme :/ 
    Je t'ai demandé si tu possèdais ce programme afin de savoir si celui était légitime ou non.
    3 Avril 2008 17:38:30

    ben non je l avais pas en fait
    a b 8 Sécurité
    3 Avril 2008 17:42:51

    Bah désinstalle-le alors. Reposte un rapport Hijackthis.
    3 Avril 2008 17:47:14

    voila le rapport

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:46:22, on 03/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\3M\PSNLite\PsnLite.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\PROGRA~1\3M\PSNLite\PSNGive.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\RealVNC\VNC4\WinVNC4.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL
    O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: InternetProgram - {88C9B3C7-06B6-5C05-CFEC-C09DBC10CC30} - C:\Program Files\InternetProgram\InternetProgram-2.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background
    O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
    O8 - Extra context menu item: Open Picture in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1033\phdintl.dll/phdContext.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.canalplay.com (HKLM)
    O15 - Trusted Zone: *.canalplusactive.com (HKLM)
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_a...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD39/JSCDL/jdk/6u5b/jinstall-6...
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

    --
    End of file - 8777 bytes
    a b 8 Sécurité
    3 Avril 2008 19:30:43

    Ton pc a encore des soucis ?

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background
    O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background
    3 Avril 2008 19:32:34

    ben ouais il a toujours des soucis et en plus, il s'éteind tout seul des fois et mes programmes se ferment au bout de qq minutes quand je m'en sert.
    3 Avril 2008 19:35:02

    ça y est j ai fixé les lignes
    a b 8 Sécurité
    3 Avril 2008 19:35:58

    Même prob ?
    3 Avril 2008 19:39:58

    ça a l'air d'etre cool. Je te redis si ça recommence, merci pour ton aide en tous cas.
    3 Avril 2008 20:07:54

    non en fait, ça le fait toujours quand je veux naviguer sur internet
    4 Avril 2008 13:08:03

    salut, mon probleme avec la page internet "www.adtrg......" s'ouvre toujours et mon pc s'eteind tout seul et mes programmes se ferment tout seul aussi quand je m'en sers. Je vous en prie aidez moi avant que je balance mon ordi par la fenêtre!!!
    a b 8 Sécurité
    4 Avril 2008 18:37:55

    Refais un scan Combofix.
    6 Avril 2008 20:27:47

    voila le scan combofix

    ComboFix 08-04-01.2 - Propriétaire 2008-04-06 14:19:24.5 - NTFSx86
    Endroit: C:\Documents and Settings\Propriétaire.AMELBENT\Bureau\ComboFix.exe

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-03-06 to 2008-04-06 ))))))))))))))))))))))))))))))))))))
    .

    2008-04-06 00:16 . 2008-04-06 00:16 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MailFrontier
    2008-04-06 00:16 . 2008-04-06 00:16 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MailFrontier
    2008-04-06 00:16 . 2008-04-06 00:16 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MailFrontier
    2008-04-06 00:11 . 2008-04-06 13:38 4,390,880 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
    2008-04-06 00:11 . 2008-04-06 13:38 5,492 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
    2008-04-06 00:07 . 2008-04-06 03:26 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MailFrontier
    2008-04-06 00:06 . 2008-04-06 00:09 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
    2008-04-06 00:05 . 2007-12-13 19:27 75,248 --a------ C:\WINDOWS\zllsputility.exe
    2008-04-06 00:05 . 2007-12-13 19:27 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
    2008-04-06 00:05 . 2007-12-13 19:27 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
    2008-04-06 00:05 . 2007-12-13 19:27 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
    2008-04-06 00:05 . 2007-12-13 19:27 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
    2008-04-06 00:05 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
    2008-04-06 00:03 . 2007-12-13 19:27 1,086,952 --a------ C:\WINDOWS\system32\zpeng24.dll
    2008-04-06 00:03 . 2008-04-06 13:58 360,555 --a------ C:\WINDOWS\system32\vsconfig.xml
    2008-04-04 19:12 . 2008-04-04 19:12 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Bitdefender
    2008-04-04 19:12 . 2008-04-04 19:12 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Bitdefender
    2008-04-04 19:12 . 2008-04-04 19:12 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Bitdefender
    2008-04-04 19:01 . 2008-04-04 19:01 <REP> d-------- C:\Program Files\Softwin
    2008-04-04 18:49 . 2008-04-04 18:49 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Simply Super Software
    2008-04-04 18:34 . 2008-04-05 14:44 <REP> d-------- C:\Program Files\Trojan Remover
    2008-04-04 18:34 . 2006-05-25 14:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
    2008-04-04 18:34 . 2005-08-26 00:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
    2008-04-04 18:34 . 2006-06-19 12:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
    2008-04-04 16:09 . 2008-03-29 19:23 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
    2008-04-04 16:09 . 2008-03-29 19:35 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2008-04-04 16:09 . 2008-01-17 17:34 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2008-04-04 16:09 . 2008-03-29 19:31 75,856 --a------ C:\WINDOWS\system32\drivers\aswSP.sys
    2008-04-04 16:09 . 2008-03-29 19:27 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2008-04-04 16:09 . 2008-03-29 19:26 26,944 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2008-04-04 16:09 . 2008-03-29 19:29 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2008-04-04 16:09 . 2008-03-29 19:35 20,560 --a------ C:\WINDOWS\system32\drivers\aswFsBlk.sys
    2008-04-04 16:08 . 2008-03-29 19:45 1,146,232 --a------ C:\WINDOWS\system32\aswBoot.exe
    2008-04-04 16:08 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
    2008-04-02 13:08 . 2008-04-02 13:08 <REP> d-------- C:\Program Files\CFWebAdvancedU
    2008-04-02 13:08 . 2008-04-02 13:08 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\CamfrogWEB
    2008-04-02 13:08 . 2008-04-02 13:08 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\CamfrogWEB
    2008-04-02 13:08 . 2008-04-02 13:08 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\CamfrogWEB
    2008-03-31 22:32 . 2008-04-02 11:52 <REP> d-------- C:\Program Files\Windows Live
    2008-03-31 19:45 . 2008-03-31 19:45 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2008-03-31 19:41 . 2008-03-31 19:41 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Malwarebytes
    2008-03-31 19:41 . 2008-03-31 19:41 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Malwarebytes
    2008-03-31 19:41 . 2008-03-31 19:41 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Malwarebytes
    2008-03-31 19:41 . 2008-03-31 19:41 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
    2008-03-31 16:51 . 2008-03-31 16:51 <REP> d-------- C:\Program Files\RealVNC
    2008-03-31 16:03 . 2008-03-31 16:03 <REP> d-------- C:\Program Files\Trend Micro
    2008-03-31 13:23 . 2003-02-02 19:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
    2008-03-31 13:23 . 2002-03-06 00:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
    2008-03-31 13:22 . 2008-04-02 11:52 1,355 --a------ C:\WINDOWS\imsins.BAK
    2008-03-29 16:24 . 2008-03-29 16:24 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Snapfish
    2008-03-29 16:24 . 2008-03-29 16:24 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Snapfish
    2008-03-29 16:24 . 2008-03-29 16:24 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Snapfish
    2008-03-28 17:46 . 2008-03-28 17:46 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Deskbar_{CCF3B2DF-BC59-400d-B892-C02A87013B27}
    2008-03-28 17:46 . 2008-03-28 17:46 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Deskbar_{CCF3B2DF-BC59-400d-B892-C02A87013B27}
    2008-03-28 17:46 . 2008-03-28 17:46 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Deskbar_{CCF3B2DF-BC59-400d-B892-C02A87013B27}
    2008-03-28 00:30 . 2008-03-28 00:30 244 --ah----- C:\sqmnoopt00.sqm
    2008-03-28 00:30 . 2008-03-28 00:30 232 --ah----- C:\sqmdata00.sqm
    2008-03-23 16:22 . 2008-03-23 16:22 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\dvdcss
    2008-03-23 16:22 . 2008-03-23 16:22 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\dvdcss
    2008-03-23 16:22 . 2008-03-23 16:22 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\dvdcss
    2008-03-22 23:49 . 2008-03-29 16:32 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Phone Browser
    2008-03-22 23:49 . 2008-03-29 16:32 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Phone Browser
    2008-03-22 14:06 . 2008-02-22 03:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
    2008-03-17 17:51 . 2004-03-02 18:37 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
    2008-03-17 17:51 . 2004-03-02 18:37 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
    2008-03-17 15:27 . 2008-04-06 03:27 <REP> d-------- C:\Program Files\InternetProgram
    2008-03-12 16:18 . 2000-06-26 12:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
    2008-03-11 18:32 . 2008-04-06 14:11 116 --a------ C:\WINDOWS\NeroDigital.ini
    2008-03-11 18:27 . 2008-03-11 18:27 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Nero
    2008-03-11 18:27 . 2008-03-11 18:27 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Nero
    2008-03-11 18:27 . 2008-03-11 18:27 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Nero
    2008-03-11 18:19 . 2008-03-12 19:22 <REP> d-------- C:\Program Files\Fichiers communs\Nero
    2008-03-11 18:19 . 2008-03-12 19:22 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
    2008-03-11 18:07 . 2008-03-12 00:25 <REP> d-------- C:\Program Files\AskTBar
    2008-03-10 13:17 . 2007-12-07 04:08 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
    2008-03-10 13:17 . 2007-07-01 05:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
    2008-03-10 13:17 . 2007-07-01 05:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
    2008-03-10 13:17 . 2007-12-07 04:08 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
    2008-03-10 13:17 . 2007-12-07 04:08 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
    2008-03-10 13:17 . 2007-12-07 04:08 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
    2008-03-10 13:17 . 2007-12-07 04:08 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
    2008-03-10 13:17 . 2007-12-07 04:08 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2008-03-10 13:17 . 2007-12-06 13:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-06 12:28 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2008-04-06 11:56 1,874,432 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
    2008-04-06 11:33 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2008-04-06 11:30 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-04-06 11:12 1,868,288 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
    2008-04-06 06:07 1,864,704 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
    2008-04-06 04:47 1,864,704 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
    2008-04-05 19:21 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
    2008-04-05 19:03 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
    2008-04-05 13:13 90,112 ----a-w C:\WINDOWS\DUMP5c77.tmp
    2008-04-05 12:45 90,112 ----a-w C:\WINDOWS\DUMP6002.tmp
    2008-04-04 17:02 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender
    2008-04-04 17:01 --------- d-----w C:\Program Files\Fichiers communs\Softwin
    2008-04-03 17:09 90,112 ----a-w C:\WINDOWS\DUMP5ae1.tmp
    2008-04-02 09:51 --------- d-----w C:\Program Files\Project64 1.6
    2008-04-02 09:42 --------- d-----w C:\Program Files\LimeWire
    2008-04-02 09:40 --------- d-----w C:\Program Files\Google
    2008-04-02 09:39 --------- d-----w C:\Program Files\eMule
    2008-04-02 09:39 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Desperate Housewives
    2008-04-02 09:39 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Desperate Housewives
    2008-04-02 09:39 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Desperate Housewives
    2008-04-02 09:35 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\ACD Systems
    2008-04-02 09:33 --------- d-----w C:\Program Files\Lavasoft
    2008-04-02 09:33 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-04-02 09:33 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
    2008-03-31 20:33 --------- d-----w C:\Program Files\MSN Messenger
    2008-03-31 20:26 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
    2008-03-28 22:03 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-03-27 21:08 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\LimeWire
    2008-03-27 21:08 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\LimeWire
    2008-03-27 21:08 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\LimeWire
    2008-03-22 12:06 --------- d-----w C:\Program Files\Java
    2008-03-20 19:12 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Apple Computer
    2008-03-20 19:12 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Apple Computer
    2008-03-20 19:12 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Apple Computer
    2008-03-20 00:23 166 ----a-w C:\Program Files\results.txt
    2008-03-19 11:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-19 11:54 --------- d-----w C:\Program Files\CyberLink
    2008-03-17 15:51 --------- d-----w C:\Program Files\Ahead
    2008-03-14 15:46 --------- d-----w C:\Program Files\Azureus
    2008-03-14 15:44 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Azureus
    2008-03-14 15:44 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Azureus
    2008-03-14 15:44 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Azureus
    2008-03-08 12:17 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\TransRender
    2008-03-08 12:17 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\TransRender
    2008-03-08 12:17 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\TransRender
    2008-03-08 12:00 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Temporary
    2008-03-08 12:00 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Temporary
    2008-03-08 12:00 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Temporary
    2008-02-28 19:42 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Simple Star
    2008-02-28 19:42 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Simple Star
    2008-02-28 19:42 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Simple Star
    2008-02-28 17:25 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ACD Systems
    2008-02-28 17:25 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ACD Systems
    2008-02-28 17:25 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ACD Systems
    2008-02-28 17:21 9,856 ----a-w C:\WINDOWS\system32\drivers\pfc.sys
    2008-02-26 12:36 --------- d-----w C:\Program Files\iTunes
    2008-02-26 12:36 --------- d-----w C:\Program Files\iPod
    2008-02-21 03:55 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ConvertTemp
    2008-02-21 03:55 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ConvertTemp
    2008-02-21 03:55 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ConvertTemp
    2008-02-20 12:46 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MSN6
    2008-02-20 12:46 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MSN6
    2008-02-20 12:46 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MSN6
    2008-02-20 12:46 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
    2008-02-14 18:57 --------- d-----w C:\Program Files\QuickTime
    2008-02-09 10:08 --------- d-----w C:\Program Files\microsoft frontpage
    2008-02-08 12:31 --------- d-----w C:\Program Files\Avira
    2008-02-08 12:31 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
    2008-02-08 11:26 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\3M
    2008-02-08 11:26 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\3M
    2008-02-08 11:26 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\3M
    2008-02-08 11:25 --------- d-----w C:\Program Files\3M
    2008-02-01 23:55 83,456 ----a-w C:\WINDOWS\system32\VACFix.exe
    2008-01-27 13:37 81,920 ----a-w C:\WINDOWS\system32\IEDFix.exe
    2006-05-25 08:11 144 ----a-w C:\Program Files\vssver.scc
    2006-05-17 13:25 10,419 ----a-w C:\Program Files\NAMES_SP.TXT
    2006-05-15 12:13 10,773 ----a-w C:\Program Files\NAMES_DU.TXT
    2006-05-15 10:26 10,804 ----a-w C:\Program Files\NAMES_IT.TXT
    2006-05-12 16:57 9,991 ----a-w C:\Program Files\NAMES_EN.TXT
    2006-05-12 16:57 11,352 ----a-w C:\Program Files\NAMES_GE.TXT
    2006-05-12 16:57 10,959 ----a-w C:\Program Files\NAMES_FR.TXT
    2006-05-12 16:57 10,959 ----a-w C:\Program Files\Names.txt
    2005-11-18 09:59 264,118 ----a-w C:\Program Files\oui_id.txt
    2005-11-14 11:17 1,421,403 ----a-w C:\Program Files\AegisE5.dll
    2004-11-10 08:17 86,016 ----a-w C:\Program Files\Installrt2500qa.dll
    2004-11-10 08:17 122 ----a-w C:\Program Files\filespecrt2500qa
    2004-07-22 16:45 116 ----a-w C:\Program Files\filespecrtrt2500USB
    2004-06-03 15:00 73,728 ----a-w C:\Program Files\Install2500USB.dll
    2004-02-27 09:04 45,056 ----a-w C:\Program Files\DEDriverDLL.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88C9B3C7-06B6-5C05-CFEC-C09DBC10CC30}]
    2007-12-30 22:48 1019904 --a------ C:\Program Files\InternetProgram\InternetProgram-2.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15:00 15360]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
    "PhotoShow Deluxe Media Manager"="C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe" [ ]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [ ]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
    "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
    "EoFlip"="" []
    "EoEngine"="" []
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-08 14:33 249896]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 00:13 385024]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [ ]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
    "TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-03-27 18:10 874064]
    "BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-04-04 21:46 290816]
    "BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-12-13 19:27 919016]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15:00 15360]
    "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]

    C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-18 00:05:56 65588]
    Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-01-08 21:17:01 124912]
    Post-it© Software Notes Lite.lnk - C:\Program Files\3M\PSNLite\PsnLite.exe [2004-10-15 15:26:54 2080768]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=sockspy.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "5900:TCP"= 5900:TCP:p ort vnc

    R0 tffsport;M-Systems DiskOnChip 2000;C:\WINDOWS\system32\DRIVERS\tffsport.sys [2004-08-03 23:00]
    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-04-03 16:15:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-06 14:32:42
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    --------------------- DLLs a chargé sous des processus courants ---------------------

    PROCESS: C:\WINDOWS\system32\winlogon.exe
    -> C:\WINDOWS\system32\sockspy.dll

    PROCESS: C:\WINDOWS\system32\lsass.exe
    -> C:\WINDOWS\system32\sockspy.dll
    .
    Temps d'accomplissement: 2008-04-06 14:35:09
    ComboFix-quarantined-files.txt 2008-04-06 12:34:58
    ComboFix2.txt 2008-04-05 19:53:23
    ComboFix3.txt 2008-04-02 11:43:50
    ComboFix4.txt 2008-02-06 16:32:57
    Pre-Run: 41,223,102,464 octets libres
    Post-Run: 41,273,999,360 octets libres
    .
    2008-03-12 23:36:33 --- E O F ---
    a b 8 Sécurité
    6 Avril 2008 20:43:59

    Désinstalle InternetProgram.
    6 Avril 2008 21:51:05

    ça y est j ai desinstaller Intern... Je n'ai plus le probleme de la page "http:adrtgr........" qui s'ouvre, mais j'ai mon pc qui s'éteind et se rallume tout seul et j'ai mes programmes qui se ferment en me disant quils ont rencontré des problemes
    a b 8 Sécurité
    6 Avril 2008 22:11:55

    Refais un scan Combofix.
    6 Avril 2008 22:42:53

    ComboFix 08-04-01.2 - Propriétaire 2008-04-06 22:17:46.6 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.532 [GMT 2:00]
    Endroit: C:\Documents and Settings\Propriétaire.AMELBENT\Bureau\ComboFix.exe
    * Resident AV is active


    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-03-06 to 2008-04-06 ))))))))))))))))))))))))))))))))))))
    .

    2008-04-06 00:16 . 2008-04-06 00:16 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MailFrontier
    2008-04-06 00:16 . 2008-04-06 00:16 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MailFrontier
    2008-04-06 00:16 . 2008-04-06 00:16 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MailFrontier
    2008-04-06 00:11 . 2008-04-06 21:36 4,390,880 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
    2008-04-06 00:11 . 2008-04-06 21:36 9,740 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
    2008-04-06 00:07 . 2008-04-06 03:26 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MailFrontier
    2008-04-06 00:06 . 2008-04-06 22:01 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
    2008-04-06 00:05 . 2007-12-13 19:27 75,248 --a------ C:\WINDOWS\zllsputility.exe
    2008-04-06 00:05 . 2007-12-13 19:27 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
    2008-04-06 00:05 . 2007-12-13 19:27 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
    2008-04-06 00:05 . 2007-12-13 19:27 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
    2008-04-06 00:05 . 2007-12-13 19:27 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
    2008-04-06 00:05 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
    2008-04-06 00:03 . 2007-12-13 19:27 1,086,952 --a------ C:\WINDOWS\system32\zpeng24.dll
    2008-04-06 00:03 . 2008-04-06 21:44 360,555 --a------ C:\WINDOWS\system32\vsconfig.xml
    2008-04-04 19:12 . 2008-04-04 19:12 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Bitdefender
    2008-04-04 19:12 . 2008-04-04 19:12 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Bitdefender
    2008-04-04 19:12 . 2008-04-04 19:12 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Bitdefender
    2008-04-04 19:01 . 2008-04-04 19:01 <REP> d-------- C:\Program Files\Softwin
    2008-04-04 18:49 . 2008-04-04 18:49 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Simply Super Software
    2008-04-04 16:09 . 2008-03-29 19:23 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
    2008-04-04 16:09 . 2008-03-29 19:35 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2008-04-04 16:09 . 2008-01-17 17:34 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2008-04-04 16:09 . 2008-03-29 19:31 75,856 --a------ C:\WINDOWS\system32\drivers\aswSP.sys
    2008-04-04 16:09 . 2008-03-29 19:27 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2008-04-04 16:09 . 2008-03-29 19:26 26,944 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2008-04-04 16:09 . 2008-03-29 19:29 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2008-04-04 16:09 . 2008-03-29 19:35 20,560 --a------ C:\WINDOWS\system32\drivers\aswFsBlk.sys
    2008-04-04 16:08 . 2008-03-29 19:45 1,146,232 --a------ C:\WINDOWS\system32\aswBoot.exe
    2008-04-04 16:08 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
    2008-04-02 13:08 . 2008-04-02 13:08 <REP> d-------- C:\Program Files\CFWebAdvancedU
    2008-04-02 13:08 . 2008-04-02 13:08 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\CamfrogWEB
    2008-04-02 13:08 . 2008-04-02 13:08 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\CamfrogWEB
    2008-04-02 13:08 . 2008-04-02 13:08 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\CamfrogWEB
    2008-03-31 22:32 . 2008-04-02 11:52 <REP> d-------- C:\Program Files\Windows Live
    2008-03-31 19:45 . 2008-03-31 19:45 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2008-03-31 19:41 . 2008-03-31 19:41 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Malwarebytes
    2008-03-31 19:41 . 2008-03-31 19:41 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Malwarebytes
    2008-03-31 19:41 . 2008-03-31 19:41 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Malwarebytes
    2008-03-31 19:41 . 2008-03-31 19:41 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
    2008-03-31 16:51 . 2008-03-31 16:51 <REP> d-------- C:\Program Files\RealVNC
    2008-03-31 16:03 . 2008-03-31 16:03 <REP> d-------- C:\Program Files\Trend Micro
    2008-03-31 13:23 . 2003-02-02 19:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
    2008-03-31 13:23 . 2002-03-06 00:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
    2008-03-31 13:22 . 2008-04-02 11:52 1,355 --a------ C:\WINDOWS\imsins.BAK
    2008-03-29 16:24 . 2008-03-29 16:24 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Snapfish
    2008-03-29 16:24 . 2008-03-29 16:24 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Snapfish
    2008-03-29 16:24 . 2008-03-29 16:24 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Snapfish
    2008-03-28 17:46 . 2008-03-28 17:46 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Deskbar_{CCF3B2DF-BC59-400d-B892-C02A87013B27}
    2008-03-28 17:46 . 2008-03-28 17:46 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Deskbar_{CCF3B2DF-BC59-400d-B892-C02A87013B27}
    2008-03-28 17:46 . 2008-03-28 17:46 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Deskbar_{CCF3B2DF-BC59-400d-B892-C02A87013B27}
    2008-03-28 00:30 . 2008-03-28 00:30 244 --ah----- C:\sqmnoopt00.sqm
    2008-03-28 00:30 . 2008-03-28 00:30 232 --ah----- C:\sqmdata00.sqm
    2008-03-23 16:22 . 2008-03-23 16:22 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\dvdcss
    2008-03-23 16:22 . 2008-03-23 16:22 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\dvdcss
    2008-03-23 16:22 . 2008-03-23 16:22 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\dvdcss
    2008-03-22 23:49 . 2008-03-29 16:32 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Phone Browser
    2008-03-22 23:49 . 2008-03-29 16:32 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Phone Browser
    2008-03-22 14:06 . 2008-02-22 03:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
    2008-03-17 17:51 . 2004-03-02 18:37 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
    2008-03-17 17:51 . 2004-03-02 18:37 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
    2008-03-12 16:18 . 2000-06-26 12:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
    2008-03-11 18:32 . 2008-04-06 14:11 116 --a------ C:\WINDOWS\NeroDigital.ini
    2008-03-11 18:27 . 2008-03-11 18:27 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Nero
    2008-03-11 18:27 . 2008-03-11 18:27 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Nero
    2008-03-11 18:27 . 2008-03-11 18:27 <REP> d-------- C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Nero
    2008-03-11 18:19 . 2008-03-12 19:22 <REP> d-------- C:\Program Files\Fichiers communs\Nero
    2008-03-11 18:19 . 2008-03-12 19:22 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
    2008-03-11 18:07 . 2008-03-12 00:25 <REP> d-------- C:\Program Files\AskTBar
    2008-03-10 13:17 . 2007-12-07 04:08 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
    2008-03-10 13:17 . 2007-07-01 05:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
    2008-03-10 13:17 . 2007-07-01 05:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
    2008-03-10 13:17 . 2007-12-07 04:08 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
    2008-03-10 13:17 . 2007-12-07 04:08 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
    2008-03-10 13:17 . 2007-12-07 04:08 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
    2008-03-10 13:17 . 2007-12-07 04:08 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
    2008-03-10 13:17 . 2007-12-07 04:08 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2008-03-10 13:17 . 2007-12-06 13:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-06 20:24 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    2008-04-06 20:21 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
    2008-04-06 19:42 48,128 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp
    2008-04-06 19:42 1,903,104 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp
    2008-04-06 19:36 125,952 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp
    2008-04-06 18:17 137,216 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp
    2008-04-06 18:04 1,182,208 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp
    2008-04-06 18:04 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
    2008-04-06 11:56 1,874,432 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
    2008-04-06 11:33 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2008-04-06 11:30 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-04-06 11:12 1,868,288 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
    2008-04-06 06:07 1,864,704 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
    2008-04-06 04:47 1,864,704 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
    2008-04-05 19:03 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
    2008-04-05 13:13 90,112 ----a-w C:\WINDOWS\DUMP5c77.tmp
    2008-04-05 12:45 90,112 ----a-w C:\WINDOWS\DUMP6002.tmp
    2008-04-04 17:02 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender
    2008-04-04 17:01 --------- d-----w C:\Program Files\Fichiers communs\Softwin
    2008-04-03 17:09 90,112 ----a-w C:\WINDOWS\DUMP5ae1.tmp
    2008-04-02 09:51 --------- d-----w C:\Program Files\Project64 1.6
    2008-04-02 09:42 --------- d-----w C:\Program Files\LimeWire
    2008-04-02 09:40 --------- d-----w C:\Program Files\Google
    2008-04-02 09:39 --------- d-----w C:\Program Files\eMule
    2008-04-02 09:39 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Desperate Housewives
    2008-04-02 09:39 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Desperate Housewives
    2008-04-02 09:39 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Desperate Housewives
    2008-04-02 09:35 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\ACD Systems
    2008-04-02 09:33 --------- d-----w C:\Program Files\Lavasoft
    2008-04-02 09:33 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-04-02 09:33 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
    2008-03-31 20:33 --------- d-----w C:\Program Files\MSN Messenger
    2008-03-31 20:26 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
    2008-03-28 22:03 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-03-27 21:08 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\LimeWire
    2008-03-27 21:08 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\LimeWire
    2008-03-27 21:08 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\LimeWire
    2008-03-22 12:06 --------- d-----w C:\Program Files\Java
    2008-03-20 19:12 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Apple Computer
    2008-03-20 19:12 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Apple Computer
    2008-03-20 19:12 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Apple Computer
    2008-03-20 00:23 166 ----a-w C:\Program Files\results.txt
    2008-03-19 11:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-19 11:54 --------- d-----w C:\Program Files\CyberLink
    2008-03-17 15:51 --------- d-----w C:\Program Files\Ahead
    2008-03-14 15:46 --------- d-----w C:\Program Files\Azureus
    2008-03-14 15:44 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Azureus
    2008-03-14 15:44 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Azureus
    2008-03-14 15:44 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Azureus
    2008-03-08 12:17 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\TransRender
    2008-03-08 12:17 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\TransRender
    2008-03-08 12:17 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\TransRender
    2008-03-08 12:00 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Temporary
    2008-03-08 12:00 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Temporary
    2008-03-08 12:00 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Temporary
    2008-02-28 19:42 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Simple Star
    2008-02-28 19:42 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Simple Star
    2008-02-28 19:42 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\Simple Star
    2008-02-28 17:25 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ACD Systems
    2008-02-28 17:25 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ACD Systems
    2008-02-28 17:25 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ACD Systems
    2008-02-28 17:21 9,856 ----a-w C:\WINDOWS\system32\drivers\pfc.sys
    2008-02-26 12:36 --------- d-----w C:\Program Files\iTunes
    2008-02-26 12:36 --------- d-----w C:\Program Files\iPod
    2008-02-21 03:55 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ConvertTemp
    2008-02-21 03:55 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ConvertTemp
    2008-02-21 03:55 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\ConvertTemp
    2008-02-20 12:46 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MSN6
    2008-02-20 12:46 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MSN6
    2008-02-20 12:46 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\MSN6
    2008-02-20 12:46 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
    2008-02-14 18:57 --------- d-----w C:\Program Files\QuickTime
    2008-02-09 10:08 --------- d-----w C:\Program Files\microsoft frontpage
    2008-02-08 11:26 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\3M
    2008-02-08 11:26 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\3M
    2008-02-08 11:26 --------- d-----w C:\Documents and Settings\Propriétaire.AMELBENT\Application Data\3M
    2008-02-08 11:25 --------- d-----w C:\Program Files\3M
    2008-02-01 23:55 83,456 ----a-w C:\WINDOWS\system32\VACFix.exe
    2008-01-27 13:37 81,920 ----a-w C:\WINDOWS\system32\IEDFix.exe
    2006-05-25 08:11 144 ----a-w C:\Program Files\vssver.scc
    2006-05-17 13:25 10,419 ----a-w C:\Program Files\NAMES_SP.TXT
    2006-05-15 12:13 10,773 ----a-w C:\Program Files\NAMES_DU.TXT
    2006-05-15 10:26 10,804 ----a-w C:\Program Files\NAMES_IT.TXT
    2006-05-12 16:57 9,991 ----a-w C:\Program Files\NAMES_EN.TXT
    2006-05-12 16:57 11,352 ----a-w C:\Program Files\NAMES_GE.TXT
    2006-05-12 16:57 10,959 ----a-w C:\Program Files\NAMES_FR.TXT
    2006-05-12 16:57 10,959 ----a-w C:\Program Files\Names.txt
    2005-11-18 09:59 264,118 ----a-w C:\Program Files\oui_id.txt
    2005-11-14 11:17 1,421,403 ----a-w C:\Program Files\AegisE5.dll
    2004-11-10 08:17 86,016 ----a-w C:\Program Files\Installrt2500qa.dll
    2004-11-10 08:17 122 ----a-w C:\Program Files\filespecrt2500qa
    2004-07-22 16:45 116 ----a-w C:\Program Files\filespecrtrt2500USB
    2004-06-03 15:00 73,728 ----a-w C:\Program Files\Install2500USB.dll
    2004-02-27 09:04 45,056 ----a-w C:\Program Files\DEDriverDLL.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15:00 15360]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
    "PhotoShow Deluxe Media Manager"="C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe" [ ]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [ ]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
    "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
    "EoFlip"="" []
    "EoEngine"="" []
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 00:13 385024]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [ ]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
    "BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-04-04 21:46 290816]
    "BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-12-13 19:27 919016]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15:00 15360]
    "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]

    C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-18 00:05:56 65588]
    Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-01-08 21:17:01 124912]
    Post-it© Software Notes Lite.lnk - C:\Program Files\3M\PSNLite\PsnLite.exe [2004-10-15 15:26:54 2080768]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=sockspy.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "5900:TCP"= 5900:TCP:p ort vnc

    R0 tffsport;M-Systems DiskOnChip 2000;C:\WINDOWS\system32\DRIVERS\tffsport.sys [2004-08-03 23:00]
    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]

    *Newly Created Service* - WINVNC4
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-04-03 16:15:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-06 22:28:05
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    --------------------- DLLs a chargé sous des processus courants ---------------------

    PROCESS: C:\WINDOWS\system32\winlogon.exe
    -> C:\WINDOWS\system32\sockspy.dll

    PROCESS: C:\WINDOWS\system32\lsass.exe
    -> C:\WINDOWS\system32\sockspy.dll
    .
    Temps d'accomplissement: 2008-04-06 22:31:55
    ComboFix-quarantined-files.txt 2008-04-06 20:31:31
    ComboFix2.txt 2008-04-06 12:35:12
    ComboFix3.txt 2008-04-05 19:53:23
    ComboFix4.txt 2008-04-02 11:43:50
    ComboFix5.txt 2008-02-06 16:32:57
    Pre-Run: 41,164,914,688 octets libres
    Post-Run: 41,178,071,040 octets libres
    .
    2008-03-12 23:36:33 --- E O F ---
    a b 8 Sécurité
    7 Avril 2008 12:57:34

    Tu as encore des soucis ?
    7 Avril 2008 14:24:01

    oui l'ordi s'eteind tout seul et se rallume tout seul. J'ai parfois des beugs lors du demarrage
    a b 8 Sécurité
    7 Avril 2008 14:29:58

    Quel genre de bug ?
    7 Avril 2008 14:34:41

    il me dis que windows s'est mal fermé ou il s'allume et l'écran ne s'allume pas, il m'a meme demander u mot de passe pour ouvrir ma session (alors que je n'ai pas activé cette option), que j'ai un probleme dans le systeme et qu'il faut le réparer avec le cd d'installation...
    a b 8 Sécurité
    7 Avril 2008 14:40:22

    Tu as le cd de windows ?
    a b 8 Sécurité
    7 Avril 2008 17:52:55

    Tu as essayé la réparation ?
    7 Avril 2008 21:03:15

    non, pas encore car il me le dis pas a chaque fois. et aussi il m'affiche "le systeme a recuperer d'une erreure serieuse"
    7 Avril 2008 21:48:43

    ouais mais je crois que je vais finir par le formater car ça me soule trop. merci pour ton aide je te recontacte en cas de problemes
    a b 8 Sécurité
    8 Avril 2008 12:18:04

    Tente la réparation au moins.
    9 Avril 2008 17:35:47

    j'ai essayé la reparation mais il m'a réinstaller XP, et depuis j'ai plein de probleme d'erreur comme "IRQL_NOT_LESS_OR_EQUAL", ou "PAGE_FAULT_IN_NONPAGED_AREA", ou DRIVER_IRQL_NOT_LESS_OR_EQUAL" , ou "System32\Drivers\Ntfs.sys". C'est pas bon signe????
    a b 8 Sécurité
    10 Avril 2008 18:08:27

    C'est pas un problème de virus ça :/ 
    Il est légal ton cd de windows ?
    10 Avril 2008 19:21:59

    ben non c est un gravé. Et maintenant j'ai mon éran qui ne s"allume plus
    a b 8 Sécurité
    11 Avril 2008 12:39:04

    Ton cd d'installation, pirate, est corrompu.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS