Se connecter / S'enregistrer
Votre question

Cheval de Troie, aidez moi, aidez mon pc

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
Anonyme
10 Février 2008 18:30:28

Bonjour à tous
Histoire : Il y a 3 / 4 jours, Virusscan ( mon antivirus ) détecte deux cheval de troie, il en supprime un, et l'autre ne peut pas être supprimer car il es dans un fichier de C:\system\system32 ce nommant mhplinq.dll. A partir de la mon pc est incroyablement lent, et presque impossible de lancer quoi que se soit en rapport avec windows, internet explorer met 10 min et encore après c'est pas finit, firefox met du temps mais est utilisable. J'ai branché mon disque dur sur un autre pc et j'ai supprimer ce fichier .dll, mon pc marche bocoup mieux depuis, mais c'est pas finit, de temps en temps virusscan détecte d'autre cheval de troie dans mon dossier temp, je redémare et il le supprime, mais j'ai plein de pub ( x et autres ... ) et mon pc rame et explorer plante... Merci de m'aider @bientôt

Autres pages sur : cheval troie aidez aidez

Anonyme
10 Février 2008 20:07:33

J'ai fait un scan

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:05:00, on 10/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Microsoft SQL Server\MSSQL$SOPHOS\Binn\sqlservr.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Delux\PS2 Keyboard English Edition\keyboard.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Florian\LOCALS~1\Temp\Rar$EX01.250\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [20fffcb3] rundll32.exe "C:\WINDOWS\system32\oxevjcal.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\jeux\steam\steam.exe" -silent
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinPrint.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: PS2 Keyboard English Edition.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Sophos Enterprise Manager Scheduler (SEMScheduler) - Unknown owner - C:\Program Files\Sophos\SCC\schdsrvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: Sophos Agent - Unknown owner - C:\Program Files\Sophos\SCC\Remote Management System\ManagementAgentNT.exe (file missing)
O23 - Service: Sophos Certification Manager - Unknown owner - C:\Program Files\Sophos\SCC\CertificationManagerServiceNT.exe (file missing)
O23 - Service: Sophos EMLibUpdate Agent - Unknown owner - C:\Program Files\Sophos\SCC\Remote Management System\EMLibUpdateAgentNT.exe (file missing)
O23 - Service: Sophos Management Service - Unknown owner - C:\Program Files\Sophos\SCC\MgntSvc.exe (file missing)
O23 - Service: Sophos Message Router - Unknown owner - C:\Program Files\Sophos\SCC\Remote Management System\RouterNT.exe (file missing)

--
End of file - 6437 bytes
10 Février 2008 20:14:56

Salut,

Télécharge Combofix (de sUBs) sur ton Bureau.

Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
Double clique combofix.exe.
Tape sur la touche 1 (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Le rapport se trouve ici : C:\Combofix.txt
Contenus similaires
Anonyme
10 Février 2008 20:37:58

@XmichouX merci de ton aide voici le rapport :

ComboFix 08-02.05.3 - Florian 2008-02-10 20:27:52.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1028 [GMT 1:00]
Endroit: C:\Dl\ComboFix.exe
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\vtstq.dll
C:\WINDOWS\system32\xxyaabc.dll
C:\WINDOWS\system32\feqdlaps.ini
C:\WINDOWS\system32\ihkmp.ini
C:\WINDOWS\system32\ihkmp.ini2
C:\WINDOWS\system32\khumsqld.dll
C:\WINDOWS\system32\lacjvexo.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mhpslinq.dllbox
C:\WINDOWS\system32\oxevjcal.dll
C:\WINDOWS\system32\qtstv.ini
C:\WINDOWS\system32\qtstv.ini2
C:\WINDOWS\system32\revbpttg.dll
C:\WINDOWS\system32\spaldqef.dll
C:\WINDOWS\system32\tuvvvss.dll
C:\WINDOWS\system32\vtstq.dll
C:\WINDOWS\system32\vyhrrklm.dll
C:\WINDOWS\system32\xxyaabc.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-10 to 2008-02-10 ))))))))))))))))))))))))))))))))))))
.

2008-02-09 22:09 . 2008-02-09 22:09 92 --a------ C:\WINDOWS\wininit.ini
2008-02-09 00:47 . 2008-02-09 22:16 594 ---hs---- C:\WINDOWS\system32\wkqyjhvn.ini
2008-02-08 23:04 . 2008-02-08 23:04 <REP> d-------- C:\Program Files\Fichiers communs\Sophos
2008-02-08 23:04 . 2008-02-08 23:04 <REP> d-------- C:\Program Files\Fichiers communs\Crystal Decisions
2008-02-08 23:04 . 2008-02-08 23:04 <REP> d-------- C:\Program Files\Crystal Decisions
2008-02-08 23:02 . 2002-12-17 16:23 33,340 --------- C:\WINDOWS\system32\dbmsqlgc.dll
2008-02-08 23:02 . 2002-10-20 14:05 24,576 --------- C:\WINDOWS\system32\dbmsgnet.dll
2008-02-08 22:59 . 2008-02-08 22:59 <REP> d-------- C:\Program Files\Microsoft SQL Server
2008-02-08 13:24 . 2008-02-09 22:23 <REP> d-------- C:\quarantine
2008-02-06 15:14 . 2008-02-06 15:15 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-02-05 23:03 . 2008-02-05 23:03 <REP> d-------- C:\Program Files\Guitar Pro 4
2008-02-05 22:58 . 2008-02-10 20:33 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-05 22:58 . 2004-08-30 21:00 1,441,792 --a------ C:\WINDOWS\system32\WinPrint.exe
2008-02-05 22:58 . 2008-02-05 22:59 37,888 --a------ C:\WINDOWS\system32\rar.exe
2008-02-05 20:53 . 2008-02-05 20:53 <REP> d-------- C:\Program Files\Audacity
2008-02-03 21:46 . 2008-02-05 19:54 <REP> d-------- C:\Program Files\Windows Live Safety Center
2008-02-02 11:14 . 2008-02-02 11:14 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-02-02 10:58 . 2008-02-02 10:58 <REP> d-------- C:\Program Files\Alcohol Soft
2008-02-02 10:58 . 2004-04-30 09:37 160,640 --a------ C:\WINDOWS\system32\drivers\a347bus.sys
2008-02-02 10:58 . 2004-04-30 09:33 5,248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys
2008-01-31 23:03 . 2003-06-12 23:25 7,062 --a------ C:\WINDOWS\system32\audiopid.vxd
2008-01-31 23:02 . 2008-02-02 18:54 <REP> d-------- C:\Program Files\Creative
2008-01-31 23:02 . 2000-05-22 09:58 647,872 --------- C:\WINDOWS\system32\Mscomct2.ocx
2008-01-31 23:02 . 1999-10-10 18:00 41,984 --------- C:\WINDOWS\Ctregrun.exe
2008-01-31 22:58 . 2008-01-31 22:58 <REP> d-------- C:\Program Files\Mobiola Web Camera for S60 3Ed
2008-01-31 22:58 . 2006-11-01 18:45 219,264 --a------ C:\WINDOWS\system32\drivers\BTCamDrv.sys
2008-01-31 18:50 . 2008-01-31 18:50 <REP> d-------- C:\Documents and Settings\Florian\Application Data\Subversion
2008-01-31 18:49 . 2008-01-31 18:49 <REP> d-------- C:\Program Files\TortoiseSVN
2008-01-30 14:01 . 2008-01-30 14:01 <REP> d-------- C:\Program Files\vanBasco's Karaoke Player
2008-01-29 23:30 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-01-29 23:30 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-01-29 21:41 . 2008-01-29 21:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ATI
2008-01-29 21:40 . 2008-01-29 21:40 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-01-29 21:02 . 2008-01-29 21:02 <REP> d-------- C:\Program Files\ma-config.com
2008-01-29 21:02 . 2008-01-29 21:05 <REP> d-------- C:\Documents and Settings\Florian\Application Data\ma-config.com
2008-01-29 20:28 . 2008-01-29 20:28 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-01-29 20:02 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2008-01-29 20:00 . 2008-01-29 20:00 <REP> d-------- C:\Program Files\MSXML 4.0
2008-01-29 19:58 . 2008-01-29 19:58 <REP> d-------- C:\Program Files\MSXML 6.0
2008-01-29 19:55 . 2008-01-29 19:55 <REP> d-------- C:\Program Files\MSBuild
2008-01-29 19:52 . 2008-01-29 19:52 <REP> d-------- C:\WINDOWS\system32\XPSViewer
2008-01-29 19:51 . 2008-01-29 19:51 <REP> d-------- C:\Program Files\Reference Assemblies
2008-01-29 19:50 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2008-01-29 19:49 . 2008-01-29 19:49 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-01-29 19:49 . 2006-10-04 15:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-01-29 19:49 . 2006-10-04 15:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-01-29 19:49 . 2006-10-04 15:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-01-29 19:47 . 2008-01-29 20:42 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-01-29 19:47 . 2008-01-29 20:05 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-01-29 19:47 . 2008-01-29 19:48 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-01-29 19:45 . 2008-02-10 20:25 <REP> d-------- C:\Dl
2008-01-29 19:44 . 2006-08-21 10:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2008-01-29 19:44 . 2006-08-21 10:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2008-01-29 19:44 . 2006-08-21 13:26 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2008-01-29 19:37 . 2008-01-29 19:37 <REP> d-------- C:\WINDOWS\system32\URTTEMP
2008-01-29 19:35 . 2008-01-29 19:35 1,167 --a------ C:\WINDOWS\mozver.dat
2008-01-29 19:33 . 2007-07-09 14:11 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-01-29 19:16 . 2008-01-29 19:16 <REP> d-------- C:\Documents and Settings\Florian\Application Data\Talkback
2008-01-29 19:15 . 2008-01-29 23:32 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-01-29 19:15 . 2008-01-29 19:15 0 --a------ C:\WINDOWS\nsreg.dat
2008-01-29 19:14 . 2008-01-29 19:14 <REP> d--hs---- C:\Documents and Settings\Florian\UserData
2008-01-29 18:40 . 2008-01-29 18:40 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-01-29 18:40 . 2008-01-29 19:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-29 18:40 . 2008-01-29 18:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-01-29 18:39 . 2008-01-29 18:39 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-01-29 18:39 . 2008-01-29 18:39 <REP> d-------- C:\Documents and Settings\Florian\Contacts
2008-01-29 18:38 . 2008-01-29 18:38 <REP> d-------- C:\Program Files\CCleaner
2008-01-29 18:36 . 2008-01-29 18:39 <REP> d-------- C:\Program Files\Windows Live
2008-01-29 18:36 . 2008-01-29 18:39 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-29 18:36 . 2008-01-29 18:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-29 18:35 . 2008-01-29 18:40 <REP> d-------- C:\Program Files\MSN Messenger
2008-01-29 18:32 . 2008-02-10 17:06 512 --a------ C:\WINDOWS\randseed.rnd
2008-01-27 20:41 . 2008-01-27 20:41 <REP> d-------- C:\Documents and Settings\Florian\Application Data\Nokia Multimedia Player
2008-01-27 20:37 . 2008-01-28 22:34 <REP> d-------- C:\Documents and Settings\Florian\Phone Browser
2008-01-27 20:37 . 2008-01-27 20:37 <REP> d-------- C:\Documents and Settings\Florian\Application Data\Nokia
2008-01-27 20:37 . 2008-01-27 20:37 <REP> d-------- C:\Documents and Settings\Florian\Application Data\Datalayer
2008-01-27 20:34 . 2008-01-29 21:07 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-01-27 20:34 . 2008-01-27 20:34 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2008-01-27 20:34 . 2008-01-27 20:34 <REP> d-------- C:\Program Files\DIFX
2008-01-27 20:34 . 2008-01-27 20:34 <REP> d-------- C:\Documents and Settings\Florian\Application Data\PC Suite
2008-01-27 20:34 . 2008-01-27 20:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-01-27 20:34 . 2008-01-27 20:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-01-27 20:34 . 2006-05-29 08:26 127,488 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-01-27 20:34 . 2006-05-29 08:26 50,688 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-01-27 20:34 . 2006-05-29 08:26 30,720 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-01-27 20:34 . 2006-05-29 08:26 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-01-27 20:34 . 2006-05-29 08:26 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-01-27 20:34 . 2006-05-29 08:26 8,704 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-01-27 20:34 . 2006-05-29 08:26 4,608 --a------ C:\WINDOWS\system32\nmwcdlog.dll
2008-01-27 20:33 . 2008-02-05 23:03 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-01-27 20:33 . 2008-01-27 20:35 <REP> d-------- C:\Program Files\Nokia
2008-01-27 20:33 . 2008-01-27 20:34 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-01-26 11:49 . 2008-01-26 11:49 <REP> d--hs---- C:\WINDOWS\ftpcache
2008-01-25 22:24 . 2008-02-03 23:49 <REP> d-------- C:\Documents and Settings\Florian\Application Data\dvdcss
2008-01-25 21:57 . 2008-01-25 21:57 <REP> d-------- C:\Documents and Settings\Florian\Application Data\vlc
2008-01-25 14:29 . 2008-01-29 18:30 <REP> d-------- C:\Program Files\DartyBox Wifi
2008-01-25 14:29 . 2008-01-25 14:29 <REP> d-------- C:\Documents and Settings\Florian\Application Data\InstallShield
2008-01-25 14:29 . 2007-01-16 13:52 450,560 --a------ C:\WINDOWS\system32\drivers\WlanBZXP.sys
2008-01-25 14:29 . 2007-01-16 13:52 102,400 --a------ C:\WINDOWS\system32\W32N55.DLL
2008-01-25 14:29 . 2007-01-16 13:52 20,608 --a------ C:\WINDOWS\system32\drivers\BRGSp50.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-02 10:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-29 20:41 --------- d-----w C:\Documents and Settings\Florian\Application Data\ATI
2008-01-29 20:34 --------- d-----w C:\Program Files\ATI Technologies
2008-01-23 22:42 --------- d-----w C:\Program Files\Delux
2008-01-23 22:19 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-01-23 22:18 --------- d-----w C:\Program Files\Fichiers communs\ATI Technologies
2008-01-23 22:10 --------- d-----w C:\Program Files\ASUS
2008-01-23 22:10 --------- d-----w C:\Program Files\AMD
2008-01-23 22:09 --------- d-----w C:\Program Files\Analog Devices
2008-01-23 21:40 --------- d-----w C:\Documents and Settings\Florian\Application Data\fretsonfire
2008-01-23 21:30 --------- d-----w C:\Program Files\microsoft frontpage
2008-01-23 21:28 --------- d-----w C:\Program Files\Services en ligne
2008-01-23 21:28 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2008-01-23 21:23 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2008-01-23 21:23 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2007-12-21 03:53 2,843,136 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-12-21 02:17 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseSVN]
@={30351346-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseSVN]
@={30351347-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseSVN]
@={30351348-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseSVN]
@={3035134B-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseSVN]
@={3035134C-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseSVN]
@={3035134D-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseSVN]
@={3035134E-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_CLASSES_ROOT\CLSID\{30351346-7B7D-4FCC-81B4-1E394CA267EB}]
2008-01-05 14:03 536576 --a------ C:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{30351347-7B7D-4FCC-81B4-1E394CA267EB}]
2008-01-05 14:03 536576 --a------ C:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{30351348-7B7D-4FCC-81B4-1E394CA267EB}]
2008-01-05 14:03 536576 --a------ C:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134B-7B7D-4FCC-81B4-1E394CA267EB}]
2008-01-05 14:03 536576 --a------ C:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134C-7B7D-4FCC-81B4-1E394CA267EB}]
2008-01-05 14:03 536576 --a------ C:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134D-7B7D-4FCC-81B4-1E394CA267EB}]
2008-01-05 14:03 536576 --a------ C:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134E-7B7D-4FCC-81B4-1E394CA267EB}]
2008-01-05 14:03 536576 --a------ C:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"Steam"="c:\jeux\steam\steam.exe" [2008-01-30 12:31 1266936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 15:21 61952 C:\WINDOWS\system32\HdAShCut.exe]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 02:11 925696]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2005-09-07 15:35 716800]
"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [2004-09-22 20:00 94208]
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [2004-08-06 03:50 139320]
"Network Associates Error Reporting Service"="C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" [2003-10-07 09:48 147514]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"Windows Printing Driver"= WinPrint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mhpslinq]
mhpslinq.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk
backup=C:\WINDOWS\pss\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Florian^Menu Démarrer^Programmes^Démarrage^eMule Turbo Accelerator.lnk]
path=C:\Documents and Settings\Florian\Menu Démarrer\Programmes\Démarrage\eMule Turbo Accelerator.lnk
backup=C:\WINDOWS\pss\eMule Turbo Accelerator.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L'Assistant DartyBox]
--a------ 2007-06-05 21:15 151552 C:\Program Files\Assistant Dartybox\Upgrade_Manager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher]
--a------ 2006-11-28 01:12 2658304 C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
--a------ 2007-08-31 16:46 1460560 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

R2 MSSQL$SOPHOS;MSSQL$SOPHOS;C:\Program Files\Microsoft SQL Server\MSSQL$SOPHOS\Binn\sqlservr.exe [2002-12-17 17:26]
R3 BTCAMDRV;Mobiola Web Camera driver;C:\WINDOWS\system32\DRIVERS\BTCamDrv.sys [2006-11-01 18:45]
R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-03 23:45]
S2 SEMScheduler;Sophos Enterprise Manager Scheduler;"C:\Program Files\Sophos\SCC\schdsrvc.exe" []
S2 Sophos Certification Manager;Sophos Certification Manager;"C:\Program Files\Sophos\SCC\CertificationManagerServiceNT.exe" -background []
S2 Sophos EMLibUpdate Agent;Sophos EMLibUpdate Agent;"C:\Program Files\Sophos\SCC\Remote Management System\EMLibUpdateAgentNT.exe" -service []
S2 Sophos Management Service;Sophos Management Service;"C:\Program Files\Sophos\SCC\MgntSvc.exe" []
S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2007-01-16 13:52]
S3 SQLAgent$SOPHOS;SQLAgent$SOPHOS;C:\Program Files\Microsoft SQL Server\MSSQL$SOPHOS\Binn\sqlagent.EXE [2002-12-17 17:23]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-10 20:33:10
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Sophos Message Router]
"ImagePath"="\"C:\Program Files\Sophos\SCC\Remote Management System\RouterNT.exe\" -service -name Router -ORBListenEndpoints iiop://:8193/ssl_port=8194"
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Delux\PS2 Keyboard English Edition\keyboard.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-02-10 20:35:55 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-10 19:35:51
.
2008-01-30 23:36:36 --- E O F ---

@chrisnvidia merci aussi pour le logiciel je vais voir sa.
10 Février 2008 22:00:38

ChrisNvidia, on t'a déjà prévenu d'arrêter ce genre de post !!

Copie le texte se situant dans le cadre ci-dessous :

File::
C:\WINDOWS\system32\mhpslinq.dll
C:\WINDOWS\nsreg.dat
C:\WINDOWS\system32\WinPrint.exe
C:\WINDOWS\system32\rar.exe
C:\WINDOWS\system32\wkqyjhvn.ini

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mhpslinq]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"Windows Printing Driver"=-


Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
S'il n'y a pas de rédémarrage, poste quand même les rapports.

+++++++++++++++++++++

Fais analyser ces fichier sur ce site >> Virustotal <<

Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier : C:\WINDOWS\ativpsrm.bin
Clique maintenant sur envoyer le fichier.
Poste le rapport (De Fichier *** reçu le *** jusqu’à SHA1 : ***)

Anonyme
10 Février 2008 22:09:05

rapport 1
ComboFix 08-02.05.3 - Florian 2008-02-10 22:05:27.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1097 [GMT 1:00]
Endroit: C:\Dl\ComboFix.exe
Command switches used :: C:\Dl\CFScript.txt.txt
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

FILE
C:\WINDOWS\nsreg.dat
C:\WINDOWS\system32\mhpslinq.dll
C:\WINDOWS\system32\rar.exe
C:\WINDOWS\system32\WinPrint.exe
C:\WINDOWS\system32\wkqyjhvn.ini
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\nsreg.dat
C:\WINDOWS\system32\rar.exe
C:\WINDOWS\system32\WinPrint.exe
C:\WINDOWS\system32\wkqyjhvn.ini

.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-10 to 2008-02-10 ))))))))))))))))))))))))))))))))))))
.

2008-02-10 20:26 . 2004-08-19 16:09 400,896 --a------ C:\kmd.exe
2008-02-09 22:09 . 2008-02-09 22:09 92 --a------ C:\WINDOWS\wininit.ini
2008-02-08 23:04 . 2008-02-08 23:04 <REP> d-------- C:\Program Files\Fichiers communs\Sophos
2008-02-08 23:04 . 2008-02-08 23:04 <REP> d-------- C:\Program Files\Fichiers communs\Crystal Decisions
2008-02-08 23:04 . 2008-02-08 23:04 <REP> d-------- C:\Program Files\Crystal Decisions
2008-02-08 23:02 . 2002-12-17 16:23 33,340 --------- C:\WINDOWS\system32\dbmsqlgc.dll
2008-02-08 23:02 . 2002-10-20 14:05 24,576 --------- C:\WINDOWS\system32\dbmsgnet.dll
2008-02-08 22:59 . 2008-02-08 22:59 <REP> d-------- C:\Program Files\Microsoft SQL Server
2008-02-08 13:24 . 2008-02-09 22:23 <REP> d-------- C:\quarantine
2008-02-06 15:14 . 2008-02-06 15:15 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-02-05 23:03 . 2008-02-05 23:03 <REP> d-------- C:\Program Files\Guitar Pro 4
2008-02-05 22:58 . 2008-02-10 20:33 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-05 20:53 . 2008-02-05 20:53 <REP> d-------- C:\Program Files\Audacity
2008-02-03 21:46 . 2008-02-05 19:54 <REP> d-------- C:\Program Files\Windows Live Safety Center
2008-02-02 11:14 . 2008-02-02 11:14 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-02-02 10:58 . 2008-02-02 10:58 <REP> d-------- C:\Program Files\Alcohol Soft
2008-02-02 10:58 . 2004-04-30 09:37 160,640 --a------ C:\WINDOWS\system32\drivers\a347bus.sys
2008-02-02 10:58 . 2004-04-30 09:33 5,248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys
2008-01-31 23:03 . 2003-06-12 23:25 7,062 --a------ C:\WINDOWS\system32\audiopid.vxd
2008-01-31 23:02 . 2008-02-02 18:54 <REP> d-------- C:\Program Files\Creative
2008-01-31 23:02 . 2000-05-22 09:58 647,872 --------- C:\WINDOWS\system32\Mscomct2.ocx
2008-01-31 23:02 . 1999-10-10 18:00 41,984 --------- C:\WINDOWS\Ctregrun.exe
2008-01-31 22:58 . 2008-01-31 22:58 <REP> d-------- C:\Program Files\Mobiola Web Camera for S60 3Ed
2008-01-31 22:58 . 2006-11-01 18:45 219,264 --a------ C:\WINDOWS\system32\drivers\BTCamDrv.sys
2008-01-31 18:50 . 2008-01-31 18:50 <REP> d-------- C:\Documents and Settings\Florian\Application Data\Subversion
2008-01-31 18:49 . 2008-01-31 18:49 <REP> d-------- C:\Program Files\TortoiseSVN
2008-01-30 14:01 . 2008-01-30 14:01 <REP> d-------- C:\Program Files\vanBasco's Karaoke Player
2008-01-29 23:30 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-01-29 23:30 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-01-29 21:41 . 2008-01-29 21:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ATI
2008-01-29 21:40 . 2008-01-29 21:40 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-01-29 21:02 . 2008-01-29 21:02 <REP> d-------- C:\Program Files\ma-config.com
2008-01-29 21:02 . 2008-01-29 21:05 <REP> d-------- C:\Documents and Settings\Florian\Application Data\ma-config.com
2008-01-29 20:28 . 2008-01-29 20:28 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-01-29 20:02 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2008-01-29 20:00 . 2008-01-29 20:00 <REP> d-------- C:\Program Files\MSXML 4.0
2008-01-29 19:58 . 2008-01-29 19:58 <REP> d-------- C:\Program Files\MSXML 6.0
2008-01-29 19:55 . 2008-01-29 19:55 <REP> d-------- C:\Program Files\MSBuild
2008-01-29 19:52 . 2008-01-29 19:52 <REP> d-------- C:\WINDOWS\system32\XPSViewer
2008-01-29 19:51 . 2008-01-29 19:51 <REP> d-------- C:\Program Files\Reference Assemblies
2008-01-29 19:50 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2008-01-29 19:49 . 2008-01-29 19:49 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-01-29 19:49 . 2006-10-04 15:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-01-29 19:49 . 2006-10-04 15:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-01-29 19:49 . 2006-10-04 15:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-01-29 19:47 . 2008-01-29 20:42 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-01-29 19:47 . 2008-01-29 20:05 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-01-29 19:47 . 2008-01-29 19:48 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-01-29 19:45 . 2008-02-10 22:05 <REP> d-------- C:\Dl
2008-01-29 19:44 . 2006-08-21 10:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2008-01-29 19:44 . 2006-08-21 10:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2008-01-29 19:44 . 2006-08-21 13:26 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2008-01-29 19:37 . 2008-01-29 19:37 <REP> d-------- C:\WINDOWS\system32\URTTEMP
2008-01-29 19:35 . 2008-01-29 19:35 1,167 --a------ C:\WINDOWS\mozver.dat
2008-01-29 19:33 . 2007-07-09 14:11 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-01-29 19:16 . 2008-01-29 19:16 <REP> d-------- C:\Documents and Settings\Florian\Application Data\Talkback
2008-01-29 19:15 . 2008-01-29 23:32 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-01-29 19:14 . 2008-01-29 19:14 <REP> d--hs---- C:\Documents and Settings\Florian\UserData
2008-01-29 18:40 . 2008-01-29 18:40 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-01-29 18:40 . 2008-01-29 19:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-29 18:40 . 2008-01-29 18:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-01-29 18:39 . 2008-01-29 18:39 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-01-29 18:39 . 2008-01-29 18:39 <REP> d-------- C:\Documents and Settings\Florian\Contacts
2008-01-29 18:38 . 2008-01-29 18:38 <REP> d-------- C:\Program Files\CCleaner
2008-01-29 18:36 . 2008-01-29 18:39 <REP> d-------- C:\Program Files\Windows Live
2008-01-29 18:36 . 2008-01-29 18:39 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-29 18:36 . 2008-01-29 18:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-29 18:35 . 2008-01-29 18:40 <REP> d-------- C:\Program Files\MSN Messenger
2008-01-29 18:32 . 2008-02-10 17:06 512 --a------ C:\WINDOWS\randseed.rnd
2008-01-27 20:41 . 2008-01-27 20:41 <REP> d-------- C:\Documents and Settings\Florian\Application Data\Nokia Multimedia Player
2008-01-27 20:37 . 2008-01-28 22:34 <REP> d-------- C:\Documents and Settings\Florian\Phone Browser
2008-01-27 20:37 . 2008-01-27 20:37 <REP> d-------- C:\Documents and Settings\Florian\Application Data\Nokia
2008-01-27 20:37 . 2008-01-27 20:37 <REP> d-------- C:\Documents and Settings\Florian\Application Data\Datalayer
2008-01-27 20:34 . 2008-01-29 21:07 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-01-27 20:34 . 2008-01-27 20:34 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2008-01-27 20:34 . 2008-01-27 20:34 <REP> d-------- C:\Program Files\DIFX
2008-01-27 20:34 . 2008-01-27 20:34 <REP> d-------- C:\Documents and Settings\Florian\Application Data\PC Suite
2008-01-27 20:34 . 2008-01-27 20:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-01-27 20:34 . 2008-01-27 20:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-01-27 20:34 . 2006-05-29 08:26 127,488 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-01-27 20:34 . 2006-05-29 08:26 50,688 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-01-27 20:34 . 2006-05-29 08:26 30,720 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-01-27 20:34 . 2006-05-29 08:26 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-01-27 20:34 . 2006-05-29 08:26 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-01-27 20:34 . 2006-05-29 08:26 8,704 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-01-27 20:34 . 2006-05-29 08:26 4,608 --a------ C:\WINDOWS\system32\nmwcdlog.dll
2008-01-27 20:33 . 2008-02-05 23:03 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-01-27 20:33 . 2008-01-27 20:35 <REP> d-------- C:\Program Files\Nokia
2008-01-27 20:33 . 2008-01-27 20:34 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-01-26 11:49 . 2008-01-26 11:49 <REP> d--hs---- C:\WINDOWS\ftpcache
2008-01-25 22:24 . 2008-02-03 23:49 <REP> d-------- C:\Documents and Settings\Florian\Application Data\dvdcss
2008-01-25 21:57 . 2008-01-25 21:57 <REP> d-------- C:\Documents and Settings\Florian\Application Data\vlc
2008-01-25 14:29 . 2008-01-29 18:30 <REP> d-------- C:\Program Files\DartyBox Wifi
2008-01-25 14:29 . 2008-01-25 14:29 <REP> d-------- C:\Documents and Settings\Florian\Application Data\InstallShield
2008-01-25 14:29 . 2007-01-16 13:52 450,560 --a------ C:\WINDOWS\system32\drivers\WlanBZXP.sys
2008-01-25 14:29 . 2007-01-16 13:52 102,400 --a------ C:\WINDOWS\system32\W32N55.DLL
2008-01-25 14:29 . 2007-01-16 13:52 20,608 --a------ C:\WINDOWS\system32\drivers\BRGSp50.sys
2008-01-25 14:29 . 2007-01-16 13:52 17,664 --a------ C:\WINDOWS\system32\drivers\ZDPSp50.sys
2008-01-25 14:29 . 2007-01-16 13:52 1,162 --a------ C:\WINDOWS\system32\W32N55.INI
2008-01-25 14:27 . 2008-01-25 14:28 <REP> d-------- C:\Program Files\Assistant Dartybox

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-08 22:32 40,448 ----a-w C:\WINDOWS\system32\NTSpool.exe
2008-02-02 10:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-29 20:41 --------- d-----w C:\Documents and Settings\Florian\Application Data\ATI
2008-01-29 20:34 --------- d-----w C:\Program Files\ATI Technologies
2008-01-23 22:42 --------- d-----w C:\Program Files\Delux
2008-01-23 22:19 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-01-23 22:18 --------- d-----w C:\Program Files\Fichiers communs\ATI Technologies
2008-01-23 22:10 --------- d-----w C:\Program Files\ASUS
2008-01-23 22:10 --------- d-----w C:\Program Files\AMD
2008-01-23 22:09 --------- d-----w C:\Program Files\Analog Devices
2008-01-23 21:40 --------- d-----w C:\Documents and Settings\Florian\Application Data\fretsonfire
2008-01-23 21:30 --------- d-----w C:\Program Files\microsoft frontpage
2008-01-23 21:28 --------- d-----w C:\Program Files\Services en ligne
2008-01-23 21:28 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2008-01-23 21:23 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2008-01-23 21:23 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2007-12-21 03:53 2,843,136 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-12-21 03:09 368,640 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2007-12-21 03:08 272,384 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2007-12-21 03:02 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2007-12-21 02:59 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2007-12-21 02:59 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2007-12-21 02:59 147,456 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2007-12-21 02:59 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2007-12-21 02:58 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2007-12-21 02:57 512,000 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2007-12-21 02:56 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2007-12-21 02:53 9,826,304 ----a-w C:\WINDOWS\system32\atioglx2.dll
2007-12-21 02:47 3,120,640 ----a-w C:\WINDOWS\system32\ati3duag.dll
2007-12-21 02:36 1,661,696 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2007-12-21 02:24 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2007-12-21 02:20 5,435,392 ----a-w C:\WINDOWS\system32\atioglxx.dll
2007-12-21 02:20 385,024 ----a-w C:\WINDOWS\system32\atikvmag.dll
2007-12-21 02:18 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2007-12-21 02:17 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2007-12-21 02:15 159,744 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2007-12-21 02:11 499,712 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2007-12-20 20:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseSVN]
@={30351346-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseSVN]
@={30351347-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseSVN]
@={30351348-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseSVN]
@={3035134B-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseSVN]
@={3035134C-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseSVN]
@={3035134D-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseSVN]
@={3035134E-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_CLASSES_ROOT\CLSID\{30351346-7B7D-4FCC-81B4-1E394CA267EB}]
2008-01-05 14:03 536576 --a------ C:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{30351347-7B7D-4FCC-81B4-1E394CA267EB}]
2008-01-05 14:03 536576 --a------ C:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{30351348-7B7D-4FCC-81B4-1E394CA267EB}]
2008-01-05 14:03 536576 --a------ C:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134B-7B7D-4FCC-81B4-1E394CA267EB}]
2008-01-05 14:03 536576 --a------ C:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134C-7B7D-4FCC-81B4-1E394CA267EB}]
2008-01-05 14:03 536576 --a------ C:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134D-7B7D-4FCC-81B4-1E394CA267EB}]
2008-01-05 14:03 536576 --a------ C:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134E-7B7D-4FCC-81B4-1E394CA267EB}]
2008-01-05 14:03 536576 --a------ C:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"Steam"="c:\jeux\steam\steam.exe" [2008-01-30 12:31 1266936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 15:21 61952 C:\WINDOWS\system32\HdAShCut.exe]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 02:11 925696]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2005-09-07 15:35 716800]
"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [2004-09-22 20:00 94208]
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [2004-08-06 03:50 139320]
"Network Associates Error Reporting Service"="C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" [2003-10-07 09:48 147514]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
PS2 Keyboard English Edition.lnk - C:\Program Files\Delux\PS2 Keyboard English Edition\keyboard.exe [2008-01-23 23:42:06 245760]
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 17:23:32 74308]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk
backup=C:\WINDOWS\pss\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Florian^Menu Démarrer^Programmes^Démarrage^eMule Turbo Accelerator.lnk]
path=C:\Documents and Settings\Florian\Menu Démarrer\Programmes\Démarrage\eMule Turbo Accelerator.lnk
backup=C:\WINDOWS\pss\eMule Turbo Accelerator.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L'Assistant DartyBox]
--a------ 2007-06-05 21:15 151552 C:\Program Files\Assistant Dartybox\Upgrade_Manager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher]
--a------ 2006-11-28 01:12 2658304 C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
--a------ 2007-08-31 16:46 1460560 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

R2 MSSQL$SOPHOS;MSSQL$SOPHOS;C:\Program Files\Microsoft SQL Server\MSSQL$SOPHOS\Binn\sqlservr.exe [2002-12-17 17:26]
R3 BTCAMDRV;Mobiola Web Camera driver;C:\WINDOWS\system32\DRIVERS\BTCamDrv.sys [2006-11-01 18:45]
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2007-01-16 13:52]
R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-03 23:45]
S2 SEMScheduler;Sophos Enterprise Manager Scheduler;"C:\Program Files\Sophos\SCC\schdsrvc.exe" []
S2 Sophos Certification Manager;Sophos Certification Manager;"C:\Program Files\Sophos\SCC\CertificationManagerServiceNT.exe" -background []
S2 Sophos EMLibUpdate Agent;Sophos EMLibUpdate Agent;"C:\Program Files\Sophos\SCC\Remote Management System\EMLibUpdateAgentNT.exe" -service []
S2 Sophos Management Service;Sophos Management Service;"C:\Program Files\Sophos\SCC\MgntSvc.exe" []
S3 SQLAgent$SOPHOS;SQLAgent$SOPHOS;C:\Program Files\Microsoft SQL Server\MSSQL$SOPHOS\Binn\sqlagent.EXE [2002-12-17 17:23]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-10 22:06:31
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Sophos Message Router]
"ImagePath"="\"C:\Program Files\Sophos\SCC\Remote Management System\RouterNT.exe\" -service -name Router -ORBListenEndpoints iiop://:8193/ssl_port=8194"
.
Temps d'accomplissement: 2008-02-10 22:07:01
ComboFix-quarantined-files.txt 2008-02-10 21:06:53
ComboFix2.txt 2008-02-10 19:35:55
.
2008-01-30 23:36:36 --- E O F ---


++++++++++++++++++++++++++++++++

Par contre pour le site Virustotal, il me dis sa quand je fais envoyer : 0 bytes size received / Se ha recibido un archivo vacio.

merci
10 Février 2008 22:16:04

Tu peux ressayer une fois ? :p 
Sinon reposte un Hijackthis.
Anonyme
10 Février 2008 23:08:49

Rien a faire ton site refuse avec internet explorer et firefox

rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:08:41, on 10/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Microsoft SQL Server\MSSQL$SOPHOS\Binn\sqlservr.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Delux\PS2 Keyboard English Edition\keyboard.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\jeux\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: PS2 Keyboard English Edition.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Sophos Enterprise Manager Scheduler (SEMScheduler) - Unknown owner - C:\Program Files\Sophos\SCC\schdsrvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: Sophos Agent - Unknown owner - C:\Program Files\Sophos\SCC\Remote Management System\ManagementAgentNT.exe (file missing)
O23 - Service: Sophos Certification Manager - Unknown owner - C:\Program Files\Sophos\SCC\CertificationManagerServiceNT.exe (file missing)
O23 - Service: Sophos EMLibUpdate Agent - Unknown owner - C:\Program Files\Sophos\SCC\Remote Management System\EMLibUpdateAgentNT.exe (file missing)
O23 - Service: Sophos Management Service - Unknown owner - C:\Program Files\Sophos\SCC\MgntSvc.exe (file missing)
O23 - Service: Sophos Message Router - Unknown owner - C:\Program Files\Sophos\SCC\Remote Management System\RouterNT.exe (file missing)

--
End of file - 6362 bytes
10 Février 2008 23:20:31

ok tan pis, toujours des problèmes ?

Télécharge sur ton bureau : Clean (de Malekal) >Tuto<
Dézippe le sur ton bureau. Double-clic sur ce dossier clean.
Double-clic sur clean.cmd. (L’extension cmd peut ne pas apparaître) Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé et poste le rapport ici.
Le rapport se trouve ici : C:\rapport_clean.txt

Si tu obtiens un fichier C:\upload_moi.zip, merci de faire ceci.
Anonyme
11 Février 2008 00:13:52

Ok je fais sa demain car la il est tard, en tout cas merci bocoup de ton aide, mon pc va quand même mieux ;) .
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS