Votre question

Mes jeux se ferment tout seuls

Tags :
  • Trend micro
  • Sécurité
Dernière réponse : dans Sécurité et virus
31 Décembre 2007 12:08:51

Bonjour,
Voila mon problème est que quand je démarre un jeux il s'ouvre correctement et au bout de 5-10min il se ferme et je reviens sur le bureau.
A Quoi est-ce dût??

Autres pages sur : jeux ferment seuls

31 Décembre 2007 12:36:34

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:37, on 31/12/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\xkacierx.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\windows\explorer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\Rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\MESSEN~1\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: Shell=c:\windows\explorer.exe
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\System32\yoxiagzm.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\System32\sprt_ads.dll" DllStart
O4 - HKLM\..\Run: [50ead19c] rundll32.exe "C:\WINDOWS\System32\hloaudsb.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: C:\WINDOWS\System32\__c00BDF8.dat
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: DomainService - - C:\WINDOWS\System32\xkacierx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

--
End of file - 6545 bytes
Contenus similaires
a b 8 Sécurité
31 Décembre 2007 12:49:56

Re,

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
    Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
    31 Décembre 2007 14:39:41


    VundoFix V6.7.7

    Checking Java version...

    Scan started at 12:53:46 31/12/2007

    Listing files found while scanning....

    C:\windows\system32\__c00AAB76.dat
    C:\windows\system32\__c00BA3EF.dat
    C:\windows\system32\__c00BDF8.dat
    C:\windows\system32\__c00C9404.dat
    C:\windows\system32\avhvpatc.dll
    C:\WINDOWS\system32\bcwctwlf.dll
    C:\WINDOWS\system32\bqypriej.exe
    C:\WINDOWS\system32\bsduaolh.ini
    C:\WINDOWS\system32\eeiwyyve.dll
    C:\WINDOWS\system32\egmtfgbd.dll
    C:\WINDOWS\system32\ercgwvrt.exe
    C:\WINDOWS\system32\fdjrnuwo.exe
    C:\WINDOWS\system32\fonbcnxh.dll
    C:\WINDOWS\system32\gwhhkpix.dll
    C:\WINDOWS\system32\hgmdpbaa.exe
    C:\WINDOWS\system32\hloaudsb.dll
    C:\WINDOWS\system32\iifggda.dll
    C:\WINDOWS\system32\iufocxfl.dll
    C:\WINDOWS\system32\iujvvevk.exe
    C:\WINDOWS\system32\jaouekky.dll
    C:\WINDOWS\system32\jgtflwsl.dll
    C:\WINDOWS\system32\jikqbhbe.exe
    C:\WINDOWS\system32\klodxvpu.dll
    C:\WINDOWS\system32\krosbyue.dll
    C:\WINDOWS\system32\mttxsavo.exe
    C:\WINDOWS\system32\ncjpfdfn.exe
    C:\WINDOWS\system32\nlhibqdy.exe
    C:\WINDOWS\system32\nmxtgnud.dll
    C:\windows\system32\nnnmp.ini
    C:\windows\system32\nnnmp.ini2
    C:\WINDOWS\system32\pmnnn.dll
    C:\WINDOWS\system32\qadqcwfc.dll
    C:\WINDOWS\system32\qgotpcvh.exe
    C:\WINDOWS\system32\qgskmrbl.dll
    C:\WINDOWS\system32\qhgiwuwx.exe
    C:\WINDOWS\system32\qlasrisl.dll
    C:\WINDOWS\system32\qwdujiwn.exe
    C:\WINDOWS\system32\rhduifwf.exe
    C:\WINDOWS\system32\rhmggoxu.dll
    C:\WINDOWS\system32\riqtycoq.exe
    C:\WINDOWS\system32\rmiakhxp.dll
    C:\WINDOWS\system32\rrogsjjm.dll
    C:\WINDOWS\system32\sdwquwfj.exe
    C:\windows\system32\sjfnikgl.dll
    C:\windows\system32\smnlldth.dll
    C:\WINDOWS\system32\tfnlowja.exe
    C:\WINDOWS\system32\ucghrcrd.exe
    C:\WINDOWS\system32\ufbrhfpu.exe
    C:\WINDOWS\system32\uxufsipp.dll
    C:\WINDOWS\system32\vnudvgca.exe
    C:\WINDOWS\system32\vqewslsk.exe
    C:\WINDOWS\system32\vrdfiwhq.dll
    C:\WINDOWS\system32\wsknowos.dll
    C:\WINDOWS\system32\xbigurgp.dll
    C:\WINDOWS\system32\xfdpmpci.dll
    C:\WINDOWS\system32\xkacierx.exe
    C:\WINDOWS\system32\xxyywtq.dll
    C:\WINDOWS\System32\yoxiagzm.dll
    C:\windows\system32\yoxiagzm.dllbox
    C:\WINDOWS\system32\yqlkhgvl.dll
    C:\windows\system32\yxsuakxd.dll

    Beginning removal...

    Attempting to delete C:\windows\system32\__c00AAB76.dat
    C:\windows\system32\__c00AAB76.dat Has been deleted!

    Attempting to delete C:\windows\system32\__c00BA3EF.dat
    C:\windows\system32\__c00BA3EF.dat Has been deleted!

    Attempting to delete C:\windows\system32\__c00BDF8.dat
    C:\windows\system32\__c00BDF8.dat Has been deleted!

    Attempting to delete C:\windows\system32\__c00C9404.dat
    C:\windows\system32\__c00C9404.dat Has been deleted!

    Attempting to delete C:\windows\system32\avhvpatc.dll
    C:\windows\system32\avhvpatc.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\bcwctwlf.dll
    C:\WINDOWS\system32\bcwctwlf.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\bqypriej.exe
    C:\WINDOWS\system32\bqypriej.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\bsduaolh.ini
    C:\WINDOWS\system32\bsduaolh.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\eeiwyyve.dll
    C:\WINDOWS\system32\eeiwyyve.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\egmtfgbd.dll
    C:\WINDOWS\system32\egmtfgbd.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ercgwvrt.exe
    C:\WINDOWS\system32\ercgwvrt.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\fdjrnuwo.exe
    C:\WINDOWS\system32\fdjrnuwo.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\fonbcnxh.dll
    C:\WINDOWS\system32\fonbcnxh.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\gwhhkpix.dll
    C:\WINDOWS\system32\gwhhkpix.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hgmdpbaa.exe
    C:\WINDOWS\system32\hgmdpbaa.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hloaudsb.dll
    C:\WINDOWS\system32\hloaudsb.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\iifggda.dll
    C:\WINDOWS\system32\iifggda.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\iufocxfl.dll
    C:\WINDOWS\system32\iufocxfl.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\iujvvevk.exe
    C:\WINDOWS\system32\iujvvevk.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jaouekky.dll
    C:\WINDOWS\system32\jaouekky.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jgtflwsl.dll
    C:\WINDOWS\system32\jgtflwsl.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jikqbhbe.exe
    C:\WINDOWS\system32\jikqbhbe.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\klodxvpu.dll
    C:\WINDOWS\system32\klodxvpu.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\krosbyue.dll
    C:\WINDOWS\system32\krosbyue.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\mttxsavo.exe
    C:\WINDOWS\system32\mttxsavo.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ncjpfdfn.exe
    C:\WINDOWS\system32\ncjpfdfn.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\nlhibqdy.exe
    C:\WINDOWS\system32\nlhibqdy.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\nmxtgnud.dll
    C:\WINDOWS\system32\nmxtgnud.dll Has been deleted!

    Attempting to delete C:\windows\system32\nnnmp.ini
    C:\windows\system32\nnnmp.ini Has been deleted!

    Attempting to delete C:\windows\system32\nnnmp.ini2
    C:\windows\system32\nnnmp.ini2 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\pmnnn.dll
    C:\WINDOWS\system32\pmnnn.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qadqcwfc.dll
    C:\WINDOWS\system32\qadqcwfc.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qgotpcvh.exe
    C:\WINDOWS\system32\qgotpcvh.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qgskmrbl.dll
    C:\WINDOWS\system32\qgskmrbl.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qhgiwuwx.exe
    C:\WINDOWS\system32\qhgiwuwx.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qlasrisl.dll
    C:\WINDOWS\system32\qlasrisl.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qwdujiwn.exe
    C:\WINDOWS\system32\qwdujiwn.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rhduifwf.exe
    C:\WINDOWS\system32\rhduifwf.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rhmggoxu.dll
    C:\WINDOWS\system32\rhmggoxu.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\riqtycoq.exe
    C:\WINDOWS\system32\riqtycoq.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rmiakhxp.dll
    C:\WINDOWS\system32\rmiakhxp.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rrogsjjm.dll
    C:\WINDOWS\system32\rrogsjjm.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\sdwquwfj.exe
    C:\WINDOWS\system32\sdwquwfj.exe Has been deleted!

    Attempting to delete C:\windows\system32\sjfnikgl.dll
    C:\windows\system32\sjfnikgl.dll Has been deleted!

    Attempting to delete C:\windows\system32\smnlldth.dll
    C:\windows\system32\smnlldth.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\tfnlowja.exe
    C:\WINDOWS\system32\tfnlowja.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ucghrcrd.exe
    C:\WINDOWS\system32\ucghrcrd.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ufbrhfpu.exe
    C:\WINDOWS\system32\ufbrhfpu.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\uxufsipp.dll
    C:\WINDOWS\system32\uxufsipp.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vnudvgca.exe
    C:\WINDOWS\system32\vnudvgca.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vqewslsk.exe
    C:\WINDOWS\system32\vqewslsk.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vrdfiwhq.dll
    C:\WINDOWS\system32\vrdfiwhq.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\wsknowos.dll
    C:\WINDOWS\system32\wsknowos.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\xbigurgp.dll
    C:\WINDOWS\system32\xbigurgp.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\xfdpmpci.dll
    C:\WINDOWS\system32\xfdpmpci.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\xkacierx.exe
    C:\WINDOWS\system32\xkacierx.exe Could not be deleted.

    Attempting to delete C:\WINDOWS\system32\xxyywtq.dll
    C:\WINDOWS\system32\xxyywtq.dll Has been deleted!

    Attempting to delete C:\WINDOWS\System32\yoxiagzm.dll
    C:\WINDOWS\System32\yoxiagzm.dll Has been deleted!

    Attempting to delete C:\windows\system32\yoxiagzm.dllbox
    C:\windows\system32\yoxiagzm.dllbox Has been deleted!

    Attempting to delete C:\WINDOWS\system32\yqlkhgvl.dll
    C:\WINDOWS\system32\yqlkhgvl.dll Has been deleted!

    Attempting to delete C:\windows\system32\yxsuakxd.dll
    C:\windows\system32\yxsuakxd.dll Has been deleted!

    Performing Repairs to the registry.
    Done!

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\xkacierx.exe
    C:\WINDOWS\system32\xkacierx.exe Could not be deleted.

    Performing Repairs to the registry.
    Done!















    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:39:27, on 31/12/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\System32\xkacierx.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    c:\windows\explorer.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\System32\Rundll32.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\PROGRA~1\MESSEN~1\msmsgs.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\MSN Messenger\livecall.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    F2 - REG:system.ini: Shell=c:\windows\explorer.exe
    F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: (no name) - {AE76B889-8DB3-41F1-963D-2FF6933F6EAB} - C:\WINDOWS\System32\pmnnn.dll (file missing)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\System32\sprt_ads.dll" DllStart
    O4 - HKLM\..\Run: [50ead19c] rundll32.exe "C:\WINDOWS\System32\hloaudsb.dll",b
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O20 - AppInit_DLLs: C:\WINDOWS\System32\__c00BDF8.dat
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: DomainService - - C:\WINDOWS\System32\xkacierx.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

    --
    End of file - 7306 bytes
    a b 8 Sécurité
    31 Décembre 2007 14:41:12

    Re,

    On continue le travail.

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique combofix.exe.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt

    31 Décembre 2007 17:17:01

    ComboFix 07-12-31.4 - Propriétaire 2007-12-31 17:10:10.2 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.1.1252.1.1036.18.184 [GMT 1:00]
    Running from: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Propriétaire\Mes documents\CFScript.txt
    * Created a new restore point
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\Invité\Bureau\Live Safety Center.lnk
    C:\Documents and Settings\Invité\Bureau\Online Security Guide.lnk
    C:\Documents and Settings\Invité\Favoris\Online Security Guide.lnk
    C:\Documents and Settings\Propriétaire\Application Data\DriveCleaner Free
    C:\Documents and Settings\Propriétaire\Application Data\DriveCleaner Free\Logs\update.log
    C:\Documents and Settings\Propriétaire\Application Data\MessengerSkinner
    C:\Documents and Settings\Propriétaire\Application Data\MessengerSkinner\Userdata\defaultPack.cab
    C:\Documents and Settings\Propriétaire\Application Data\MessengerSkinner\Userdata\Install_MessengerSkinner.zip
    C:\Documents and Settings\Propriétaire\Application Data\MessengerSkinner\Userdata\languages.xml
    C:\Documents and Settings\Propriétaire\Application Data\MessengerSkinner\Userdata\languages_v2.xml
    C:\Documents and Settings\Propriétaire\Application Data\MessengerSkinner\Userdata\pack1.cab
    C:\Documents and Settings\Propriétaire\Application Data\MessengerSkinner\Userdata\seb-6022@hotmail.fr\funnyfacy\007PT.gif
    C:\Documents and Settings\Propriétaire\Application Data\MessengerSkinner\Userdata\seb-6022@hotmail.fr\funnyfacy\007PU.gif
    C:\Documents and Settings\Propriétaire\Application Data\MessengerSkinner\Userdata\seb-6022@hotmail.fr\funnyfacy\007PV.gif
    C:\Documents and Settings\Propriétaire\Application Data\MessengerSkinner\Userdata\seb-6022@hotmail.fr\funnyfacy\funnyfacy.html
    C:\Documents and Settings\Propriétaire\Bureau\Live Safety Center.lnk
    C:\Documents and Settings\Propriétaire\Bureau\Online Security Guide.lnk
    C:\Documents and Settings\Propriétaire\Favoris\Online Security Guide.lnk
    C:\Program Files\Fichiers communs\drivecleaner free
    C:\Program Files\messengerskinner
    C:\Program Files\Temporary
    C:\Program Files\Temporary\wininstall.exe
    C:\Program Files\webhancer
    C:\Program Files\webhancer\whAgent_update.exe
    C:\WINDOWS\b.exe
    C:\WINDOWS\b122.exe
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\Downloaded Program Files\UDC6V_0001_D19M0709NetInstaller.exe
    C:\WINDOWS\Fonts\a.zip
    C:\WINDOWS\Fonts\svchost.exe
    C:\WINDOWS\Help\access.cni
    C:\WINDOWS\Help\access.hp
    C:\WINDOWS\Help\mwrem.cin
    C:\WINDOWS\Help\verifier.hp
    C:\WINDOWS\mrofinu1188.exe
    C:\WINDOWS\nview.dll
    C:\WINDOWS\pack.epk
    C:\WINDOWS\sys.log
    C:\WINDOWS\system32\baeqydzp.dat
    C:\WINDOWS\system32\baeqydzp.exe
    C:\WINDOWS\system32\baeqydzp_nav.dat
    C:\WINDOWS\system32\baeqydzp_navps.dat
    C:\WINDOWS\system32\bkyitwer.ini
    C:\WINDOWS\system32\bqlcbnxpa.dat
    C:\WINDOWS\system32\bqlcbnxpa.exe
    C:\WINDOWS\system32\bqlcbnxpa_nav.dat
    C:\WINDOWS\system32\bqlcbnxpa_navps.dat
    C:\WINDOWS\system32\ctsvswyi.ini
    C:\WINDOWS\system32\drivers\atmapi.sys
    C:\WINDOWS\system32\dtppyhbe.ini
    C:\WINDOWS\system32\fbyqiquf.ini
    C:\WINDOWS\system32\goptsvas.ini
    C:\WINDOWS\system32\jiqkybxk.ini
    C:\WINDOWS\system32\lwgljoyr.ini
    C:\WINDOWS\system32\mcrh.tmp
    C:\WINDOWS\system32\moldqiyh.ini
    C:\WINDOWS\system32\mstsdsc.exe
    C:\WINDOWS\system32\myhqfosw.ini
    C:\WINDOWS\system32\nsd8.dll
    C:\WINDOWS\system32\nvrsma.dll
    C:\WINDOWS\system32\nvs2.inf
    C:\WINDOWS\system32\pgrugibx.ini
    C:\WINDOWS\system32\pmltsxqx.ini
    C:\WINDOWS\system32\pplwjfw.dat
    C:\WINDOWS\system32\pplwjfw.exe
    C:\WINDOWS\system32\pplwjfw_nav.dat
    C:\WINDOWS\system32\pplwjfw_navps.dat
    C:\WINDOWS\system32\qoppoxodz.dat
    C:\WINDOWS\system32\qoppoxodz.exe
    C:\WINDOWS\system32\qoppoxodz_nav.dat
    C:\WINDOWS\system32\qoppoxodz_navps.dat
    C:\WINDOWS\system32\rqntafos.ini
    C:\WINDOWS\system32\sprt_ads.dll
    C:\WINDOWS\system32\syvghkem.ini
    C:\WINDOWS\system32\tiuiepko.ini
    C:\WINDOWS\system32\tmwsock.dll
    C:\WINDOWS\system32\udioohdg.ini
    C:\WINDOWS\system32\wnxstlhy.ini
    C:\WINDOWS\system32\xcoqxxns.ini
    C:\WINDOWS\system32\xkacierx.exe
    C:\WINDOWS\system32\xljphpsw.ini
    C:\WINDOWS\system32\ykkeuoaj.ini
    C:\WINDOWS\system32\yskingyq.ini
    C:\WINDOWS\system32\yugsmhvb.dll
    C:\WINDOWS\Fonts\'

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .
    -------\LEGACY_DOMAINSERVICE
    -------\DomainService


    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-28 to 2007-12-31 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-31 17:08 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-12-31 12:53 . 2007-12-31 14:34 <REP> d-------- C:\VundoFix Backups
    2007-12-31 12:35 . 2007-12-31 12:35 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-30 18:42 . 2007-12-30 18:42 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2007-12-30 18:42 . 2007-12-30 18:42 1,409 --a------ C:\WINDOWS\QTFont.for
    2007-12-30 16:29 . 2007-12-30 16:29 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2007-12-30 16:29 . 2007-12-30 16:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2007-12-29 14:27 . 2007-12-29 14:27 <REP> d-------- C:\Program Files\Disney Interactive Studios
    2007-12-29 14:27 . 2007-12-29 14:29 1,374 --a------ C:\WINDOWS\disney.ini
    2007-12-28 21:06 . 2007-12-29 14:27 204 --a------ C:\WINDOWS\disneysy.ini
    2007-12-27 11:45 . 2007-12-27 18:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2007-12-26 19:15 . 2007-12-29 14:30 108,144 --a------ C:\WINDOWS\system32\CmdLineExt.dll
    2007-12-26 19:11 . 2007-12-26 19:13 <REP> d-------- C:\Program Files\Microsoft Games
    2007-12-26 19:11 . 1997-07-06 21:22 756,736 --------- C:\WINDOWS\system32\ir41_32.dll
    2007-12-26 17:28 . 2007-12-26 17:28 <REP> d-------- C:\Program Files\iTunes
    2007-12-26 17:28 . 2007-12-26 17:28 <REP> d-------- C:\Program Files\iPod
    2007-12-26 17:27 . 2007-12-26 17:27 <REP> d-------- C:\Program Files\Apple Software Update
    2007-12-26 17:27 . 2007-12-26 17:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2007-12-26 17:27 . 2007-12-26 17:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
    2007-12-18 18:25 . 2007-12-18 18:27 <REP> d-------- C:\Program Files\Dofus
    2007-12-16 15:34 . 2007-12-18 17:47 80,097 --a------ C:\WINDOWS\system32\dcads-remove.exe
    2007-12-16 15:34 . 2007-12-26 18:05 40,734 --a------ C:\WINDOWS\system32\superiorads-uninst.exe
    2007-12-11 10:57 . 2007-12-11 10:57 65,536 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
    2007-12-11 10:57 . 2007-12-11 10:57 49,152 --a------ C:\WINDOWS\system32\QuickTime.qts
    2007-12-09 12:20 . 2007-12-09 12:23 <REP> d-------- C:\Program Files\eMule
    2007-12-08 17:18 . 2007-12-08 17:18 <REP> d-------- C:\Sierra
    2007-12-07 20:02 . 2007-12-07 20:02 <REP> d-------- C:\WINDOWS\veille teck Uninstaller
    2007-12-07 20:02 . 2007-07-21 14:52 903,168 --a------ C:\WINDOWS\veille teck.scr
    2007-12-07 20:02 . 2007-07-21 14:53 495,104 --a------ C:\WINDOWS\veille teck.exe
    2007-12-07 20:02 . 2006-11-04 22:42 161,078 --a------ C:\WINDOWS\veille teck.bmp
    2007-12-07 20:02 . 2007-11-10 12:45 115,864 --a------ C:\WINDOWS\veille teck.swf
    2007-12-07 20:02 . 2006-11-12 18:55 23,558 --a------ C:\WINDOWS\veille teck.ico
    2007-12-07 20:02 . 2007-11-10 12:46 676 --a------ C:\WINDOWS\veille teck.c3
    2007-12-07 20:02 . 2007-11-10 12:46 676 --a------ C:\WINDOWS\veille teck.c1
    2007-12-07 20:02 . 2006-10-24 18:06 639 --a------ C:\WINDOWS\veille teck.c4
    2007-12-07 20:02 . 2006-10-08 20:33 0 --a------ C:\WINDOWS\veille teck.ini
    2007-12-07 15:40 . 2007-12-07 21:13 <REP> d-------- C:\Program Files\Java
    2007-12-07 15:40 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
    2007-12-07 15:39 . 2007-12-07 15:39 <REP> d-------- C:\Program Files\Fichiers communs\Java
    2007-11-21 18:10 . 2002-08-29 11:45 286,720 --a------ C:\WINDOWS\system32\msh263.drv
    2007-11-21 18:10 . 2002-08-29 11:45 50,688 --a------ C:\WINDOWS\system32\vfwwdm32.dll
    2007-11-21 18:10 . 2002-08-29 11:45 50,688 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
    2007-11-21 18:10 . 2001-08-23 17:47 45,568 --a------ C:\WINDOWS\system32\iyuv_32.dll
    2007-11-21 18:10 . 2001-08-23 17:47 45,568 --a--c--- C:\WINDOWS\system32\dllcache\iyuv_32.dll
    2007-11-21 18:10 . 2001-08-23 17:47 8,192 --a------ C:\WINDOWS\system32\tsbyuv.dll
    2007-11-21 18:10 . 2001-08-23 17:47 8,192 --a--c--- C:\WINDOWS\system32\dllcache\tsbyuv.dll
    2007-11-18 09:51 . 2007-11-18 09:51 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2007-11-18 09:49 . 2007-11-18 09:49 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
    2007-11-18 09:48 . 2007-11-18 09:48 0 --a------ C:\WINDOWS\system32\taskkill.exe
    2007-11-16 17:51 . 2007-12-21 18:20 <REP> d-------- C:\Program Files\LimeWire
    2007-11-07 15:53 . 2007-11-07 15:53 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2007-11-06 13:55 . 2007-11-06 13:55 132,608 --a------ C:\WINDOWS\mirra7.exe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-31 16:13 --------- d-----w C:\Program Files\Wanadoo
    2007-12-30 15:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-12-30 15:29 --------- d-----w C:\Program Files\Lavasoft
    2007-12-29 13:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-12-26 18:28 --------- d-----w C:\Program Files\Commandos II
    2007-12-26 16:27 --------- d-----w C:\Program Files\QuickTime
    2007-12-23 12:41 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll
    2007-12-23 12:41 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll
    2007-12-23 12:41 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll
    2007-11-21 17:10 45,888 ----a-w C:\WINDOWS\system32\drivers\PhTVTune.sys
    2007-11-21 17:10 345,024 ----a-w C:\WINDOWS\system32\drivers\Cap7134.sys
    2007-11-21 17:10 135,168 ----a-w C:\WINDOWS\system32\34api.dll
    2007-11-21 17:10 110,592 ----a-w C:\WINDOWS\system32\34com.dll
    2007-11-18 16:46 278,540 ----a-w C:\WINDOWS\Fonts\Setup.exe
    2007-11-18 16:41 25,214 ----a-w C:\Program Files\B.ico
    2007-11-18 16:41 25,214 ----a-w C:\Program Files\A.ico
    2007-11-07 14:54 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2007-11-06 12:55 561,152 ----a-w C:\WINDOWS\system32\user32.dll
    2007-10-22 17:04 52,224 ----a-w C:\WINDOWS\cm.exe
    2007-10-17 17:23 10,752 ----a-w C:\WINDOWS\system32\WhoisCL.exe
    2007-10-03 16:36 275,456 ----a-w C:\WINDOWS\system32\mtampuv.exe
    2007-09-29 06:26 335,360 ----a-w C:\WINDOWS\system32\qegzlnriz.exe
    2007-09-28 16:19 140,288 ----a-w C:\WINDOWS\oyster.exe
    2007-09-27 17:41 337,920 ----a-w C:\WINDOWS\system32\siybkwotbi.exe
    2007-09-26 16:40 330,752 ----a-w C:\WINDOWS\system32\efcuben.exe
    2007-09-19 14:18 266,240 ----a-w C:\WINDOWS\system32\oqskzs.exe
    2007-09-16 15:08 335,360 ----a-w C:\WINDOWS\system32\bifyjraufe.exe
    2007-09-15 11:36 328,704 ----a-w C:\WINDOWS\system32\ftlarviilc.exe
    2007-09-15 07:52 334,848 ----a-w C:\WINDOWS\system32\bqocgtrdb.exe
    2007-09-13 17:30 345,088 ----a-w C:\WINDOWS\system32\fwccinzt.exe
    2007-09-07 19:01 273,920 ----a-w C:\WINDOWS\system32\jnhher.exe
    2007-09-07 18:56 8,704 ----a-w C:\WINDOWS\system32\sporder.dll
    2007-09-04 09:46 275,968 ----a-w C:\WINDOWS\system32\lgwknhn.exe
    2007-09-03 08:15 336,896 ----a-w C:\WINDOWS\system32\lzcovfwwt.exe
    2007-09-02 09:55 334,336 ----a-w C:\WINDOWS\system32\iqzeixxpby.exe
    2007-05-01 08:31 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    .
    Infected C:\WINDOWS\system32\user32.dll hex repaired


    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-30 13:00 13312]
    "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 13:50 122880]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 13:44 196608]
    "MSMSGS"="C:\PROGRA~1\MESSEN~1\msmsgs.exe" [2002-08-20 15:08 1511453]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-17 15:47 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-30 21:10 344064]
    "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 13:49 20480]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 14:24 458752]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 14:14 217088]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [ ]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 10:56 286720]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]
    "50ead19c"="C:\WINDOWS\System32\hloaudsb.dll" [ ]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-08-30 13:00 13312]

    R3 Cap7134;AVerMedia, AVerTV WDM Video Capture (Silicon);C:\WINDOWS\System32\DRIVERS\Cap7134.sys [2007-11-21 18:10]
    R3 PhTVTune;Cap7134 TVTuner;C:\WINDOWS\System32\DRIVERS\PhTVTune.sys [2007-11-21 18:10]
    R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-30 13:00]
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-05-12 16:20]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\System32\DRIVERS\usbscan.sys [2002-08-29 00:48]

    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2007-12-26 16:27:34 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-31 17:13:17
    Windows 5.1.2600 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-12-31 17:15:16 - machine was rebooted [Propri‚taire]
    C:\qoobox\ComboFix-quarantined-files.txt 2007-12-31 16:15:14
















    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:16:35, on 31/12/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\PROGRA~1\MESSEN~1\msmsgs.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\MSN Messenger\livecall.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [50ead19c] rundll32.exe "C:\WINDOWS\System32\hloaudsb.dll",b
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

    --
    End of file - 6579 bytes
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS