Se connecter / S'enregistrer
Votre question

PC vérolé au secours!!!!!

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
14 Janvier 2008 19:07:24

Bonjour tout le monde et bonne année!!!
Alors voila mon PC rame comme un fou je suppose qu'il doit être vérolé jusqu'à la moelle....
Voici mon log HJT j'espère que quelqu'un pourra m'aider...
Merci d'avance!!!!

Logfile of HijackThis v1.99.1
Scan saved at 19:03:37, on 14/01/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
G:\MANETT~1\Common\SWTrayV4.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Labtec\Wireless Mouse\MulMouse.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\WlanCU.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\sebastien\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Reader\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {0D46FB99-84E0-4A6A-82A6-F512C2163E09} - C:\WINDOWS\System32\yaywtts.dll (file missing)
O2 - BHO: {6a002693-7882-6ad9-b2f4-c8b33177e344} - {443e7713-3b8c-4f2b-9da6-2887396200a6} - C:\WINDOWS\System32\cklefqrs.dll
O2 - BHO: (no name) - {5DDCE926-E487-474E-9588-2CD677F8A2FB} - C:\WINDOWS\System32\mljge.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {76A91A9D-1F7C-4FBE-A20A-BC5B05250A53} - C:\WINDOWS\System32\ssqrr.dll (file missing)
O2 - BHO: (no name) - {B9E85D85-F6EE-4655-A639-E33983612A6E} - C:\WINDOWS\System32\vtutrsr.dll
O2 - BHO: (no name) - {E0235A6C-E969-48DF-96F9-6CD20287AFF4} - C:\WINDOWS\System32\vtstt.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SideWinderTrayV4] g:\MANETT~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ujcdmjgp] rundll32.exe "C:\Program Files\ujcdmjgp\shanynoh.dll",Init
O4 - HKLM\..\Run: [cjefahqz] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\cjefahqz.dll"
O4 - HKLM\..\Run: [d0fc5205] rundll32.exe "C:\WINDOWS\System32\wnntocta.dll",b
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: TribalWeb.lnk = C:\Program Files\troud'balweb\tribalweb.exe
O4 - Startup: TribalWeb.net.lnk = ?
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Logiciel de la Souris Labtec 2.0.lnk = C:\Program Files\Labtec\Wireless Mouse\MulMouse.exe
O4 - Global Startup: 802.11g Wireless Adatper.lnk = C:\Program Files\NOBRAND\802.11 Wireless Adatper\Monitor.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Wireless Configuration Utility HW.32.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: mljge - C:\WINDOWS\System32\mljge.dll (file missing)
O20 - Winlogon Notify: ssqrr - C:\WINDOWS\System32\ssqrr.dll (file missing)
O20 - Winlogon Notify: vtutrsr - C:\WINDOWS\SYSTEM32\vtutrsr.dll
O20 - Winlogon Notify: winpnq32 - winpnq32.dll (file missing)
O20 - Winlogon Notify: yayvsqp - yayvsqp.dll (file missing)
O20 - Winlogon Notify: yaywtts - yaywtts.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe

Autres pages sur : verole secours

a b 8 Sécurité
14 Janvier 2008 20:01:07

Bonjour,

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
    Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
    14 Janvier 2008 20:37:56

    Merci j'ai fait ce que tu m'as dit. Voici le rapport Vundofix:


    VundoFix V6.7.7

    Checking Java version...

    Java version is 1.4.2.6
    Old versions of java are exploitable and should be removed.

    Java version is 1.5.0.5
    Old versions of java are exploitable and should be removed.

    Java version is 1.5.0.6
    Old versions of java are exploitable and should be removed.

    Scan started at 20:08:44 14/01/2008

    Listing files found while scanning....

    C:\WINDOWS\system32\akjvnrks.dll
    C:\WINDOWS\system32\awtsq.dll
    C:\WINDOWS\system32\awvtt.dll
    C:\WINDOWS\system32\bartpcsp.exe
    C:\WINDOWS\system32\bfdjqobo.dll
    C:\WINDOWS\system32\cbxyxyw.dll
    C:\WINDOWS\system32\cklefqrs.dll
    C:\WINDOWS\system32\ddccy.dll
    C:\windows\system32\drvdulr.dll
    C:\WINDOWS\System32\egjlm.bak1
    C:\WINDOWS\System32\egjlm.bak2
    C:\WINDOWS\System32\egjlm.ini
    C:\WINDOWS\system32\fhvvqxej.exe
    C:\WINDOWS\system32\fusxusgk.exe
    C:\WINDOWS\system32\grvbtnfs.exe
    C:\WINDOWS\system32\hxnsceat.exe
    C:\WINDOWS\system32\jbnibvvy.dll
    C:\WINDOWS\system32\jemtlcqr.dll
    C:\WINDOWS\system32\jxsopead.dll
    C:\WINDOWS\system32\mcvvsxhp.exe
    C:\WINDOWS\System32\mljge.dll
    C:\WINDOWS\system32\nscqyeno.exe
    C:\WINDOWS\system32\ognbmdvp.exe
    C:\WINDOWS\system32\pdkqhmkm.dll
    C:\WINDOWS\system32\pimeeyan.dll
    C:\WINDOWS\system32\pmjurtil.dll
    C:\WINDOWS\system32\qlgjlbta.exe
    C:\WINDOWS\system32\rpojhyvo.exe
    C:\WINDOWS\system32\spwfeypv.exe
    C:\WINDOWS\System32\ssqrr.dll
    C:\WINDOWS\system32\ssttq.dll
    C:\WINDOWS\system32\tlgaprgm.dll
    C:\WINDOWS\system32\ucgubqwi.dll
    C:\WINDOWS\system32\uhmrafrk.exe
    C:\WINDOWS\system32\weeagthi.exe
    C:\WINDOWS\system32\wnntocta.dll
    C:\WINDOWS\system32\wyouwnvy.exe
    C:\WINDOWS\system32\xlaexfwd.exe
    C:\WINDOWS\System32\yaywtts.dll
    C:\WINDOWS\System32\yuireuox.dll
    C:\WINDOWS\system32\yvtmhnxy.dll

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\akjvnrks.dll
    C:\WINDOWS\system32\akjvnrks.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\awtsq.dll
    C:\WINDOWS\system32\awtsq.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\awvtt.dll
    C:\WINDOWS\system32\awvtt.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\bartpcsp.exe
    C:\WINDOWS\system32\bartpcsp.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\bfdjqobo.dll
    C:\WINDOWS\system32\bfdjqobo.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\cbxyxyw.dll
    C:\WINDOWS\system32\cbxyxyw.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\cklefqrs.dll
    C:\WINDOWS\system32\cklefqrs.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ddccy.dll
    C:\WINDOWS\system32\ddccy.dll Has been deleted!

    Attempting to delete C:\windows\system32\drvdulr.dll
    C:\windows\system32\drvdulr.dll Has been deleted!

    Attempting to delete C:\WINDOWS\System32\egjlm.bak1
    C:\WINDOWS\System32\egjlm.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\System32\egjlm.bak2
    C:\WINDOWS\System32\egjlm.bak2 Has been deleted!

    Attempting to delete C:\WINDOWS\System32\egjlm.ini
    C:\WINDOWS\System32\egjlm.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\fhvvqxej.exe
    C:\WINDOWS\system32\fhvvqxej.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\fusxusgk.exe
    C:\WINDOWS\system32\fusxusgk.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\grvbtnfs.exe
    C:\WINDOWS\system32\grvbtnfs.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hxnsceat.exe
    C:\WINDOWS\system32\hxnsceat.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jbnibvvy.dll
    C:\WINDOWS\system32\jbnibvvy.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jemtlcqr.dll
    C:\WINDOWS\system32\jemtlcqr.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jxsopead.dll
    C:\WINDOWS\system32\jxsopead.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\mcvvsxhp.exe
    C:\WINDOWS\system32\mcvvsxhp.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\nscqyeno.exe
    C:\WINDOWS\system32\nscqyeno.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ognbmdvp.exe
    C:\WINDOWS\system32\ognbmdvp.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\pdkqhmkm.dll
    C:\WINDOWS\system32\pdkqhmkm.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\pimeeyan.dll
    C:\WINDOWS\system32\pimeeyan.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\pmjurtil.dll
    C:\WINDOWS\system32\pmjurtil.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qlgjlbta.exe
    C:\WINDOWS\system32\qlgjlbta.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rpojhyvo.exe
    C:\WINDOWS\system32\rpojhyvo.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\spwfeypv.exe
    C:\WINDOWS\system32\spwfeypv.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ssttq.dll
    C:\WINDOWS\system32\ssttq.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\tlgaprgm.dll
    C:\WINDOWS\system32\tlgaprgm.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ucgubqwi.dll
    C:\WINDOWS\system32\ucgubqwi.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\uhmrafrk.exe
    C:\WINDOWS\system32\uhmrafrk.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\weeagthi.exe
    C:\WINDOWS\system32\weeagthi.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\wnntocta.dll
    C:\WINDOWS\system32\wnntocta.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\wyouwnvy.exe
    C:\WINDOWS\system32\wyouwnvy.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\xlaexfwd.exe
    C:\WINDOWS\system32\xlaexfwd.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\yvtmhnxy.dll
    C:\WINDOWS\system32\yvtmhnxy.dll Has been deleted!

    Performing Repairs to the registry.
    Done!





    Et voici le nouveau rapport HJT:


    Logfile of HijackThis v1.99.1
    Scan saved at 20:37:02, on 14/01/2008
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\WINDOWS\system32\pctspk.exe
    C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    G:\MANETT~1\Common\SWTrayV4.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Labtec\Wireless Mouse\MulMouse.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\WlanCU.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\sebastien\Bureau\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Reader\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: {6a002693-7882-6ad9-b2f4-c8b33177e344} - {443e7713-3b8c-4f2b-9da6-2887396200a6} - C:\WINDOWS\System32\cklefqrs.dll (file missing)
    O2 - BHO: (no name) - {5DDCE926-E487-474E-9588-2CD677F8A2FB} - C:\WINDOWS\System32\mljge.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {76A91A9D-1F7C-4FBE-A20A-BC5B05250A53} - C:\WINDOWS\System32\ssqrr.dll (file missing)
    O2 - BHO: (no name) - {B9E85D85-F6EE-4655-A639-E33983612A6E} - C:\WINDOWS\System32\vtutrsr.dll
    O2 - BHO: (no name) - {E0235A6C-E969-48DF-96F9-6CD20287AFF4} - C:\WINDOWS\System32\vtstt.dll (file missing)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe /r
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SideWinderTrayV4] g:\MANETT~1\Common\SWTrayV4.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [ujcdmjgp] rundll32.exe "C:\Program Files\ujcdmjgp\shanynoh.dll",Init
    O4 - HKLM\..\Run: [cjefahqz] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\cjefahqz.dll"
    O4 - HKLM\..\Run: [d0fc5205] rundll32.exe "C:\WINDOWS\System32\wnntocta.dll",b
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: TribalWeb.lnk = C:\Program Files\troud'balweb\tribalweb.exe
    O4 - Startup: TribalWeb.net.lnk = ?
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: Logiciel de la Souris Labtec 2.0.lnk = C:\Program Files\Labtec\Wireless Mouse\MulMouse.exe
    O4 - Global Startup: 802.11g Wireless Adatper.lnk = C:\Program Files\NOBRAND\802.11 Wireless Adatper\Monitor.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Wireless Configuration Utility HW.32.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O18 - Filter: text/html - (no CLSID) - (no file)
    O20 - Winlogon Notify: mljge - C:\WINDOWS\System32\mljge.dll (file missing)
    O20 - Winlogon Notify: ssqrr - C:\WINDOWS\System32\ssqrr.dll (file missing)
    O20 - Winlogon Notify: vtutrsr - C:\WINDOWS\SYSTEM32\vtutrsr.dll
    O20 - Winlogon Notify: winpnq32 - winpnq32.dll (file missing)
    O20 - Winlogon Notify: yayvsqp - yayvsqp.dll (file missing)
    O20 - Winlogon Notify: yaywtts - yaywtts.dll (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe

    Voila en te remerciant d'avance!!!!


    De plus je suis infecté par le WIN32 TratBHO.... Avast n'arrive pas à s'en défaire...
    Contenus similaires
    a b 8 Sécurité
    14 Janvier 2008 20:40:07

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    14 Janvier 2008 21:09:17

    Voici le rapport de combofix comme tu me l'a demandé..; Merci d'avance!!!

    ComboFix 08-01-15.1 - sebastien 2008-01-14 20:56:52.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.1.1252.1.1036.18.434 [GMT 1:00]
    Running from: C:\Documents and Settings\sebastien\Bureau\ComboFix.exe
    * Created a new restore point

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\check_LSA7.txt
    C:\Program Files\Fichiers communs\download
    C:\Program Files\Fichiers communs\inetget
    C:\Program Files\Fichiers communs\inetget2
    C:\Program Files\inetget2
    C:\Program Files\inetget2\webhost2.exe
    C:\Program Files\SecCenter
    C:\Program Files\SecCenter\scprot4.exe
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\drsmartloadb1.dat
    C:\WINDOWS\enewsletterpro1.dat
    C:\WINDOWS\msresearch1.dat
    C:\WINDOWS\system32\_005289_.tmp.dll
    C:\WINDOWS\system32\_005291_.tmp.dll
    C:\WINDOWS\system32\_005299_.tmp.dll
    C:\WINDOWS\system32\_005300_.tmp.dll
    C:\WINDOWS\system32\_005301_.tmp.dll
    C:\WINDOWS\system32\_005303_.tmp.dll
    C:\WINDOWS\system32\_005304_.tmp.dll
    C:\WINDOWS\system32\_005307_.tmp.dll
    C:\WINDOWS\system32\_005308_.tmp.dll
    C:\WINDOWS\system32\_005317_.tmp.dll
    C:\WINDOWS\system32\_005322_.tmp.dll
    C:\WINDOWS\system32\_005324_.tmp.dll
    C:\WINDOWS\system32\_005327_.tmp.dll
    C:\WINDOWS\system32\_005330_.tmp.dll
    C:\WINDOWS\system32\_005332_.tmp.dll
    C:\WINDOWS\system32\_005333_.tmp.dll
    C:\WINDOWS\system32\_005338_.tmp.dll
    C:\WINDOWS\system32\_005339_.tmp.dll
    C:\WINDOWS\system32\_005340_.tmp.dll
    C:\WINDOWS\system32\_005344_.tmp.dll
    C:\WINDOWS\system32\atcotnnw.ini
    C:\WINDOWS\system32\bthfhofc.ini
    C:\WINDOWS\system32\cpxbvxft.ini
    C:\WINDOWS\system32\dhjktutj.ini
    C:\WINDOWS\system32\gurardyo.ini
    C:\WINDOWS\system32\hkvtsupq.ini
    C:\WINDOWS\system32\hoirjtqa.dll
    C:\WINDOWS\system32\hxcforfi.ini
    C:\WINDOWS\system32\ivhiider.ini
    C:\WINDOWS\system32\mcrh.tmp
    C:\WINDOWS\system32\mptcficd.ini
    C:\WINDOWS\system32\plugin1.dat
    C:\WINDOWS\system32\rkxfbwrl.ini
    C:\WINDOWS\system32\SysPr.prx
    C:\WINDOWS\system32\system
    C:\WINDOWS\system32\system\msxml4.dll
    C:\WINDOWS\system32\system\msxml4r.dll
    C:\WINDOWS\system32\ttstv.bak1
    C:\WINDOWS\system32\ttstv.bak2
    C:\WINDOWS\system32\ttstv.ini
    C:\WINDOWS\system32\urvuxlqt.ini
    C:\WINDOWS\system32\wnstscc.exe
    C:\WINDOWS\system32\xgwhidcp.ini
    C:\WINDOWS\system32\xkqsesyi.dll
    C:\WINDOWS\system32\yemnkimw.ini
    C:\WINDOWS\timessquare1.dat
    C:\WINDOWS\winsysupd1.dat

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .
    -------\LEGACY_DOMAINSERVICE
    -------\LEGACY_POWERMANAGER
    -------\LEGACY_RDRIV
    -------\PowerManager


    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-15 to 2008-01-15 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-14 20:56 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2008-01-14 20:08 . 2008-01-14 20:29 <REP> d-------- C:\VundoFix Backups
    2008-01-14 14:15 . 2008-01-14 14:15 <REP> d-------- C:\Documents and Settings\sebastien\Application Data\Shareaza
    2008-01-09 14:34 . 2005-05-27 09:23 2,180,096 --a------ C:\WINDOWS\system32\drivers\lvsvf2.sys
    2008-01-09 14:30 . 2003-03-18 22:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
    2008-01-09 14:30 . 2003-03-18 21:14 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
    2008-01-09 14:30 . 2003-02-21 05:42 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
    2008-01-09 14:30 . 2005-07-19 17:31 53,248 -ra------ C:\WINDOWS\system32\InstMed.exe
    2008-01-09 12:30 . 2008-01-12 20:02 <REP> d-------- C:\Documents and Settings\sebastien\amsn
    2008-01-09 12:29 . 2008-01-09 12:30 <REP> d-------- C:\Program Files\aMSN
    2008-01-08 10:18 . 2008-01-08 10:43 <REP> d-------- C:\Documents and Settings\sebastien\Application Data\.purple
    2008-01-06 19:36 . 2008-01-06 19:36 75,840 --a------ C:\WINDOWS\system32\puhjfhru.dll
    2007-12-28 18:54 . 2008-01-08 09:53 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2007-12-28 18:54 . 2007-12-28 18:54 1,409 --a------ C:\WINDOWS\QTFont.for
    2007-12-22 17:08 . 2007-12-23 22:19 <REP> d-------- C:\Program Files\Azureus
    2007-12-22 15:45 . 2007-12-22 15:45 39,936 --a------ C:\WINDOWS\system32\iifcaaw.dll
    2007-12-18 17:52 . 2007-12-18 17:52 39,936 --a------ C:\WINDOWS\system32\vtutrsr.dll
    2007-12-17 22:08 . 2008-01-09 12:19 <REP> d-------- C:\WINDOWS\SxsCaPendDel
    2007-12-17 21:34 . 2008-01-08 09:50 <REP> d-------- C:\Documents and Settings\sebastien\Contacts
    2007-12-17 21:33 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
    2007-12-17 21:33 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
    2007-12-17 21:33 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
    2007-12-17 21:32 . 2007-12-17 21:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
    2007-12-17 21:32 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
    2007-12-17 21:32 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
    2007-12-17 21:32 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
    2007-12-17 21:32 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
    2007-12-17 21:31 . 2008-01-08 10:05 <REP> d-------- C:\Program Files\Windows Live Toolbar
    2007-12-17 21:31 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-15 20:00 --------- d-----w C:\Documents and Settings\sebastien\Application Data\Azureus
    2008-01-14 17:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-01-14 13:15 --------- d-----w C:\Program Files\Shareaza
    2008-01-09 14:15 --------- d-----w C:\Program Files\Services en ligne
    2008-01-09 13:30 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-01-09 13:29 --------- d-----w C:\Program Files\Logitech
    2008-01-08 09:43 --------- d-----w C:\Documents and Settings\sebastien\Application Data\.purple
    2007-12-27 16:57 --------- d-----w C:\Program Files\Java
    2007-12-22 14:45 --------- d-----w C:\Program Files\Lldjmhpi
    2007-12-14 20:57 --------- d-----w C:\Program Files\Alice
    2007-12-12 19:17 15,781 ----a-w C:\WINDOWS\system32\drivers\mdc8021x.sys
    2007-12-12 19:15 --------- d-----w C:\Program Files\NOBRAND
    2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
    2005-07-09 02:44 777 -c--a-w C:\Program Files\trial_setup.ini
    2005-07-09 02:44 5,137,920 -c--a-w C:\Program Files\trial_setup.msi
    2005-07-09 02:44 40,448 -c--a-w C:\Program Files\trial_setup.exe
    2005-05-11 16:42 371,456 ----a-w C:\Documents and Settings\sebastien\Application Data\tvmknwrd.dll
    2004-07-22 09:51 3,432,656 -c--a-w C:\Program Files\ManagedDX.CAB
    2004-07-19 21:58 1,156,363 -c--a-w C:\Program Files\BDANT.cab
    2004-07-19 21:53 976,020 -c--a-w C:\Program Files\BDAXP.cab
    2004-07-09 13:17 13,265,040 -c--a-w C:\Program Files\dxnt.cab
    2004-07-09 08:13 703,080 -c--a-w C:\Program Files\BDA.cab
    2004-07-09 03:08 472,576 -c--a-w C:\Program Files\dxsetup.exe
    2004-07-09 03:08 2,242,560 -c--a-w C:\Program Files\dsetup32.dll
    2004-07-09 02:03 62,976 -c--a-w C:\Program Files\DSETUP.dll
    2005-11-09 09:16 262,802 --sh--w C:\WINDOWS\system32\qpqss.bak1
    2007-07-06 16:02 6,369 --sh--w C:\WINDOWS\system32\rrqss.bak1
    2007-07-29 17:15 766,281 --sh--w C:\WINDOWS\system32\rrqss.bak2
    2005-03-17 16:15 177 -csha-r C:\WINDOWS\system32\Systam driver\hidf.bat
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{443e7713-3b8c-4f2b-9da6-2887396200a6}]
    C:\WINDOWS\System32\cklefqrs.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5DDCE926-E487-474E-9588-2CD677F8A2FB}]
    C:\WINDOWS\System32\mljge.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{76A91A9D-1F7C-4FBE-A20A-BC5B05250A53}]
    C:\WINDOWS\System32\ssqrr.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B9E85D85-F6EE-4655-A639-E33983612A6E}]
    2007-12-18 17:52 39936 --a------ C:\WINDOWS\system32\vtutrsr.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E0235A6C-E969-48DF-96F9-6CD20287AFF4}]
    C:\WINDOWS\System32\vtstt.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 10:45 13312]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
    "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2008-01-01 17:49 4739072]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTSysVol"="C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe" [2003-05-02 08:53 57344]
    "AtiPTA"="atiptaxx.exe" [2006-02-22 02:05 344064 C:\WINDOWS\system32\atiptaxx.exe]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
    "SideWinderTrayV4"="g:\MANETT~1\Common\SWTrayV4.exe" [2000-06-02 18:07 24650]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-03-29 02:07 180269]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [ ]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd.exe" [2003-06-25 10:24 49152]
    "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-06-26 17:50 212992]
    "d0fc5205"="C:\WINDOWS\System32\wnntocta.dll" [ ]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-11-10 19:10 98304]
    "LVCOMSX"="C:\WINDOWS\System32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-08-29 10:45 13312]
    "SVCH Service"="svch32.pif" []

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunServices]
    "SVCH Service"="svch32.pif" []

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
    "1"= C:\WINDOWS\System32\service\explorer.exe

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{B9E85D85-F6EE-4655-A639-E33983612A6E}"= C:\WINDOWS\system32\vtutrsr.dll [2007-12-18 17:52 39936]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljge]
    C:\WINDOWS\System32\mljge.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqrr]
    C:\WINDOWS\System32\ssqrr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtutrsr]
    vtutrsr.dll 2007-12-18 17:52 39936 C:\WINDOWS\system32\vtutrsr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winpnq32]
    winpnq32.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yayvsqp]
    yayvsqp.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yaywtts]
    yaywtts.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification Packages REG_MULTI_SZ :\WINDOW

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
    backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Amen Help]
    C:\DOCUME~1\SEBAST~1\APPLIC~1\MAPIDO~1\WayHtm.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
    C:\Program Files\DAEMON Tools\daemon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
    -ra------ 2001-07-09 10:50 190976 C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SemanticInsight]
    C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
    --a------ 2008-01-01 17:49 4739072 C:\Program Files\Shareaza\Shareaza.exe

    R1 atitray;atitray;C:\Program Files\Radeon Omega Drivers\v2.6.87\ATI Tray Tools\atitray.sys [2005-10-14 11:53]
    R1 moufiltr;Mouse Filter Driver;C:\WINDOWS\System32\drivers\moufiltr.sys [2003-01-23 14:29]
    R1 UsbFltr;WayTechUSBFilterDriver;C:\WINDOWS\System32\drivers\UsbFltr.sys [2003-02-19 10:02]
    R2 Pctspk;PCTEL Speaker Phone;C:\WINDOWS\system32\pctspk.exe [2001-08-23 16:47]
    R3 WN6201;Wireless Network Adapter Service;C:\WINDOWS\System32\DRIVERS\WN6201.sys [2005-06-17 06:40]
    S3 alcan5ln;SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);C:\WINDOWS\System32\DRIVERS\alcan5ln.sys [2003-12-08 11:53]
    S3 cdspacex;cdspacex;C:\WINDOWS\System32\DRIVERS\CDSPACEX.sys [2003-07-31 14:13]
    S3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\System32\DRIVERS\LV532AV.SYS [2005-01-31 11:13]
    S3 Ptserlp;PCTEL Serial Device Driver for PCI;C:\WINDOWS\System32\DRIVERS\ptserlp.sys [2001-08-17 20:28]
    S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;C:\WINDOWS\System32\DRIVERS\sis163u.sys [2004-12-31 16:46]
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\System32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\System32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
    S3 TwoRabts;Two Rabbits Live Bus;C:\WINDOWS\System32\DRIVERS\TwoRabts.sys []
    S3 wlanndi5;wlanndi5 NDIS Protocol Driver;C:\WINDOWS\System32\wlanndi5.SYS [2004-04-21 16:51]
    S4 Host Services;Host Services;"C:\WINDOWS\svhosts.exe" []
    S4 MicroSoft Media Tools;MicroSoft Media Tools;"C:\WINDOWS\msmedia.exe" []
    S4 SMSS;SMSS;"C:\WINDOWS\smss.exe" []
    S4 sp2pnpfix;Plug-n-Play SP2 Fix;"C:\WINDOWS\system32\pnpsp2fix.exe" []

    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2008-01-03 18:47:10 C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#hp psc 1300 series#1180892715.job"
    - C:\Program Files\HP\hpcoretech\comp\hpdarc.exe0/#Hewlett-Packard#hp psc 1300 series#1180892715
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-15 21:03:33
    Windows 5.1.2600 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    C:\WINDOWS\system32\drivers\fdcaudsl.sys 12288 bytes executable

    scan completed successfully
    hidden files: 1

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Srvndpl]
    "ImagePath"="\??\C:\WINDOWS\System32\drivers\fdcaudsl.sys"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    PROCESS: C:\WINDOWS\system32\winlogon.exe
    -> C:\WINDOWS\system32\vtutrsr.dll

    PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2800.1106]
    -> C:\WINDOWS\system32\vtutrsr.dll
    -> C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
    .
    Completion time: 2008-01-15 21:05:21 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-01-15 20:05:19
    a b 8 Sécurité
    14 Janvier 2008 21:49:08

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    Driver::
    SMSS
    MicroSoft Media Tools
    sp2pnpfix
    Host Services

    File::
    C:\WINDOWS\system32\InstMed.exe
    C:\WINDOWS\system32\puhjfhru.dll
    C:\WINDOWS\system32\iifcaaw.dll
    C:\WINDOWS\system32\vtutrsr.dll
    C:\Program Files\trial_setup.ini
    C:\Program Files\trial_setup.msi
    C:\Program Files\trial_setup.exe
    C:\WINDOWS\system32\qpqss.bak1
    C:\WINDOWS\system32\rrqss.bak1
    C:\WINDOWS\system32\rrqss.bak2
    C:\WINDOWS\System32\wnntocta.dll
    C:\WINDOWS\System32\service\explorer.exe
    C:\WINDOWS\smss.exe
    C:\WINDOWS\msmedia.exe
    C:\WINDOWS\system32\pnpsp2fix.exe
    C:\WINDOWS\svhosts.exe

    Folder::
    C:\Program Files\Lldjmhpi

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{443e7713-3b8c-4f2b-9da6-2887396200a6}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5DDCE926-E487-474E-9588-2CD677F8A2FB}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{76A91A9D-1F7C-4FBE-A20A-BC5B05250A53}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B9E85D85-F6EE-4655-A639-E33983612A6E}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E0235A6C-E969-48DF-96F9-6CD20287AFF4}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "d0fc5205"=-
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "SVCH Service"=-
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunServices]
    "SVCH Service"=-
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
    "1"=-
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljge] [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqrr] [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtutrsr] [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winpnq32]
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yayvsqp]
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yaywtts]


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    14 Janvier 2008 22:10:52

    Voici le rapport Combofix


    ComboFix 08-01-15.1 - sebastien 2008-01-15 21:58:49.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.1.1252.1.1036.18.275 [GMT 1:00]
    Running from: C:\Documents and Settings\sebastien\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\sebastien\Bureau\CFScript.txt
    * Created a new restore point

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

    FILE
    C:\Program Files\trial_setup.exe
    C:\Program Files\trial_setup.ini
    C:\Program Files\trial_setup.msi
    C:\WINDOWS\msmedia.exe
    C:\WINDOWS\smss.exe
    C:\WINDOWS\svhosts.exe
    C:\WINDOWS\system32\iifcaaw.dll
    C:\WINDOWS\system32\InstMed.exe
    C:\WINDOWS\system32\pnpsp2fix.exe
    C:\WINDOWS\system32\puhjfhru.dll
    C:\WINDOWS\system32\qpqss.bak1
    C:\WINDOWS\system32\rrqss.bak1
    C:\WINDOWS\system32\rrqss.bak2
    C:\WINDOWS\System32\service\explorer.exe
    C:\WINDOWS\system32\vtutrsr.dll
    C:\WINDOWS\System32\wnntocta.dll
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\Lldjmhpi
    C:\Program Files\trial_setup.exe
    C:\Program Files\trial_setup.ini
    C:\Program Files\trial_setup.msi
    C:\WINDOWS\system32\iifcaaw.dll
    C:\WINDOWS\system32\InstMed.exe
    C:\WINDOWS\system32\puhjfhru.dll
    C:\WINDOWS\system32\qpqss.bak1
    C:\WINDOWS\system32\rrqss.bak1
    C:\WINDOWS\system32\rrqss.bak2
    C:\WINDOWS\system32\vtutrsr.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .
    -------\LEGACY_HOST_SERVICES
    -------\LEGACY_MICROSOFT_MEDIA_TOOLS
    -------\LEGACY_SMSS
    -------\LEGACY_SP2PNPFIX
    -------\Host Services
    -------\MicroSoft Media Tools
    -------\SMSS
    -------\sp2pnpfix


    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-15 to 2008-01-15 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-14 20:56 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2008-01-14 20:08 . 2008-01-14 20:29 <REP> d-------- C:\VundoFix Backups
    2008-01-14 14:15 . 2008-01-14 14:15 <REP> d-------- C:\Documents and Settings\sebastien\Application Data\Shareaza
    2008-01-09 14:34 . 2005-05-27 09:23 2,180,096 --a------ C:\WINDOWS\system32\drivers\lvsvf2.sys
    2008-01-09 14:30 . 2003-03-18 22:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
    2008-01-09 14:30 . 2003-03-18 21:14 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
    2008-01-09 14:30 . 2003-02-21 05:42 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
    2008-01-09 12:30 . 2008-01-12 20:02 <REP> d-------- C:\Documents and Settings\sebastien\amsn
    2008-01-09 12:29 . 2008-01-09 12:30 <REP> d-------- C:\Program Files\aMSN
    2008-01-08 10:18 . 2008-01-08 10:43 <REP> d-------- C:\Documents and Settings\sebastien\Application Data\.purple
    2007-12-28 18:54 . 2008-01-08 09:53 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2007-12-28 18:54 . 2007-12-28 18:54 1,409 --a------ C:\WINDOWS\QTFont.for
    2007-12-22 17:08 . 2007-12-23 22:19 <REP> d-------- C:\Program Files\Azureus
    2007-12-17 22:08 . 2008-01-09 12:19 <REP> d-------- C:\WINDOWS\SxsCaPendDel
    2007-12-17 21:34 . 2008-01-08 09:50 <REP> d-------- C:\Documents and Settings\sebastien\Contacts
    2007-12-17 21:33 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
    2007-12-17 21:33 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
    2007-12-17 21:33 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
    2007-12-17 21:32 . 2007-12-17 21:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
    2007-12-17 21:32 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
    2007-12-17 21:32 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
    2007-12-17 21:32 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
    2007-12-17 21:32 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
    2007-12-17 21:31 . 2008-01-08 10:05 <REP> d-------- C:\Program Files\Windows Live Toolbar
    2007-12-17 21:31 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-15 21:03 --------- d-----w C:\Documents and Settings\sebastien\Application Data\Azureus
    2008-01-14 17:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-01-14 13:15 --------- d-----w C:\Program Files\Shareaza
    2008-01-09 14:15 --------- d-----w C:\Program Files\Services en ligne
    2008-01-09 13:30 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-01-09 13:29 --------- d-----w C:\Program Files\Logitech
    2008-01-08 09:43 --------- d-----w C:\Documents and Settings\sebastien\Application Data\.purple
    2007-12-27 16:57 --------- d-----w C:\Program Files\Java
    2007-12-14 20:57 --------- d-----w C:\Program Files\Alice
    2007-12-12 19:17 15,781 ----a-w C:\WINDOWS\system32\drivers\mdc8021x.sys
    2007-12-12 19:15 --------- d-----w C:\Program Files\NOBRAND
    2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
    2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
    2005-05-11 16:42 371,456 ----a-w C:\Documents and Settings\sebastien\Application Data\tvmknwrd.dll
    2004-07-22 09:51 3,432,656 -c--a-w C:\Program Files\ManagedDX.CAB
    2004-07-19 21:58 1,156,363 -c--a-w C:\Program Files\BDANT.cab
    2004-07-19 21:53 976,020 -c--a-w C:\Program Files\BDAXP.cab
    2004-07-17 21:55 460,728 ----a-w C:\WINDOWS\Fonts\SET3F1.tmp
    2004-07-17 21:55 383,140 ----a-w C:\WINDOWS\Fonts\SET3F0.tmp
    2004-07-17 21:55 355,436 -c--a-w C:\WINDOWS\Fonts\SET3EF.tmp
    2004-07-17 10:39 409,280 ----a-w C:\WINDOWS\Fonts\SET3EE.tmp
    2004-07-17 10:39 398,372 ----a-w C:\WINDOWS\Fonts\SET3ED.tmp
    2004-07-17 10:39 367,112 ----a-w C:\WINDOWS\Fonts\SET3F4.tmp
    2004-07-17 10:39 352,224 ----a-w C:\WINDOWS\Fonts\SET3F3.tmp
    2004-07-17 10:39 127,596 ----a-w C:\WINDOWS\Fonts\SET3F2.tmp
    2004-07-09 13:17 13,265,040 -c--a-w C:\Program Files\dxnt.cab
    2004-07-09 08:13 703,080 -c--a-w C:\Program Files\BDA.cab
    2004-07-09 03:08 472,576 -c--a-w C:\Program Files\dxsetup.exe
    2004-07-09 03:08 2,242,560 -c--a-w C:\Program Files\dsetup32.dll
    2004-07-09 02:03 62,976 -c--a-w C:\Program Files\DSETUP.dll
    2005-03-17 16:15 177 -csha-r C:\WINDOWS\system32\Systam driver\hidf.bat
    .

    ((((((((((((((((((((((((((((( snapshot@2008-01-15_21.05.08.82 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-01-14 19:56:46 516,096 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\ntuser.dat
    + 2008-01-15 20:58:39 516,096 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\ntuser.dat
    - 2008-01-14 19:56:46 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
    + 2008-01-15 20:58:39 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
    - 2008-01-14 19:56:46 516,096 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\ntuser.dat
    + 2008-01-15 20:58:39 6,647,808 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\ntuser.dat
    - 2008-01-14 19:56:46 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
    + 2008-01-15 20:58:39 180,224 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
    - 2008-01-14 19:56:46 6,647,808 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat
    + 2008-01-15 20:58:39 516,096 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat
    - 2008-01-14 19:56:46 180,224 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
    + 2008-01-15 20:58:39 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
    - 2008-01-14 19:56:50 278,528 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    + 2008-01-15 20:58:45 278,528 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
    + 2008-01-15 21:04:26 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5a8.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 10:45 13312]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
    "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2008-01-01 17:49 4739072]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTSysVol"="C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe" [2003-05-02 08:53 57344]
    "AtiPTA"="atiptaxx.exe" [2006-02-22 02:05 344064 C:\WINDOWS\system32\atiptaxx.exe]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
    "SideWinderTrayV4"="g:\MANETT~1\Common\SWTrayV4.exe" [2000-06-02 18:07 24650]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-03-29 02:07 180269]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [ ]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd.exe" [2003-06-25 10:24 49152]
    "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-06-26 17:50 212992]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-11-10 19:10 98304]
    "LVCOMSX"="C:\WINDOWS\System32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-08-29 10:45 13312]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljge]
    C:\WINDOWS\System32\mljge.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqrr]
    C:\WINDOWS\System32\ssqrr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtutrsr]
    vtutrsr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winpnq32]
    winpnq32.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification Packages REG_MULTI_SZ :\WINDOW

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
    backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Amen Help]
    C:\DOCUME~1\SEBAST~1\APPLIC~1\MAPIDO~1\WayHtm.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
    C:\Program Files\DAEMON Tools\daemon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
    -ra------ 2001-07-09 10:50 190976 C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SemanticInsight]
    C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
    --a------ 2008-01-01 17:49 4739072 C:\Program Files\Shareaza\Shareaza.exe

    R1 atitray;atitray;C:\Program Files\Radeon Omega Drivers\v2.6.87\ATI Tray Tools\atitray.sys [2005-10-14 11:53]
    R1 moufiltr;Mouse Filter Driver;C:\WINDOWS\System32\drivers\moufiltr.sys [2003-01-23 14:29]
    R1 UsbFltr;WayTechUSBFilterDriver;C:\WINDOWS\System32\drivers\UsbFltr.sys [2003-02-19 10:02]
    R2 Pctspk;PCTEL Speaker Phone;C:\WINDOWS\system32\pctspk.exe [2001-08-23 16:47]
    R3 WN6201;Wireless Network Adapter Service;C:\WINDOWS\System32\DRIVERS\WN6201.sys [2005-06-17 06:40]
    S3 alcan5ln;SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);C:\WINDOWS\System32\DRIVERS\alcan5ln.sys [2003-12-08 11:53]
    S3 cdspacex;cdspacex;C:\WINDOWS\System32\DRIVERS\CDSPACEX.sys [2003-07-31 14:13]
    S3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\System32\DRIVERS\LV532AV.SYS [2005-01-31 11:13]
    S3 Ptserlp;PCTEL Serial Device Driver for PCI;C:\WINDOWS\System32\DRIVERS\ptserlp.sys [2001-08-17 20:28]
    S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;C:\WINDOWS\System32\DRIVERS\sis163u.sys [2004-12-31 16:46]
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\System32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\System32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
    S3 TwoRabts;Two Rabbits Live Bus;C:\WINDOWS\System32\DRIVERS\TwoRabts.sys []
    S3 wlanndi5;wlanndi5 NDIS Protocol Driver;C:\WINDOWS\System32\wlanndi5.SYS [2004-04-21 16:51]

    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2008-01-03 18:47:10 C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#hp psc 1300 series#1180892715.job"
    - C:\Program Files\HP\hpcoretech\comp\hpdarc.exe0/#Hewlett-Packard#hp psc 1300 series#1180892715
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-15 22:05:10
    Windows 5.1.2600 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    C:\WINDOWS\system32\drivers\fdcaudsl.sys 12288 bytes executable

    scan completed successfully
    hidden files: 1

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Srvndpl]
    "ImagePath"="\??\C:\WINDOWS\System32\drivers\fdcaudsl.sys"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2800.1106]
    -> C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
    .
    Completion time: 2008-01-15 22:07:18 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-01-15 21:07:15
    ComboFix2.txt 2008-01-15 20:05:22




    Et voici le rapport HJT


    Logfile of HijackThis v1.99.1
    Scan saved at 22:10:40, on 15/01/2008
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    G:\MANETT~1\Common\SWTrayV4.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Labtec\Wireless Mouse\MulMouse.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\WlanCU.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\WINDOWS\system32\pctspk.exe
    C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\sebastien\Bureau\HijackThis.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Reader\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe /r
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SideWinderTrayV4] g:\MANETT~1\Common\SWTrayV4.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: TribalWeb.lnk = C:\Program Files\troud'balweb\tribalweb.exe
    O4 - Startup: TribalWeb.net.lnk = ?
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: Logiciel de la Souris Labtec 2.0.lnk = C:\Program Files\Labtec\Wireless Mouse\MulMouse.exe
    O4 - Global Startup: 802.11g Wireless Adatper.lnk = C:\Program Files\NOBRAND\802.11 Wireless Adatper\Monitor.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Wireless Configuration Utility HW.32.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O20 - Winlogon Notify: mljge - C:\WINDOWS\System32\mljge.dll (file missing)
    O20 - Winlogon Notify: ssqrr - C:\WINDOWS\System32\ssqrr.dll (file missing)
    O20 - Winlogon Notify: vtutrsr - vtutrsr.dll (file missing)
    O20 - Winlogon Notify: winpnq32 - winpnq32.dll (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe

    Merci d'avance!!!
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS